PAM Resources

Guide for using PAM Resource Records in the Keeper Vault for privileged access functionality.

Overview

KeeperPAM Resource records are special record types designed to organize and store information of your target infrastructure, machines, web apps, workloads and user accounts.

What's a Record Type?

KeeperPAM Record Types

In your Keeper Vault, resources that represent your infrastructure are created with the following Record Types:

PAM Record Type

Target Infrastructure

PAM Machine

Windows/macOS/Linux Machines, EC2 Instances, Azure VMs, etc.

PAM Database

MySQL, PostgreSQL, SQL Server, MongoDB, MariaDB, Oracle

PAM Directory

Active Directory, OpenLDAP

PAM Remote Browser

Web-based Applications, internal apps or cloud apps

PAM User

Any local user, remote user, database credential or admin account. PAM User records can also be configured for scheduled or on-demand password rotation.

Record Linking

The PAM User record is special because it can be linked from the other resources. This way, you can share access to a Machine, Database, Directory or Remote Browser without sharing access to the underlying credentials.

Creating a PAM Record

From the Vault UI, click on Create New and select either Rotation, Tunnel or Connection.

Alternatively, you can right-click on a folder and select Rotation, Tunnel or Connection.

The "Target" selection will determine what type of record will be created.

PreviousLocal Environment Setup NextPAM Machine

Last updated 1 month ago

Was this helpful?