Clive Morrish

RSA IGL Services 101: Reports - Locating ALL App-Roles in the Public DB

Blog Post created by Clive Morrish Employee on Dec 11, 2019

RSA IGL Services 101 blogs, help to explain various areas of RSA Identity Governance and Lifecycle, to ensure you are getting the most out of the product and following recommended practices. We hope to show you lots of great features, tips and tricks that you may not have been aware of!

 

Please reply below with any questions or hit like if this is helpful!

 

Product Area: Reports/Charts/Table's

Data: App-Roles

Summary: Application roles collected within "directories" are not located in the PV_APPLICATION_ROLE view but are instead found under PV_DIRECTORY_ROLE view. If you use directories and collect in APP-ROLES, you must take this into account for all your reports/charts that you create, so that you dont miss out any information. 

RSA Field Example: If creating a report/chart to display all app_roles within RSA IGL which have a "privileged" flag set to "yes", you will need to take into account both these tables in the SQL.

SQL Example:

select 
    application_id,
    name
from avuser.pv_application_role
where lower(privileged) = 'yes'
union all
select
    application_id,
    name
from avuser.PV_DIRECTORY_ROLE
where lower(privileged) = 'yes'

 

These images show where the data is found.

 

Within the Directory "Navision - SQL Database" we can see the "app role" called "db_access_admin"

When searching against PV_APPLICATION_ROLE table - the result is not found

When searching against PV_DIRECTORY_ROLE table - the result is found

 

Thought I'd share this to save others time if they weren't already aware.

 

Cheers,

Clive

Outcomes