As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.
As long as you are a member of the Vault Admins group, you can grant any permission on any safe that you have access to.
The statement is false. Being a member of the Vault Admins group does not automatically grant you permissions on all safes; it only provides access to safes created during the installation process. Additional safes must have explicit permissions assigned. Thus, membership in the Vault Admins group alone does not enable you to grant any permission on any safe unless you already have access to it.
B is correct
B= Being in Vault admins group only give you access to safes which are created during installation (safe created in installation process) -This is clearly mentioned in documents .
https://docs.cyberark.com/pam-self-hosted/Latest/en/Content/PASIMP/Predefined-Users-and-Groups.htm#Predefinedgroups With one condition: ( you can grant any permission ) "This group can be added to Safes with all Safe member authorizations." = have it "that you have access to." - B= Being in Vault admins group only give you access to safes which are created during installation (safe created in installation process) -This is clearly mentioned in documents . - you have access to all safes that you have access with Vault Admins group ;)