Our requirement says, we need to remove entitlement/app-role/groups access which have not been given via access manager (RSA Aveksa) system, i.e access given directly from the target (back door access).
I have configured a rule "Unauthorized change detection" where it removes ent/app-role/group from accounts.
But I don't want this rule to detect system accounts (admin accounts). How to control this in rule ? as I could not see any filter for accounts level