can we customize the condition in "Role Missing Entitlement" rule to select all Role from a Role set instead of selecting each role individually ?
sadly not really. You've found one of the oldest and most neglected parts of the product...
You can try to identify your roles by role attributes. Sadly the roleset name is not amongst them. Can you categorize them and set attribute values on the role level?
I created a custom String attribute by Name "Role Set" under Admin >> Attribute >> Role Tab. I selected it in Condition tab and mentioned the Role set name.
its trying to read the blank Role set value instead of reading the Role set name. Look at the below example .. its reading the value highlighted in red instead of value in Blue.
that makes sense as those are two different attributes that just happen to be called the same. I am afraid that you need to have something fill that red Role Set attribute. a custom workflow. or manually.
how many rulesets are we talking about that need the treatment of the missing entitlement rule?
we have 11 now but we will grow and approximately may become 25 in future
hmmm. and I guess a lot of roles. Maybe you can set an attribute on the roleset level, too. (e.g. Automated Re-provisioning of missing entitlements" and a value list of Yes/No). Then in the role fulfillment workflow copy that value into the new/changed role to a role attribute of similar naming. Then use that role attribute to control the rule.
Retrieving data ...