We have a requirement to import only 12 entitlements from AAD Group whose DisplayName startwith "ZBR RPA", For that, we had already included the ENTITLEMENT_FILTER_JSON and performed the custom access in the job as well. 12 entitlements were imported successfully.
ENTITLEMENT_FILTER_JSON:
{
"group_filter": "startsWith(displayName, 'ZBR RPA')&$count=true"
}
Custom Access in Job:{
"importEntTypes": {
"AADGroup": {}
},
"excludeEntTypes": {
"ApplicationInstance": {},
"InterAppOauthPermissions": {},
"DirectoryRole": {},
"Subscription": {},
"Application": {},
"DirectoryRoleMember": {},
"SKU": {},
"ServicePlans": {},
"Team": {},
"Channel": {},
"MemberPermission": {},
"GuestPermission": {}
}
}
However, the account-entitlement mapping for the listed 12 entitlements is not happening in the entitlement hierarchy.
But once the job failed and all roles got imported at that time, I could see the mapping was happening for other entitlement, but those 12 entitlements are still not mapped.
Note: In target those 12 roles are associated with few accounts.
