Entitlement Attributes

Feedback Documentation Feedback Connectivity Documentation Feedback
1

The PagerDuty Teams are aggregated and managed as entitlements. The following lists the Team attributes:

This is the companion discussion topic for the documentation at https://documentation.sailpoint.com/connectors/saas/pagerduty/help/saas_connectivity/pagerduty/entitlement_attributes.html
2

There appears to be some oversight with Role not being an entitlementType. It’s not treated as such within the connector and thus cannot be subject for Certifications in Sailpoint.

In both the Documentation and for the Connectors supported features:

Entitlements should include:

  • Role | Entitlement | String (not supported)
  • Teams | Entitlement | Multi-Valued (supported)

Pagerduty Role(s) Ref: User Roles

3

Hi @brian-short, PagerDuty connector manages PagerDuty Teams as entitlement object; however, “Role” is there in the account schema.

There is a fixed set of roles available in the PagerDuty and it is a single value attribute. Still, if you wants to manage the “Role” as an entitlement, you can mark it as “entitlement” in the account schema and use it in the access model and perform certification on that.

Let us know if there is any issue or concern.

Thanks.

4

Hi @dinesh_mishra,

Appreciate the response. Got it semi-working after some troubleshooting.

Steps

  1. marked the “Role” account attribute as an entitlement (string)
  2. Aggregations failed to pull Role as an entitlement
  3. Entitlment Schema is not an option on this connector
  4. Re-read the documentation on entitlements \ entitlementTypes
  5. Attempted to create an entitlementType via VSCode ISC, but creating the entitlement type Role caused the entitlement aggregations to error
  6. (Update) Reset accounts \ entitlements and aggregated accounts \ entitlements
  7. (Update) Entitlement “Role” aggregated successfully

Item 4 is still a concern.

a. Pagerduty connector did not offer to select which entitlement type to aggregate as mentioned under “Starting a Manual Aggregation”

b. The general admin guide indicates this is possible, but like how the connector does not display the entitlement schema (hidden from UI and only manageable via API \ VSCode ISC) the entitlement aggregations throw an error for Roles but successfully aggregates Groups (i.e. Pagerduty Teams)

5

Hi @brian-short, as I mentioned, connector fetches teams as an entitlement object. Managing roles as an entitlement object is not supported in the connector and this is not yet supported in the connector for fetching roles as an entitlement object.

I would suggest you to raise an idea for the same if it is required.

Thanks!