Saviynt Forums

shibinvpkvr · ‎09/22/2023

Team,

We have gone through the Saviynt - Azure integration guide and noted that many entitlements can only be imported but cannot be provisioned.

https://docs.saviyntcloud.com/bundle/Azure-v23x/page/Content/Supported-Features.htm

During an initial discussion with the customer about the connector capabilities following questions came up.

1. Can the connector bring in "Azure Management Groups" ? it is not mentioned in the documentation

2. Can the connector be extended to provision more types of access? currently it says only 4 types are supported for provisioning

3. Why AADGroup is showing under Azure as well? (We have already integrated AzureAD and AADGroup is already imported part of that)

sudeshjaiswal · ‎09/24/2023

Hello @shibinvpkvr,

1. Can the connector bring in "Azure Management Groups" ? it is not mentioned in the documentation - No, It's not supported right now.
2. Can the connector be extended to provision more types of access? currently it says only 4 types are supported for provisioning? - Yes. It can be extended as it uses RESt conneector for provisioning usecases.
3. Why AADGroup is showing under Azure as well? (We have already integrated AzureAD and AADGroup is already imported part of that) - AADGroups are not getting imported as part of Azure Connector but get copied from the mapped Azure AD endpoint.

Thanks,

chrismeisner · ‎10/05/2023

For #1 Access is granted to Azure resources at management group, subscription, resource group, and in the resources directly. Why would management groups be omitted? This is a huge gap. Can the connector be extended to include management groups?

sudeshjaiswal · ‎10/06/2023

Hello @chrismeisner,

Please create a enhancement with your requirement in the Saviynt's Ideas portal.

Thanks,

shibinvpkvr · ‎10/13/2023

https://ideas.saviynt.com/ideas/EIC-I-5160 created this