There are two sets of authorisations in the Connections area. The first relates to work with folders and the second relates to work with specific Connections. Permissions can be defined for both a user and a group of users.


Permissions for Connections can be set specifically on the Connection themselves, but also on the folder in which the connections are stored, with permissions on connections being inherited from that folder.


Example:

User can share specific Connection from his personal folder:

It is not possible to adjust permissions on the personal folders but owner can adjust permissions on the Connection to grant access to another user:

    1. open the detail of the Connection
    2. go for the Permissions tab and press button [+]
    3. select the user who is going to have access to the Connection
    4. select level of permissions for the user (see bellow): USE for possibility to run the Connection.
    5. save the permissions

Now the user is going to see this Connections in the Shared with me tab on the Connections - he can't access the Connection from the Folders tree because he doesn't have access to the folder, but he can access the Connection via Shared with me tab. The same process works for granting access for members of any group - just select a group instead of a user.


For related privileges see Privileges and Permissions chapter.


Available Permissions that can be defined for the Connections in the ANT PAM:

USE

Can use the Connection.

  • Note: the Agent launcher is not an inherently secure launcher type (the opposite of RDP or Guacamole launchers, where the password is secure). Therefore, to use a connection based on an Agent launcher, the user must have OWN permissions to the Secret being used.

OWN

Can do all operations with the Connection


Available Permissions that can be defined for the Connection folders in the ANT PAM:

USE

Can see the content of the folder

 OWN

Can do all operations with the folder