Hello eveyone, I would like to know how we can test the cloud rules more effectively.
Do we have to approah Expert services to deploy the rule every single time? or there is any other way too?
Sorry very basic question. Thanks in advance!!
Hello! That’s a great question, and it’s far from basic. Testing Cloud Rules (which are used in SailPoint Identity Security Cloud, formerly IdentityNow) effectively is a key challenge for developers, especially coming from an IdentityIQ (on-premise) background where you have more local control.
1 Like
Hello @singlde,
Unlike connector rules, cloud rules cannot be tested in real-time.
However, they can be validated using the following tool:
IdentityNow Rule Validator
Additionally, you can perform some testing with dummy data using the Rule Development Kit:
Rule Development Kit Documentation
Thanks,
Sid
Please check this: Getting started with the SailPoint CLI
Rule validator will only check the syntaxes etc.
using mockito - still its far complex to check the real time cloud rules.
so is that mean, every time i have to approach expert services to test my rule on real data if there is any issue?
reagrding testing there is nothing in CLI, already explored on this one
Unfortunately , that’s true 
!
Unfortunately you don’t have any built-in tool or IDE to test your cloud rule logic. Though it is not simple, but the possible way is to use any Java IDE to execute your rule as a java code and test it by assigning static values to your variables to cover all the scenarios. Once the test is completed, add the logs into your code and convert into BeanShell, validate it by rule validator and deploy through ES.
Now you can test it by real time scenarios in ISC and you have already added the logs in the rule to debug the errors. Once all good, remove the debugging log statements from the code and redeploy it to make sure you have a production ready code.
This way you can minimize the logical errors, avoid multiple rule deployment and covers all the scenarios in quick time.
Hope this helps you.
1 Like
This is still one of the big issues I still have with ISC, how to test those rules without SailPoint’s involvement. The Rule DevKit can help you a little bit, but is still not ideal. I have easy access to an IIQ environment (running locally via docker), so I can do a bit of the testing there as well, but that is not the way it should be.
I would really think a ‘local’ dev version of ISC could help here. Having not all the bells and whistles, but perhaps just enough with some mock data to develop and test your cloud rules. That way if you break anything, you do not jeopardise any other tenants.
1 Like