Skip to main content

SodPolicy

Properties

NameTypeDescriptionNotes
IdStringPolicy id[optional] [readonly]
NameStringPolicy Business Name[optional]
CreatedSystem.DateTimeThe time when this SOD policy is created.[optional] [readonly]
ModifiedSystem.DateTimeThe time when this SOD policy is modified.[optional] [readonly]
DescriptionStringOptional description of the SOD policy[optional]
OwnerRefSodPolicyOwnerRef[optional]
ExternalPolicyReferenceStringOptional External Policy Reference[optional]
PolicyQueryStringSearch query of the SOD policy[optional]
CompensatingControlsStringOptional compensating controls(Mitigating Controls)[optional]
CorrectionAdviceStringOptional correction advice[optional]
StateEnum [ "ENFORCED", "NOT_ENFORCED" ]whether the policy is enforced or not[optional]
Tags[]Stringtags for this policy object[optional]
CreatorIdStringPolicy's creator ID[optional] [readonly]
ModifierIdStringPolicy's modifier ID[optional] [readonly]
ViolationOwnerAssignmentConfigViolationOwnerAssignmentConfig[optional]
ScheduledBooleandefines whether a policy has been scheduled or not[optional] [default to $false]
TypeEnum [ "GENERAL", "CONFLICTING_ACCESS_BASED" ]whether a policy is query based or conflicting access based[optional] [default to "GENERAL"]
ConflictingAccessCriteriaSodPolicyConflictingAccessCriteria[optional]

Examples

  • Prepare the resource
$SodPolicy = Initialize-PSSailpoint.V2024SodPolicy  -Id 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde `
 -Name policy-xyz `
 -Created 2020-01-01T00:00Z `
 -Modified 2020-01-01T00:00Z `
 -Description This policy ensures compliance of xyz `
 -OwnerRef null `
 -ExternalPolicyReference XYZ policy `
 -PolicyQuery @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf) `
 -CompensatingControls Have a manager review the transaction decisions for their "out of compliance" employee `
 -CorrectionAdvice Based on the role of the employee, managers should remove access that is not required for their job function. `
 -State ENFORCED `
 -Tags [TAG1, TAG2] `
 -CreatorId 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde `
 -ModifierId 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde `
 -ViolationOwnerAssignmentConfig null `
 -Scheduled true `
 -Type GENERAL `
 -ConflictingAccessCriteria null
  • Convert the resource to JSON
$SodPolicy | ConvertTo-JSON

[Back to top]