AnsweredAssumed Answered

Account Review - Coverage File

on Nov 4, 2019
Latest reply on Nov 8, 2019 by Mostafa Helmy

Like • Show 0 Likes0
Comment • 3

Hi All,

I'm working with a customer that has the following Review requirements:

Access (group, app-role, ent) within application/directory classified as 'superuser' to be reviewed by Business Owner
Access (group, app-role, ent) within application/directory classified as 'privileged' to be reviewed by Technical Owner

In addition to the above, the reviewer must have the ability to maintain/revoke at an account level and as a result I'm forced to use the Account Access and Ownership review type.

Looking at the Coverage Files help section in IG&L, it looks like the structure of coverage files within Account reviews is limited in comparison to User Access reviews.

Is it possible to add additional filtering to the account coverage file to include the access, for example:

user id='morric'|account name ='ryderk' and group name = 'example'

Thanks,

Clive

No one else has this question

Outcomes

3 Replies

Mostafa Helmy Nov 7, 2019 9:26 PM
Mark Correct
Correct Answer
I don't think that is possible based on the help page and examples. Seems the coverage file is a bit limited for account reviews.
Like • Show 1 Like1
Actions
- Clive Morrish @ Mostafa Helmy on Nov 8, 2019 4:59 AM
  Mark Correct
  Correct Answer
  After playing around with this I agree, which actually makes the account coverage file quite limited.
  
  I'll have to have a re-think...
  Like • Show 0 Likes0
  Actions
  - Mostafa Helmy @ Clive Morrish on Nov 8, 2019 6:34 AM
    Mark Correct
    Correct Answer
    For a similar problem with another customer, we ended up splitting the review into two reviews. Each one had a different scope and the subsequent relevant coverage configuration.
    1 person found this helpful
    Like • Show 1 Like1
    Actions

Account Review - Coverage File

Outcomes

Related Content

Recommended Content