Product : SailPoint IdentityNow
SailPoint IdentityNow is a modern SaaS-based Identity Governance and Administration (IGA) solution that provides a centralized way to see and control every user’s access to resources. It allows secure access to sensitive data, enhances audit response, and increases operational efficiencies. It automates robust, timely audit reporting, access certifications, and policy management. Additionally, it empowers users to manage access to applications, resources, and data through streamlined self-service requests and lifecycle event automation.
In IdentityNow, a customer is provided with 2 tenants – a sandbox and a production environment. An IdentityNow implementation team must plan, strategise, and test on the sandbox tenant before finalising and migrating changes to the production environment.
Use Case:
SailPoint IdentityNow does not have the capability to export Access Profiles and Roles. Thus, an IdentityNow implementation team must manually migrate sandbox tenant objects (Access Profiles and Roles) to the production environment. This requires exporting the sandbox tenant objects, mapping the individual objects and adding the membership criteria to each of the role objects. This process involves multiple screens or API calls. This is quite a tedious task for deployments with 100s of Access Profiles and Roles where there are increasingly large chances of human errors, misconfigurations and lost data.
Solution:
Our team created a Powershell Script which automates the process of exporting the Roles and Access Profiles. The script works by leveraging the IdentityNow powerful API to get the Role and Access Profile data, and recursively work to fetch additional properties. It creates separate CSV files for Roles and Access Profiles which can be combined with the Role and Access Profile Importer to facilitate a smooth migration, for Roles and Access Profiles, between the sandbox and the production tenants.
Benefits:
● Significantly reduced deployment times
● Geared towards automation – mitigating the chances of human error
● Repeatable and reusable scripts
How SecurDI can help ?
At SecurDI, our consulting services go beyond just technical implementation and solution selection from a cluttered technology market. We believe in fostering meaningful relationships with our clients, providing a 360-degree coverage of services to offer a complete solution. This approach considers all aspects of an organization’s needs, including future advancements in technology and other relevant factors. Our team of experienced professionals and subject matter experts bring diverse perspectives to the table, allowing us to deliver innovative and effective solutions.