Local Environment Setup
Setting up your Local environment to work with KeeperPAM
Last updated
Was this helpful?
Setting up your Local environment to work with KeeperPAM
Last updated
Was this helpful?
The PAM Configuration contains critical information on your local infrastructure, settings and associated Keeper Gateway. This guide provides step-by-step instructions for configuring the PAM Configuration in your local environment, enabling the Keeper Gateway to manage all resources within it and allowing users to utilize KeeperPAM features on those resources.
Prior to proceeding with this guide, make sure to .
To create a new PAM Configuration:
Login to the Keeper Vault
Select Secrets Manager and the "PAM Configurations" tab
Click on "New Configuration"
The following tables provides more details on each configurable fields in the PAM Configuration record for the local environment:
Title (Required)
Name of PAM configuration record
Ex: Local Configuration
Environment (Required)
Your infrastructure's environment
For this guide, select "Local"
Gateway (Required)
The configured gateway
Application Folder (Required)
The shared folder where the PAM Configuration data will be stored
Best practice is to create a folder with limited access to admins. See Security Note (1) below
PAM Settings (Required)
List of Zero-Trust KeeperPAM features that should be enabled
Default Rotation Schedule
Specify frequency of Rotation
Ex: Daily
Port Mapping
Define alternative default ports
For Discovery, the following fields are required, otherwise they are optional:
Network ID
Unique ID for the network
This is for the user's reference
Ex: My Network
Network CIDR
Subnet of the IP address
The "PAM Features Allowed" and "Session Recording Types Allowed" sections in the PAM Configuration allow owners to enable or disable KeeperPAM features for resources managed through the PAM configuration:
Rotation
If enabled, allow rotations on privileged user users managed by this PAM configuration
Connections
If enabled, allow connections on resources managed by this PAM configuration
Remote Browser Isolation (RBI)
If enabled, allow RBI sessions on resources managed by this PAM configuration
Tunneling
If enabled, allow tunnels on resources managed by this PAM configuration
Graphical Session Recording
If enabled, visual playback sessions will be recorded for all connections and RBI sessions
Text Session Recording (TypeScript)
If enabled, text input and output logs will be logged for all connections and RBI sessions
After creating the PAM configuration, visit the following pages to:
See for more info
See for more info
Ex: 3307=mysql
See docs
Ex: 192.168.0.15/24
Refer to for more info
Configure
Configure
Configure
Configure
Configure