05/17/2023 04:28 AM
we have a requirement to customize the provisioning command on AWS Instance endpoint connection where if user is part of group A(entitlement) then run this command, else run the other provisioning command.
Ex:
If user is part of CPAM_ADMIN entitlement then run this cmd as below:
"sudo useradd -m -s /bin/bash '${username}' -c '${user?.lastname}.${user?.firstname}/${user?.email}' -g users && echo ${username}:${password} | sudo chpasswd && sudo usermod -G cpamgrp ${username}"
If user is not part of CPAM_ADMIN entitlement then run this cmd as below:
"sudo useradd -m -s /bin/bash '${username}' -c '${user?.lastname}.${user?.firstname}/${user?.email}' -g users && echo ${username}:${password}"
05/17/2023 08:14 AM - edited 05/17/2023 08:14 AM
@RMJ I have responded to this question in the other post you submitted. Please close this if both these posts are the same.
https://forums.saviynt.com/t5/privileged-access-management/cpam-jit-access-permission-segregation-ba...
Thanks,
Nagesh K