# PAM Resources

## Overview

KeeperPAM Resource records are special record types designed to organize and store information of your target infrastructure, machines, web apps, workloads and user accounts.

* [What's a Record Type?](https://docs.keeper.io/en/enterprise-guide/record-types)

### KeeperPAM Record Types

In your Keeper Vault, resources that represent your infrastructure are created with the following Record Types:

<table><thead><tr><th width="215">PAM Record Type</th><th>Target Infrastructure </th></tr></thead><tbody><tr><td><a href="pam-resources/pam-machine">PAM Machine </a></td><td>Windows/macOS/Linux Machines, EC2 Instances, Azure VMs, etc.</td></tr><tr><td><a href="pam-resources/pam-database">PAM Database </a></td><td>MySQL, PostgreSQL, SQL Server, MongoDB, MariaDB, Oracle </td></tr><tr><td><a href="pam-resources/pam-directory">PAM Directory </a></td><td>Active Directory, OpenLDAP</td></tr><tr><td><a href="pam-resources/pam-remote-browser">PAM Remote Browser </a></td><td>Web-based Applications, internal apps or cloud apps</td></tr><tr><td><a href="pam-resources/pam-user">PAM User</a></td><td>Any local user, remote user, database credential or admin account. PAM User records can also be configured for scheduled or on-demand password rotation.</td></tr></tbody></table>

### Record Linking

The PAM User record is special because it can be [linked](https://docs.keeper.io/en/keeperpam/privileged-access-manager/getting-started/record-linking) from the other resources. This way, you can [share access](https://docs.keeper.io/en/keeperpam/privileged-access-manager/getting-started/access-controls) to a Machine, Database, Directory or Remote Browser without sharing access to the underlying credentials.

### Creating a PAM Record

From the Vault UI, click on Create New and select either Rotation, Tunnel or Connection.

<figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2FtnIDbstjLAfq2ECqq9HB%2FScreenshot%202024-12-28%20at%203.01.48%E2%80%AFPM.png?alt=media&#x26;token=e63d20a1-aa96-4fbd-89ed-d0fdd455a830" alt=""><figcaption><p>Create a new PAM Resource Record</p></figcaption></figure>

Alternatively, you can right-click on a folder and select Rotation, Tunnel or Connection.

<figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2FMeo2Pl0F5xDl8iY2NQeK%2FScreenshot%202024-12-28%20at%203.05.53%E2%80%AFPM.png?alt=media&#x26;token=811e735e-6692-4f26-88a7-4e4e02bd2ec4" alt=""><figcaption><p>Right-click to create PAM Resource Records</p></figcaption></figure>

The "Target" selection will determine what type of record will be created.&#x20;

<figure><img src="https://762006384-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MJXOXEifAmpyvNVL1to%2Fuploads%2FNqfGO32FajbD2yVagIb5%2FScreenshot%202024-12-28%20at%203.01.06%E2%80%AFPM.png?alt=media&#x26;token=f2ba3ce4-b709-403a-824e-37072e227dc8" alt=""><figcaption><p>Selecting a Target</p></figcaption></figure>

### Bulk Import of Resources

There are several ways of creating resources in the Keeper vault.

* Manually in the Keeper Vault
* Using Keeper Discovery
* Bulk Import with Keeper Commander

#### Manually in the Keeper Vault

As described in this section, you can create PAM Machines, Databases, Directories, Remote Browsers and Users directly in the Keeper Vault.

#### Using Keeper Discovery

KeeperPAM can perform discovery on a network or cloud resource to find all associated machines, accounts, etc. Visit the [Discovery](https://docs.keeper.io/en/keeperpam/privileged-access-manager/discovery) section to learn more.

#### Bulk Import with Keeper Commander

Keeper Commander CLI can perform import of resources based on a template. See this [Importing PAM Resources](https://docs.keeper.io/en/keeperpam/privileged-access-manager/references/importing-pam-resources) example for a step by step guide. See the [pam project import](https://docs.keeper.io/en/keeperpam/commander-cli/command-reference/keeperpam-commands) command for more advanced import options.

The following sections will describe each of the PAM resources.