Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

How to restrict PAM session recording access to individual PAM owners only

Diwakar
Regular Contributor
Regular Contributor

We have onboarded 20 servers to CPAM and there are different owners for these servers. Through PAM Owner SAV role the manage session recording access can be granted but how to restrict the PAM owners to view and manage only those session recording for which they are responsible.

On our testing we found, granting PAM owner SAV role to any user will provide access to recording session of each server that are onboarded to CPAM as endpoints. 

This is actually a big privacy issue if we are not able to restrict the recording visibility as per ownership. Please assist.

4 REPLIES 4

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @Diwakar,

There is already an Idea in place, Please provide your bussiness use-case/Upvote the idea to get the idea accepted.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Diwakar
Regular Contributor
Regular Contributor

@sudeshjaiswal Thanks for your response, we will provide our use case there. 

Also, I have noticed one thing for SAV role we have one option access to endpoints so do you think if it can be used for our use case to restrict the PAM recording session visibility? or this option is used for some other functionality?

Diwakar_0-1712729249545.png

Thanks,

Diwakar.

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @Diwakar,

Thats been used for the analytics controls.


https://docs.saviyntcloud.com/bundle/EIC-Admin-v24x/page/Content/Chapter09-SAV-Roles/Understanding-t... 

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Diwakar
Regular Contributor
Regular Contributor

@sudeshjaiswal Makes sense thanks for your support.