|Applies To||RSA Product Set: RSA Identity Governance and Lifecycle |
RSA Version/Condition: 6.9.1 P08 or later
|Issue||Unable to create a new rule of the Attribute Change type that is looking for a condition of a deleted attribute (that is, Is Deleted or Deleted Date).|
|Cause||As part of a fix that prevents issues related to the use of the Is Deleted and Deleted Date attributes, these are no longer available on the drop down menu.|
Is Deleted and Deleted Date attributes are only populated for deleted user identities. In the attribute change rule, we are comparing two user entities: the previous entity versus the new entity. If there is any change in any of these attributes for newly/latest collected user identities, we capture them as attribute changes. But in the case of deletion, there is no previous entry in the table for the collected user; therefore, there is no way to compare the values so they will never be flagged by an attribute change rule. These columns were removed from the drop-down menu since their existence makes no sense for this rule type and causes confusion to the end-user.
|Resolution||This is intended behavior and working as designed. Use the Provisioning Termination rule to detect changes to terminated and/or deleted users.|
|Notes||The Attribute Change Rules are designed to detect changes to EXISTING users. It will not detect changes made to deleted users.|