Both of your approach should work, but I would go with the lifecycle state option (This depends on your business use cases as well) because of the easiness to trigger the enable/disable operation during the lifecycle state changes. This would help you even if the user moves back to an active status from a terminated status by enabling their accounts as well as assigning the required access profiles.
Also, the recently introduced Identity states as described here can also help you with your Identity processing time or exclude them from the Request center.
Either way, you will need to setup a before provisioning rule or use the Services standard before provisioning rule to achieve the account deletion through ISC. Else you will need to depend on an after modify powerShell script for AD account deletions.
Using the cloud lifecycle state is best practice, as it centralizes and simplifies delayed AD account deletion with built-in lifecycle management. Calculated attributes add complexity and risk errors, while lifecycle states improve visibility and maintainability.
Hello @dipali_ankush_dhonde
You will need to create a Explicit transform to use termination date from HR source, get it into the TRANSFORM and use date transform to match the format and than use the now date into another transform and than use those 2 to identify if its past 30 days via if/else logic in the results transmitting. So based on the days passed you can choose to set the LCS. Set that transform on the LCS attribute.
So, once the LCS is set to delete you can use it to trigger your WF to do the needful, again how you do it in a WF is totally your approach.