This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Adding accounts to entitlement dynamically based on another entitlement

piyushm
New Contributor II
New Contributor II

‎11-29-2022 11:45 AM

Hello,

I am trying to check if there is a way to assign an entitlement to the user account based on another entitlement. For example, if a user has an entitlement with name containing a keyword(say aws) for the same endpoint then the user should automatically get Entitlement B.

One way is using the entitlement map and adding the entitlement to each entitlement having the aws keyword. But this not scalable as there will be hundreds of new entitlements created and each time we need to add the map for the newly created entitlement.

Other way is to use actionable analytics. But again this requires scheduling the analytics job and the requirement is that the addition of the automatic entitlement should be instant.

Can we trigger actionable analytics through some rule? Or Is there any other way to achieve this requirement?

Labels:
0 Kudos
22 REPLIES 22

rushikeshvartak
All-Star
All-Star

‎11-29-2022 01:41 PM

You can create request rule other 2 solutions you have already listed

entitlement map

actionable report


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II

‎11-30-2022 06:48 AM

@rushikeshvartakCan you please elaborate? I am not able to understand which condition to use.

0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-02-2022 11:20 AM

I followed the steps but the Request Rule is not getting triggered even after the approval process is completed. Below is the rule i created.

piyushm_8-1670008818996.png

Also I don't see Rules tab in the Organization that i created.

piyushm_0-1670008258690.png

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-02-2022 01:09 PM

Did you ran wsretry


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-02-2022 01:59 PM

Yes. There is no error in the logs. The pending tasks from the actual request are also created and completed.

Assuming it works, This still does not meet the use case requirement. If I am asking the user to select a dynamic attribute from the form then how is it different from asking the user to select that particular entitlement itself from the requestable entitlement list. The requirement here is that all users selecting any other aws entitlement should not have to select the console entitlement or any other dynamic attribute.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-02-2022 03:07 PM

Whats issue with analytics report ?

please share request rule


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-02-2022 03:45 PM

The analytics report needs to be scheduled and client does not want the end user to wait for job as the user needs to login to aws console( with that entitlement) immediately after the account request approval. They have explicitly stated that the process should be automated and not job based.

Request rule -

piyushm_0-1670024700275.png

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-02-2022 05:09 PM - edited ‎12-02-2022 05:09 PM

Does endpoint name matching with name visible on request history?

analytics you can run before wsretry and end user doesn’t need to wait


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-04-2022 09:01 PM

Yes, the name is matching.

They don't want to be go with Analytics option.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-04-2022 09:03 PM

Share logs after wsretry run and ARS Request history screenshot


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-06-2022 11:13 AM - last edited on ‎12-08-2022 08:03 AM by Community Manager

PFA the logs.  The new account task is 31963 and add access task is 31964. After that I ran the wsretry job. The organization entitlement task should have triggered but it didn't.

Request history screenshot.

piyushm_0-1670354016519.png

 

Preview file
2598 KB
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-06-2022 07:42 PM

There is no attribute name with Org


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-06-2022 07:49 PM

Where? In the endpoint ?

It is there.

piyushm_0-1670384974005.png

 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-06-2022 07:58 PM

on Request Approval


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II
In response to rushikeshvartak

‎12-07-2022 07:58 AM

I don't know why it is not showing on UI. But  it is there in the request_access_attrs  table.

piyushm_0-1670428724653.png

 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-07-2022 01:02 PM

Share dynamic attribute config


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II
In response to rushikeshvartak

‎12-07-2022 09:50 PM

piyushm_0-1670478547262.png

SQL -  select customername as Id from customer where customername='EIS'

 

0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-09-2022 10:12 AM

@rushikeshvartak  did you find anything from the logs or screenshot? Is there any configuration which is missing or incorrectly done? Let me know. Based on the feedback I need to create ticket if its a defect or if the feature is not working.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to piyushm

‎12-09-2022 10:35 AM

Please store Dynamic attribute value in accounts column


Regards,
Rushikesh Vartak
0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-09-2022 11:08 AM

@rushikeshvartak  Still after storing it as cp value in accounts column and after running the wsretry, the request rule task is not getting created.

0 Kudos

piyushm
New Contributor II
New Contributor II

‎12-14-2022 07:31 AM

@rushikeshvartak  Do you think any other config that I missed?

0 Kudos
Copyright © 2023 Khoros, LLC