AnsweredAssumed Answered

How to set filter for account level in Unauthorize change detection rule

Question asked by Hemanth Kumar on May 7, 2018
Latest reply on May 8, 2018 by Hemanth Kumar

Like • Show 0 Likes0
Comment • 2

Hi,

Our requirement says, we need to remove entitlement/app-role/groups access which have not been given via access manager (RSA Aveksa) system, i.e access given directly from the target (back door access).

I have configured a rule "Unauthorized change detection" where it removes ent/app-role/group from accounts.
But I don't want this rule to detect system accounts (admin accounts). How to control this in rule ? as I could not see any filter for accounts level

No one else has this question

Outcomes

1 Reply

Clive Morrish May 8, 2018 6:06 AM
Mark Correct
Correct Answer
Looking at the UI, these rules appear to be applied to any/all accounts:

However, could you update the associated workflow to handle the system accounts accordingly (assuming you have a way of identifying these)?
Like • Show 0 Likes0
Actions
- Hemanth Kumar @ Clive Morrish on May 8, 2018 6:39 AM
  Mark Correct
  Correct Answer
  Hi Clive Morrish,
  
  Yes, I do agree we can control this in workflow. However we may need to control this in all the workflows (In future workflow as well).
  
  I am wondering to control it in generic place (like in attribute or rule) so change is not required in workflow.
  Any thought please ?
  Like • Show 0 Likes0
  Actions

How to set filter for account level in Unauthorize change detection rule

Outcomes

Related Content

Recommended Content