Hi All,
Good day. We want to have your expertise and best practices on implementation the PAM solution for the given below scenario. Kindly provide your valuable suggestion.
In our environment, we have to integrate the devices (only on the OS level) from 2 application teams.
AppTeam-A : This team has 20 windows servers
AppTeam-B : Has 10 Windows and 10 Linux server.
No. Privileged accounts: 4 accounts on each server
We will do only local privileged account managed, no domain account management.
In this scenario, is the following approach is OK. or can it be improved ?
1. Import devices
2. Create group -AppTeam-A and B and attach respective devices to group
3. Create application AppTeam-A and B
4. Create Target accounts in PAM - 4 accounts for each servers. so total 40*4 = 160
6. Create user group AppTeam-A and map to device group AppTeam-A. so that AppteamA users can only see this application's devices.
7. And then normal approval and access flows.
Is this approach is good, or please let me know how best we can optimize it?
The challenge: We use the PAM GUI for all the above activities. We have option for import only for few steps.
But for account creation and policy, we dont see import option.
Can you please help, how this can be done using csv import or any other way (using CLI)?
Thanks in advance
dk