How users are selected for reviews that are triggered by rules in RSA Identity Governance & Lifecycle 
4 years ago
Originally Published: 2019-07-02
Article Number
000054746
Applies To
RSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: All
 
Issue
Review runs triggered by rules do not use the review definition user selection criteria in RSA Identity Governance & Lifecycle. Instead, users are taken directly from the rule run and those users replace the user condition on the review definition for that run.

For example, note the below review definition user selection criteria. (In the RSA Identity Governance & Lifecycle user interface go to Reviews > Definitions > [name of review] > Edit Definition > User Selection tab.)
 
Review name = Transfer Review
Review Definition - User Selection

Also note the below Attribute Change Rule definition (Rules > Definitions > [name of rule])
 
User-added image

In this case, when the Transfer Review is run directly, users that have been transferred will not appear in the review results (users."Is Transferred" is null). However, when the Attribute Change Rule is run, users who are transferred show on the Transfer Review (users."Is Transferred" ='Yes') based on the Action defined for that rule which is to run the Transfer Review if a user has been transferred.

Note: Only reviews where the flag Available for Rule Actions under the General tab is checked may be triggered by Rules.



 
Resolution
This is expected behavior. The user selection criteria under the Review Definition is only applicable when the review is run directly and will not be used in rule actions.

There is an update in RSA Identity Governance & Lifecycle 7.1.1 P03 which clarifies this behavior. 
 
Notes

 

Related Articles

Trending Articles

Don't see what you're looking for?