Skip to main content

SodPolicy

Properties

NameTypeDescriptionNotes
idstrPolicy ID.[optional] [readonly]
namestrPolicy business name.[optional]
createddatetimeThe time when this SOD policy is created.[optional] [readonly]
modifieddatetimeThe time when this SOD policy is modified.[optional] [readonly]
descriptionstrOptional description of the SOD policy.[optional]
owner_refSodPolicyOwnerRef[optional]
external_policy_referencestrOptional external policy reference.[optional]
policy_querystrSearch query of the SOD policy.[optional]
compensating_controlsstrOptional compensating controls (Mitigating Controls).[optional]
correction_advicestrOptional correction advice.[optional]
stateEnum [ 'ENFORCED', 'NOT_ENFORCED' ]Whether the policy is enforced or not.[optional]
tags[]strTags for the policy object.[optional]
creator_idstrPolicy's creator ID.[optional] [readonly]
modifier_idstrPolicy's modifier ID.[optional] [readonly]
violation_owner_assignment_configViolationOwnerAssignmentConfig[optional]
scheduledboolDefines whether a policy has been scheduled or not.[optional] [default to False]
typeEnum [ 'GENERAL', 'CONFLICTING_ACCESS_BASED' ]Whether a policy is query based or conflicting access based.[optional] [default to 'GENERAL']
conflicting_access_criteriaSodPolicyConflictingAccessCriteria[optional]
}

Example

from sailpoint.beta.models.sod_policy import SodPolicy

sod_policy = SodPolicy(
id='0f11f2a4-7c94-4bf3-a2bd-742580fe3bde',
name='policy-xyz',
created='2020-01-01T00:00Z',
modified='2020-01-01T00:00Z',
description='This policy ensures compliance of xyz',
owner_ref=sailpoint.beta.models.sod_policy_owner_ref.SodPolicy_ownerRef(
type = 'IDENTITY',
id = '2c9180a46faadee4016fb4e018c20639',
name = 'Support', ),
external_policy_reference='XYZ policy',
policy_query='@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)',
compensating_controls='Have a manager review the transaction decisions for their "out of compliance" employee',
correction_advice='Based on the role of the employee, managers should remove access that is not required for their job function.',
state='ENFORCED',
tags=[TAG1, TAG2],
creator_id='0f11f2a4-7c94-4bf3-a2bd-742580fe3bde',
modifier_id='0f11f2a4-7c94-4bf3-a2bd-742580fe3bde',
violation_owner_assignment_config=sailpoint.beta.models.violation_owner_assignment_config.ViolationOwnerAssignmentConfig(
assignment_rule = 'MANAGER',
owner_ref = sailpoint.beta.models.violation_owner_assignment_config_owner_ref.ViolationOwnerAssignmentConfig_ownerRef(
type = 'IDENTITY',
id = '2c9180a46faadee4016fb4e018c20639',
name = 'Support', ), ),
scheduled=True,
type='GENERAL',
conflicting_access_criteria=
)

[Back to top]