Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/13/2023 02:30 PM
We are trying to implement CPAM to protect workloads in GCP, AWS , Azure & on-perm. Saviynt SC 2.0 client is already deployed. Can we do discovery & bootstrapping automatically or should we be using Saviynt Discovery tool to scan & onboard ?
04/18/2023 09:26 AM
Is PAM modile activated in your environment? Have you completed the initial setup for Vault, MasterConnection, PAMCONFIG, Bootstrap jobs?
04/18/2023 09:30 AM
We are currently on hold at the masterconnection & PAMconfig , connection to targets via SC2.0 is failing with connection timeout and we are working with support.
What we are trying to acheive is bootstrap all the PAM servers and give them access via their domain based user specific admin accounts (admuser)
-Lionel
04/18/2023 09:50 AM
@lionelrl In case of AWS and GCP, the discovery of workloads is handled by the Access Import and then you can trigger Bootstrap job for onboarding workloads. Please see the below articles
https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v2020x/page/Content/E-Onboard-Target-Endpoint/...
https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v23x/page/Content/E-Onboard-Target-Endpoint/Co...
For Onprem, you will have to run the discovery tool to get the list of workloads and trigger onboarding job as documented in the below article
https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v23x/page/Content/E-Onboard-Target-Endpoint/On...
There is no support for the automatic onboarding of Azure workloads as called out in the support matrix here : https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v23x/page/Content/A-Overview/Feature-Support-M...
However, there is a wokaround where you can onboard the Azure workloads as if they are on-prem by following the same onboarding process that is used for onprem except for the disocvery part where the workloads csv file has to be created manually before triggering the onboarding process.
Thanks,
Nagesh K
04/20/2023 07:14 AM
Can I use the same scanning method to onboard the Workloads from AWS & GCP ?
04/20/2023 07:40 AM
@lionelrl For AWS and GCP the workloads are already discovered during the Access Import and available for Bootstrap. So you do not need to follow the same process for AWS and GCP.
Thanks,
Nagesh K
05/01/2023 03:40 PM