Hi,
We have onboarded CyberArk Privilege Cloud source and wanted to aggregate container permissions for the user.
As per the document of the source, under supported features it is mentioned that it supports aggregating ‘Container/Safes permissions as a Direct Permission’ but document doesn’t contain any information of how that can be achieved. What modifications are required in the schema ?
There are no changes required in the schema.
You should be able to get the Safes and its permissions assigned to Groups after entitlement aggregation is completed.
Please make sure that Groups are assigned to Containers.
To check on the Managed system side, you can verify ContainerPermissions endpoint.
Also there are few prerequisites in terms of service account permissions and those are documented as part of Prerequisite section which navigates to CYberark doc those needs to be configured correctly to Service Account.
Thanks @Rajat_Majumder & @deepesh_kumar, till the time it is implemented, I might have to shift to Web Services connector to aggregate those permissions.
Even source type SCIM 2.0 won’t help here, because there is no configurate option to call another API, post iterate account call, am I right ?