Article Number
000039218
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.2.0 P02
Issue
Roles in RSA Identity Governance & Lifecycle may be configured so that role entitlements are not automatically given to members of the role. This is done by disabling the Generate Indirect Entitlements option under REQUEST SETTINGS in the request workflow used for Roles (Requests > Workflows > Request tab > {Workflow name}). When a technical or global role is added as an entitlement to a role and the role changes committed (Apply Changes), access to the technical or global role is still granted to the role member regardless of the Generate Indirect Entitlements setting. This is not true for other entitlement types.
Cause
This is a known issue reported in engineering ticket ACM-105105.
Resolution
This issue is being investigated by the Engineering team in order to provide a permanent resolution in a future release.