Hi,
I am trying to test the createAccessProfile command from roleImporter.rb version 11, downloaded here: https://community.sailpoint.com/t5/Professional-Services/IdentityNow-Bulk-Access-Profile-and-Role-Importer/ta-p/77382
The documentation states the order of the columns is:
createAccessProfile, Name of AccessProfile, Description, AccessProfile Disabled(true/false), Source,‘;’ separated Entitlement Name list formatted like so : attribute1:value1;attribute2:value2, AccesProfile Owner, Requestable(true/false), AccessProfile Approvers List, Required Denied Comments(true/false), Required User Request Comments(true/false), Revoke Request Approval List, ‘;’ separated tags list, ‘;’ separated segments list
But when I try this, the script fails to apply any Access Request config and displays the error below, which suggests that at the “Requestable” column, the script is actually looking for “AccessProfile Approvers List”. And indeed when I removed the “Requestable” column from my file, the script correctly ticked the “Require Approval” box and assigned “Access Profile Owner” as Reviewer 1.
WARNING : Create Access Profile : those workgroups TRUE could not be found for approvalSchemeList … skipping
But I am now failing to understand how to set the requestable flag on APs. Where should the column go? The documentation is no use since clearly the column order has changed. The Example they’ve put in there also looks to be outdated.
Other issue: I tried to assign a Governance Group as the reviewer. The AP now shows as an association under the Governance Group, but when I look at the config on the AP it doesn’t look right (see below). The script doesn’t generate any errors or warnings though.
