Skip to main content

SodPolicy

Properties

NameTypeDescriptionNotes
idstrPolicy id[optional] [readonly]
namestrPolicy Business Name[optional]
createddatetimeThe time when this SOD policy is created.[optional] [readonly]
modifieddatetimeThe time when this SOD policy is modified.[optional] [readonly]
descriptionstrOptional description of the SOD policy[optional]
owner_refSodPolicyOwnerRef[optional]
external_policy_referencestrOptional External Policy Reference[optional]
policy_querystrSearch query of the SOD policy[optional]
compensating_controlsstrOptional compensating controls(Mitigating Controls)[optional]
correction_advicestrOptional correction advice[optional]
stateEnum [ 'ENFORCED', 'NOT_ENFORCED' ]whether the policy is enforced or not[optional]
tags[]strtags for this policy object[optional]
creator_idstrPolicy's creator ID[optional] [readonly]
modifier_idstrPolicy's modifier ID[optional] [readonly]
violation_owner_assignment_configViolationOwnerAssignmentConfig[optional]
scheduledbooldefines whether a policy has been scheduled or not[optional] [default to False]
typeEnum [ 'GENERAL', 'CONFLICTING_ACCESS_BASED' ]whether a policy is query based or conflicting access based[optional] [default to 'GENERAL']
conflicting_access_criteriaSodPolicyConflictingAccessCriteria[optional]
}

Example

from sailpoint.v2024.models.sod_policy import SodPolicy

sod_policy = SodPolicy(
id='0f11f2a4-7c94-4bf3-a2bd-742580fe3bde',
name='policy-xyz',
created='2020-01-01T00:00Z',
modified='2020-01-01T00:00Z',
description='This policy ensures compliance of xyz',
owner_ref=sailpoint.v2024.models.sod_policy_owner_ref.SodPolicy_ownerRef(
type = 'IDENTITY',
id = '2c9180a46faadee4016fb4e018c20639',
name = 'Support', ),
external_policy_reference='XYZ policy',
policy_query='@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)',
compensating_controls='Have a manager review the transaction decisions for their "out of compliance" employee',
correction_advice='Based on the role of the employee, managers should remove access that is not required for their job function.',
state='ENFORCED',
tags=[TAG1, TAG2],
creator_id='0f11f2a4-7c94-4bf3-a2bd-742580fe3bde',
modifier_id='0f11f2a4-7c94-4bf3-a2bd-742580fe3bde',
violation_owner_assignment_config=sailpoint.v2024.models.violation_owner_assignment_config.ViolationOwnerAssignmentConfig(
assignment_rule = 'MANAGER',
owner_ref = sailpoint.v2024.models.violation_owner_assignment_config_owner_ref.ViolationOwnerAssignmentConfig_ownerRef(
type = 'IDENTITY',
id = '2c9180a46faadee4016fb4e018c20639',
name = 'Support', ), ),
scheduled=True,
type='GENERAL',
conflicting_access_criteria=
)

[Back to top]