PAM Admin cannot remove certain Devices from a particular Device Group.  Everytime they successful save it the devices reappear.

Even if they go into the actual Device and remove the Group Membership there.

Component : PRIVILEGED ACCESS MANAGEMENT

Release: PAM 3.4.x, 4.0.x

When you define a Tag on a Device Group it makes the membership dynamic.

Remove the tag from the device group (and that will automatically remove all devices sharing that tag) or change the tag for the device you want to remove to make sure it does not match any tag defined for the device group you want to remove it from.