After referring to the following ISC forum posts ( Searching for Privileged Accounts, Privileged Accounts in IDN), the attribute value has remained unchanged after provisioning a privileged entitlement to the account.
Also, the ISC APIs do not allow modification of the privileged attribute for the source account.
My question to the community would be:
How is the value for the privileged attribute for the source account set?
I’m trying to understand your requirement for marking the account privileged because a privileged access was provisioned for it. You could write a query slightly differently to get similar results: @access(source.name:"SomeSource" AND privileged:true)
If you’re looking to narrow down the search results to just one type of object like Identities, I think this should do it with regular Search. Let me know if there’s a reason you can’t use this query.
I’m not able to see “privilege” attribute in the JSON response for any of accounts that has privilege access. From which API call did you get this response?
@accounts(privileged:true) as this query is not giving us any results even though we have accounts with privilege access, seems the privilege tag is only for the entitlements and documentation needs to be corrected
Same behavior for me which doesn’t seem expected.
Either the documentation needs to be updated or there has to be a way to set the privileged flas as true on the account.
