Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Azure provisioning REST Connection ( Not the Azure AD) - Add Access Through ARS Request

saqib
New Contributor
New Contributor

‎09/11/2024 02:17 PM

I have created a Privilage in Resource Group Entitlement type , Which allows only Enum / String , I enabled Enum with Reader , Contributor , Owner .

saqib_0-1726089302368.png

 

When i request For Resource Group with Reader as Privilage type through ARS and submit request. Provisioning tasks are getting failed. 

 

I'm not able to view the json  it generated in logs. Response received is null with status code null.

Logs attached, Please let me know if any one implemented the provisioning of resource group.

 

OOTB JSON is : 

{ "name": "ResourceGroup",
"connection": "userAuth",
"privilegeEntitlement":{"privEntType":"RoleDefinition","privAttrName":"Roles"},
"url": "https://management.azure.com${entitlementValue.customproperty4}/providers/Microsoft.Authorization/roleAssignments/${UUID.randomUUID().toString()}?api-version=2015-07-01",
"httpMethod": "PUT",
"httpParams": "{ \"properties\": { \"roleDefinitionId\": \"${privEntVal.customproperty4}\", \"principalId\": \"${account.accountID}\" } }",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json"
}

 

Labels:
0 Kudos
10 REPLIES 10

rushikeshvartak
All-Star
All-Star

‎09/11/2024 02:23 PM - edited ‎09/11/2024 02:28 PM

  • Any reason for not using OOTB Azure AD connection ?
  • Please share logs in text format 
  • Please confirm if its working from postman?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

saqib
New Contributor
New Contributor
In response to rushikeshvartak

‎09/12/2024 01:05 AM

For provisioning of Azure ( Not Azure AD ), Rest is recommended as per docs. and yes it is working form post man.

0 Kudos

stalluri
Valued Contributor
Valued Contributor

‎09/11/2024 02:26 PM

@saqib 

OOTB Azure is working fine, May I know why you want to use Rest connector?


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

saqib
New Contributor
New Contributor
In response to stalluri

‎09/12/2024 01:06 AM

OOTB Azure can be used for provisioning , could be please give link in docs which exact one i have to use.

0 Kudos

stalluri
Valued Contributor
Valued Contributor
In response to saqib

‎09/12/2024 06:45 AM

@saqib 

AzureAD has OOTB.
Azure provisioning we have to use REST.



Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

saqib
New Contributor
New Contributor
In response to stalluri

‎09/13/2024 12:01 AM

@stalluri 

Yes we are trying with Azure provisioning using the REST connector , And the problem is on Priv Entitlement. in postman i'm able to provision correctly as im populating all the roledefination details manually.

 

saqib_0-1726210849177.png

 

{ "name": "ResourceGroup",
"connection": "userAuth",
"privilegeEntitlement":{"privEntType":"RoleDefinition","privAttrName":"Roles"},
"url": "https://management.azure.com${entitlementValue.customproperty4}/providers/Microsoft.Authorization/roleAssignments/${UUID.randomUUID().toString()}?api-version=2015-07-01",
"httpMethod": "PUT",
"httpParams": "{ \"properties\": { \"roleDefinitionId\": \"${privEntVal.customproperty4}\", \"principalId\": \"${account.accountID}\" } }",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json"
}

 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to saqib

‎09/13/2024 06:36 AM

Share logs


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to saqib

‎09/12/2024 08:05 AM


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

saqib
New Contributor
New Contributor
In response to rushikeshvartak

‎09/12/2024 11:05 PM

I'm trying to provision for Azure , Not Azure AD.

0 Kudos

stalluri
Valued Contributor
Valued Contributor

‎09/13/2024 07:30 AM - edited ‎09/13/2024 07:42 AM

@saqib 

Try this 
${entitlementValuesObj.customproperty4}  //role Definition Id is not empty
${account.accountID}           // make sure the principal Id  is not empty



Make sure you have values present in entitlement customproperty4 (ID) and this ID should be referred in entitlementtype customproperty4

${privEntVal.customproperty4}

 


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC