AWS console access from PAM

Document ID : KB000100928
Last Modified Date : 22/06/2018
Show Technical Document Details
Question:
When configuring AWS console access through PAM via the following should there be a device called "capam.aws.amazon.com" for step 4?

https://docops.ca.com/ca-privileged-access-manager/3-2/EN/deploying/deploy-on-an-aws-amazon-machine-image-ami/configure-ca-privileged-access-manager-for-aws#ConfigureCAPrivilegedAccessManagerforAWS-CreateanAWSManagementConsoleAccessPolicy

1.  From the UI, select Policies, Manage Policies.
2. Click Add.
3. In the User or User Group field, enter super.
4. In the Device or Device Group field, enter capam.aws.amazon.com
5. On the Services tab, select AWS Management Console SSO [AWS Access Credential Accounts – cademo – PowerUserAccess]
6. On the Recording tab, select Web Portal and On Violation.
7. Click Save.
Answer:
This appears to be a typo in the documentation, the AWS device should be there by default. The device is 'xceedium.aws.amazon.com' under Devices > Manage Devices.