Hi! I am having problem tryng to attach a rule to the beforeProvisinoingAttribute in a JDBC connector. Rule simply logs, it does not have useful information yet. But when sending via PATCH or PUT calls, rule remains “null”:
Also tried with path /beforeProvisioningRule, and simply adding rule name, with same results (retorns 200 OK but does not modify null at beforeProvisioningRule attribute).
Rules is:
{
"description": "Rule para provisonamento",
"type": "JDBCProvision",
"signature": {
"input": [
{
"name": "connection",
"description": "Reference to the current SQL connection.",
"type": "java.sql.Connection"
},
{
"name": "plan",
"description": "Provisioning plan containing the provisioning request(s).",
"type": "sailpoint.object.ProvisioningPlan"
},
{
"name": "application",
"description": "Attribute value for the identity attribute before the rule runs.",
"type": "sailpoint.object.Application"
},
{
"name": "schema",
"description": "Reference to the schema object for the delimited file source being read.",
"type": "sailpoint.object.Schema"
}
],
"output": {
"name": "result",
"description": "ProvisioningResult object containing the provisioning request's status (success, failure, retry, etc.).",
"type": "sailpoint.object.ProvisioningResult"
}
},
"sourceCode": {
"version": "1.0",
"script": "\t\t\tlog.info(\"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ BEFORE PROV RULE \");\r\n\t\t\tlog.warn(\"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ BEFORE PROV RULE \");\r\n\t\t\tlog.debug(\"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ BEFORE PROV RULE \");"
},
"attributes": {
"sourceVersion": "1.0"
},
"id": "44897b7442a******d53f2d9edd2c",
"name": "XXXXXXXX",
"created": "2023-12-12T21:39:57.414Z",
"modified": "2023-12-12T21:39:57.414Z"
}
(tried also with replace). It seems that I am trying to put an incorrect rule in this field. The rule I created if of type JDBCProvisioning, is that wrong? What rule type should I use? I never worked with jdbc before provisinoing, just with WS, but in this case I found documentation more clear. I seem a bit lost here.
(tried also with replace). It seems that I am trying to put an incorrect rule in this field. The rule I created if of type JDBCProvision, is that wrong? What rule type should I use? I never worked with jdbc before provisinoing, just with WS, but in this case I found documentation more clear. I seem a bit lost here.
Hi people, as I never worked with the Before Provisioning Rule, I thought it was part of the JDBC connector rules, as with Web Services connector. I searched a bit more and found it that it is a cloud rule. I see it clear now, thanks!
Hi @udayputta thanks for responding! Actually, the rule to use is the one I posted before your post. I was working with JDBC Provision rule, but it has the problem that at the modify or enable/disable operations, plan only has the uid IDN attribute. And as it is a connector rule, it can not search information from IDN. That’s why I was suggested to add another rule to connector, the Before Provisinoing Rule, but as this is a cloud rule and never worked with that, I was looking in the incorrect place.
However, as this can be a workaround, documentation says that it should not be used to add identity or account attributes to account request object in plan object. So I figured a way to obtain identity and account attributes using an UPDATE provisioning policy.
I just detailed this on this other discussion topic:
It is a little tricky but saved me from making another rule, and depend on support times to get cloud rule deployed.
