github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-09 07:28:09 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
f55f03cfb1aff29d2efd6ceff8bbd1429d1cc497
infisical/docs/documentation/platform/pam/getting-started/accounts.mdx
x032205 c8add06785 address reviews
2025-11-21 17:13:19 -05:00

48 lines
2.4 KiB
Plaintext
Raw Blame History

---
title: "PAM Account"
sidebarTitle: "Accounts"
description: "Learn how to create and manage accounts in PAM to control access to resources like databases and servers."
---
An **Account** contains the credentials (such as a username and password) used to connect to a [Resource](/documentation/platform/pam/getting-started/resources).
## Relationship to Resources
Accounts belong to Resources. A single Resource can have multiple Accounts associated with it, each with different permission levels.
For example, your database would normally have multiple accounts. You might have a superuser account for admins, a standard read/write account for applications, and a read-only account for reporting.
In PAM, these are represented as:
- **Resource**: `Production Database` (PostgreSQL)
- **Account 1**: `postgres` (Superuser)
- **Account 2**: `app_user` (Read/Write)
- **Account 3**: `analytics` (Read-only)
When a user requests access in PAM, they request access to a specific **Account** on a **Resource**.
## Creating an Account
<Info>
**Prerequisite**: You must have at least one [Resource](/documentation/platform/pam/getting-started/resources) created before adding accounts.
</Info>
To add an account, navigate to the **Accounts** tab in your PAM project and click **Add Account**.
![Add Account Button](/images/pam/getting-started/accounts/add-account-button.png)
Next, select the **Resource** that this account belongs to.
![Select Resource](/images/pam/getting-started/accounts/select-resource.png)
After selecting a resource, provide the credentials (username, password, etc.) for this account. The required fields vary depending on the resource type. For example, for a Linux server, you would enter the username and the corresponding password or SSH key.
![Create Account](/images/pam/getting-started/accounts/create-account.png)
Clicking **Create Account** will trigger a validation check. Infisical will attempt to connect to the resource using the provided credentials to verify they are valid.
## Automated Credential Rotation
Infisical supports automated credential rotation for some accounts on select resources, allowing you to automatically change passwords at set intervals to enhance security.
To learn more about how to configure this, please refer to the [Credential Rotation guide](/documentation/platform/pam/product-reference/credential-rotation).
Reference in New Issue View Git Blame Copy Permalink