Before Provisioning Rule for Application: Snowflake

Hi team asking for your assistance
My Requirement: I want to set default_role application account attribute value as user have role for this application. so whatever role will be on first position, I want to take that role value and set this value in default_role application account attribute. This should only done when user account is created in Snowflake application.

My Work on this: I have created before provisioning rule for this requirement. so Team i want you check the rule and when i am validating this rule in “Rule Validator Utility” so it is giving me error.

Error:

image1909×680 28.5 KB

And Here is my Code in XML format:

<Rule>
	<Name>Rule - SnowflakeBeforeProvisioning</Name>
	<Type>BeforeProvisioningRule</Type>
	<Description>This rule set default value of role</Description>
	<Source>
<![CDATA[ 
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.Application;
import sailpoint.object.Identity;
 
 public class SnowflakeBeforeProvisioning{
    public void execute(Map<String, Object> ruleContext){
        Identity identity = (identity) ruleContext.get("Identity");
        ProvisioningPlan plan = (ProvisioningPlan) ruleContext.get("plan");
        Application app = (Application) ruleContext.get("app");

        if (app.getName().equalsIngoreCase("Snowflake") &amp;&amp; plan.getOperation() == ProvisioningPlan.Operation.Create){
        List<String> entitlements = plan.getEntitlement();

        if (entitlements != null &amp;&amp; !entitlements.isEmplty()){
         String defaultRole = entitlements.get(0);
         plan.addAccountAttribute("default_role", defaultRole);
        }
        }
    }
 }
]]></Source>
	<Signature>
		<Argument><Name>identity</Name><Type>Identity</Type></Argument>
		<Argument><Name>plan</Name><Type>ProvisioningPlan</Type></Argument>
		<Argument><Name>application</Name><Type>Application</Type></Argument>
	</Signature>
</Rule>

I will highly appreciate for your valuable time and efforts

Hi @Vatanjain11,

Rule validator error is because your file name is not correct, it should be sailpoint proposed name format, Rule - {type} - {name}.xml

You can change this in XML

SnowflakeBeforeProvisioning

BeforeProvisioning

Save your file name as Rule - BeforeProvisioning - SnowflakeBeforeProvisioning.xml

Then try running rule validator script.

You can refer this Before Provisioning Rule | SailPoint Developer Community

Regards,
Vasanth

Hi @Vatanjain11,

I have done something change in your code. when i execute the code its coming SUCCES message.

Please check the code it may helpful for you.

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="SnowflakeBeforeProvisioning" type="BeforeProvisioning">
<Description>This rule set default value of role</Description>
<Source>
<![CDATA[
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.Operation;
import sailpoint.object.Application;
import sailpoint.object.Identity;
import java.util.*; 

public class SnowflakeBeforeProvisioning {
    public void execute(Map ruleContext) {
        Identity identity = (Identity) ruleContext.get("Identity");
        ProvisioningPlan plan = (ProvisioningPlan) ruleContext.get("plan");
        Application app = (Application) ruleContext.get("app");

        if (app.getName().equalsIgnoreCase("Snowflake") && plan.getOperation() == ProvisioningPlan.Operation.Create) {
            List entitlements = plan.getEntitlements();

            if (entitlements != null && !entitlements.isEmpty()) {
                String defaultRole = entitlements.get(0);
                plan.addAccountAttribute("default_role", defaultRole);
            }
        }
    }
}
]]>
</Source>
</Rule>

Please check the output for your reference:

image1017×304 7.17 KB

Note: Please save the Rule name as “Rule - BeforeProvisioning - SnowflakeBeforeProvisioning” and then try.

Hope this may work for you!
Please try to write the code according to the document.
Thank you!

thank you so much Vansant for you response.

When i am running script, I am not getting any output. Could you please check validator command and other information.

NO response1073×853 27.3 KB

thank you
Vatan

Hi Abhishek

Thank you so much for your time.

Could you please give me complete command which you are running in cmd to execute rule validator.
Actually i am using “sp-rv -f Rule - BeforeProvsioning - SnowflakeBeforeProvisioning.xml”

Please check and correct if something wrong i am doing.

Regards
Vatan

Hi Vatan,

You need to use below script.
sp-rv -f “C:/Users/hari.patel/Desktop/rule-validator-test-rules” -r

sp-rv -f “C:/Users/hari.patel/Desktop/rule-validator-test-rules/Rule - BeforeProvisioning - SnowflakeBeforeProvisioning.xml” -r

you may refer this IdentityNow Rule Validator - Compass

Regards,
Vasanth

Hi Vasanth

thank you so much.

yes it went successfully and code is working as expected.

thank you again.
Vatan

Hi Vatan,

You’re welcome.

Regards,
Vasanth

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.