Using AWS tags

search cancel

Using AWS tags

book

Article ID: 12282

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)

Issue/Introduction

This document explains what AWS tags can be utilized by CA PAM.

For example:
{AWS tag} ==> {AWS tag Value} ==> {CA PAM Action based on AWS tag Value}

What AWS tags do we have in connection with CA PAM?

Environment

Release: 3.x
Component:

Resolution

There are two AWS tags we can utilize for AWS instances.

1. PAMIgnore ( formerly XsuiteIgnore )

PAM will not import instances with tag of "PAMIgnore"

on AWS side, add tag on the instance

Key = PAMIgnore

Value = <any value>

2. PamGroups ( formerly XsuiteGroups)

You can use AWS tag "PamGroups" with PAM device group to make it easier for you to create policies for the devices you may specifically use.

<How to>

on PAM side
Device group -> AWS in "provision type" and enter group name to create AWS device group

on AWS side, add tag on the instance

Key = PamGroups

Value = Group1,Group2,Group3

Note: There is no specific limit set for the number of groups.

Additional Information

Using AWS Tags

Feedback

thumb_up Yes

thumb_down No