Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CPAM implementation with only SC 2.0

lionelrl
New Contributor III
New Contributor III

‎04/13/2023 02:30 PM

We are trying to implement CPAM to protect workloads in GCP, AWS , Azure & on-perm. Saviynt SC 2.0 client is already deployed. Can we do discovery & bootstrapping automatically or should we be using Saviynt Discovery tool to scan & onboard ?

 

Labels:
0 Kudos
6 REPLIES 6

hemantsaviynt
Saviynt Employee
Saviynt Employee

‎04/18/2023 09:26 AM

Is PAM modile activated in your environment? Have you completed the initial setup for Vault, MasterConnection, PAMCONFIG, Bootstrap jobs?

0 Kudos

lionelrl
New Contributor III
New Contributor III
In response to hemantsaviynt

‎04/18/2023 09:30 AM

We are currently on hold at the masterconnection & PAMconfig , connection to targets via SC2.0 is failing with connection timeout and we are working with support. 

What we are trying to acheive is bootstrap all the PAM servers and give them access via their domain based user specific admin accounts (admuser)

-Lionel

 

 

0 Kudos

NageshK
Saviynt Employee
Saviynt Employee

‎04/18/2023 09:50 AM

@lionelrl In case of AWS and GCP, the discovery of workloads is handled by the Access Import and then you can trigger Bootstrap job for onboarding workloads. Please see the below articles

https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v2020x/page/Content/E-Onboard-Target-Endpoint/...

https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v23x/page/Content/E-Onboard-Target-Endpoint/Co...

For Onprem, you will have to run the discovery tool to get the list of workloads and trigger onboarding job as documented in the below article 
https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v23x/page/Content/E-Onboard-Target-Endpoint/On...

There is no support for the automatic onboarding of Azure workloads as called out in the support matrix here : https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v23x/page/Content/A-Overview/Feature-Support-M...

However, there is a wokaround where you can onboard the Azure workloads as if they are on-prem by following the same onboarding process that is used for onprem except for the disocvery part where the workloads csv file has to be created manually before triggering the onboarding process.

Thanks,

Nagesh K
 
 

0 Kudos

lionelrl
New Contributor III
New Contributor III

‎04/20/2023 07:14 AM

Can I use the same scanning method to onboard the Workloads from AWS & GCP ?

0 Kudos

NageshK
Saviynt Employee
Saviynt Employee

‎04/20/2023 07:40 AM

@lionelrl For AWS and GCP the workloads are already discovered during the Access Import and available for Bootstrap. So you do not need to follow the same process for AWS and GCP.

Thanks,

Nagesh K  

0 Kudos

NageshK
Saviynt Employee
Saviynt Employee

‎05/01/2023 03:40 PM

@lionelrl Do you have any further questions on this topic? 

Thanks

Nagesh K

0 Kudos
Copyright © 2024 Khoros, LLC