Rules in Sailpoint

Rules in Sailpoint
Below are few commonly used rules in Sailpoint
Sailpoint rules gets executed in the below order during aggregation
Flow:
  1. Pre-Iterate Rule
  2. BuildMap Rule
  3. Managed Entitlement Customization Rule
  4. Customization rule
  5. Correlation rule
  6. Manager correlation rule
  7. Creation rule
  8. PostIterate Rule
Pre-Iterate Rule:
1st rule that runs during aggregation
You can perform below operations in this rule
Check file existence
Modify the data in the files
Merge files


BuildMap Rule:
2nd Rule thats runs during aggregation, Using build map rule you can deal with application schema ex: populate value for custom column for the application. Build map is not available for connected apps(JDBC has jdbc buildmap). Available only for disconnected apps like delimited files.
Customization Rule:  Runs after buildmap rule, this can be used to transform data of resource object/account data during account aggregation
Ex: if you have status value as ‘A’ in target and you want to transform this to ‘Active’ then you can go for this Rule.
Use set/get attributes method on resource object already available as ‘object’ as argument for the rule. This rule gets executed in every aggregation.
Correlation Rule: This rule is used to link target account to the identity, executes every aggregation.
Manager Correlation Rule: This is used to link user to manager, runs every time.
Used in HR Applications
Creation Rule: Used to set values during identity/account creation for the first time, Executed only for the first time.
PostIterate Rule: Last rule that runs after aggregation,

Can be used to archive files.

Comments

Post a Comment

Popular posts from this blog

Sailpoint Installation Steps (IdentityIQ 7.3 Installation in Windows Machine)

This document helps you set up Sailpoint IdentityIQ 7.3 in Windows Operating System Softwares Required: MySQL 5.6 server Click here to download Apache Tomcat  9.0 Click here to download Java JDK 1.8 and above Click here to download Sailpoint IdentityIQ 7.3 application You may require to login into Sailpoint community to download Install the above softwares, update JDK, MySQL paths in environment Path variable Note: If you are facing issue in MySQL service then try running below commands mysqld –install net start mysql Sailpoint Configuration Steps: Create an \idenityiq directory under the Tomcat webapps directory: for example, C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\identityiq Unzip the identityiq-7.3.zip file. Copy iidentityiq.war file to the C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\identityiq Run below command to extract identityiq.war jar -xvf C:\Program Files\Apa...
Read more

How to create provisioning plan in Sailpoint

//Provide application name, attributes, operation ProvisioningPlan plan = new ProvisioningPlan(); List requests = new ArrayList(); List attributes = new ArrayList(); /*Identity identity = context.getObjectById(Identity.class, formModel.get("identity"));*/ AccountRequest account = new AccountRequest(); account.setApplication("HR_Staging"); account.setOperation(AccountRequest.Operation.Create); attributes.add(new AttributeRequest("FIRST_NAME", identity .getAttribute("firstname"))); attributes.add(new AttributeRequest("LAST_NAME", identity .getAttribute("lastname"))); account.setAttributeRequests(attributes); requests.add(account); //plan.setIdentity(identity); plan.setAccountRequests(requests); System.out.println("Plan xml : " + plan.toXml());
Read more