I am using IIQ 8.1. In that I have defined business role, lets say B_Role1, which provisions IT role IT_Role1. IT role contains Entitlement from 3 application ENT1, ENT2, ENT3.
I want to know if, is there any way to find mapping between Business role and entitlements which will get provisioned on the identity once it is requested ? I couldn’t find any OOTB Reports for this in IIQ 8.1.
B_Role1 → IT_Role1 → ENT1,ENT2,ENT3
To begin, you can utilize the following rule as a starting point to export the bundle and write the information into a CSV file
QueryOptions qo = new QueryOptions();
Iterator iterator = context.search(Bundle.class, qo, “name”);
String bundleName = (String) iterator.next();
Bundle bundle = context.getObjectByName(Bundle.class, bundleName);
You would need to extend this logic by incorporating additional steps to extract the list of permitted or required roles. After retrieving the roles, you would then iterate over each role to obtain the corresponding list of entitlements.
you could use iiq export command but that doesn’t provide the option to add filters if you want to export a particular type or category of roles.
Not to discount @sunnyajmera’s response (as it is relevant for your current IIQ version), but I did want to note that what you’re looking for actually becomes FAR easier in IIQ 8.3 with the addition of the Role-Entitlement Relationship feature. This is a game-changer in a lot of ways as it makes reporting/analytics (like your use-case), as well as SOD policies (based on effective entitlements) a lot easier to build and manage.
Thanks Brian, Yes I did saw that feature document before posting here but it wasn’t available for 8.1
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.