Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/17/2024 11:49 AM
Hi,
I am attempting to import 'Permissions' attroibute of user profile from Tenable as a Role (Entitlement Type) into Saviynt. I successfully configured the entitlement name in the account's customproperty3 using an if-else condition, for example, if the permission equals 16, then customproperty3 is set to 'Basic User'. However, now my goal is to import these permissions as a Role (Entitlement Type) and I'm trying to establish the entitlement_value using an if-else condition.
Here is the JSON code I have attempted to use, but it is returning null where I am trying:
"colsToPropsMap": {
"entitlement_value": "entitlement_value==64?'Administrator':'Test'~#~char",
"entitlementID": "entitlement_value~#~char"
}
{
"accountParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {
"statusColumn": "customproperty1",
"activeStatus": [
"true"
],
"deleteLinks": true,
"accountThresholdValue": 100,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": true,
"deleteAccEntForActiveAccounts": true
},
"call": {
"call1": {
"callOrder": 0,
"http": {
"url": "https://cloud.tenable.com/users",
"httpHeaders": {
"X-ApiKeys": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"listField": "users",
"keyField": "accountID",
"colsToPropsMap": {
"accountID": "uuid~#~char",
"name": "username~#~char",
"displayName": "name~#~char",
"customproperty1": "enabled~#~char",
"customproperty2": "permissions~#~char",
"customproperty3": "#CONST#${response.permissions==64?'Administrator':response.permissions==40?'Scan Manager':response.permissions==32?'Standard User':response.permissions==24?'Scan Operator':response.permissions==16?'Basic User':''}~#~char",
"customproperty31": "STORE#ACC#ENT#MAPPINGINFO~#~char"
},
"makeProcessingStatus": false
}
},
"acctEntMappings": {
"Role": {
"importAsEntitlement": true,
"listPath": "",
"idPath": "permissions",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "entitlement_value==64?'Administrator':'Test'~#~char",
"entitlementID": "entitlement_value~#~char"
}
}
}
},
"entitlementParams": {
"connection": "acctAuth",
"processingType": "SequentialAndIterative",
"entTypes": {
"Role": {
"entTypeOrder": 0
},
"Groups": {
"entTypeOrder": 0,
"call": {
"call1": {
"callOrder": 0,
"http": {
"httpHeaders": {
"X-ApiKeys": "${access_token}",
"Accept": "application/json"
},
"url": "https://cloud.tenable.com/groups",
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET"
},
"listField": "groups",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlementID": "uuid~#~char",
"entitlement_value": "name~#~char"
},
"makeProcessingStatus": false,
"disableDeletedEntitlements": true
}
}
}
}
},
"acctEntParams": {
"connection": "acctAuth",
"entTypes": {
"Role": {
"call": {
"call1": {
"processingType": "acctToEntMapping",
"callOrder": 0,
"stageNumber": 0
}
}
},
"Groups": {
"call": {
"call1": {
"connection": "acctAuth",
"callOrder": 0,
"stageNumber": 0,
"processingType": "httpEntToAcct",
"http": {
"httpHeaders": {
"X-ApiKeys": "${access_token}"
},
"url": "https://cloud.tenable.com/groups/${id}/users",
"httpContentType": "application/x-www-form-urlencoded",
"httpMethod": "GET"
},
"listField": "users",
"entKeyField": "entitlementID",
"acctIdPath": "uuid",
"acctKeyField": "accountID"
}
}
}
}
}
}
04/17/2024 05:35 PM
try
"customproperty3": "#CONST#${response.permissions==64?'Administrator':'Basic User'}~#~char"
04/17/2024 09:39 PM
Hi @rushikeshvartak ,
We need the syntax for acctEntmappings, i.e. for entitlement_value in the below section of the JSON:
"acctEntMappings": {
"Role": {
"importAsEntitlement": true,
"listPath": "",
"idPath": "permissions",
"keyField": "entitlementID",
"colsToPropsMap": {
"entitlement_value": "entitlement_value==64?'Administrator':'Test'~#~char",
"entitlementID": "entitlement_value~#~char"
}
}
}
04/22/2024 12:58 AM
Hi @rushikeshvartak ,
Is there any solution available for this? Or this is not supported?
Regards,
Krunal
04/22/2024 02:00 AM
Can you try with separate block with url for ent mapping