Aggrecation and provisional:
Provisioning refers to the automated process of managing the lifecycle of user access and
accounts across different systems and applications. This includes creating, updating, and
deactivating user accounts based on business rules and policies.
Process:
o Account Creation: When a new identity is created in SailPoint (e.g., a new
employee is hired), provisioning automates the creation of the necessary
accounts in various systems, such as email, enterprise applications, and cloud
services.
o Access Assignment: Based on predefined policies, SailPoint automatically
assigns the appropriate access rights and roles to the user. This ensures that
they have the necessary permissions to perform their job functions.
o De-provisioning: When an employee leaves the organization or changes roles,
SailPoint can automatically remove or adjust their access rights, ensuring they
no longer have access to systems they no longer need.
o Approvals and Workflows: Provisioning actions can be tied to approval
workflows, ensuring that changes to user access are reviewed and authorized
by the appropriate personnel.
Purpose: Provisioning streamlines the management of user access, reduces the
administrative burden, and ensures compliance with security policies by enforcing
least-privilege access.
Example: If an employee moves to a different department, SailPoint can
automatically update their access rights to match their new role, removing
unnecessary privileges and granting new ones as required.
Benefits of Aggregation and Provisioning:
Automation: Reduces manual intervention, leading to fewer errors and more efficient
identity management processes.
Security: Ensures that users have the appropriate level of access at all times,
minimizing the risk of unauthorized access.
Compliance: Helps organizations meet regulatory requirements by providing detailed
audit trails of who has access to what and why.
Scalability: Supports large and complex environments with multiple systems and
applications, ensuring consistent identity governance across the entire organization.
What is attributes:
In programming, attributes are properties or characteristics that you can assign to different
elements, like variables, objects, or classes. They provide additional information or behavior
to these elements,
3types of cloud computing:
he three main types of cloud computing are public cloud, private cloud, and hybrid cloud:
� Public cloud: The cloud provider hosts the computing infrastructure on their premises and
provides services to the customer over the internet. Many users can access the same remote
IT environment.
Private cloud: Used exclusively by one organization, such as a department or individual.
Hybrid cloud: A combination of public and private clouds.
4 rules creating to sailpoint:
Aggregation rules: Define how data from an application is aggregated
Provisioning rules: Run when provisioning requests are processed
Schema rules: Used for customization and vary by connector
Connector rules: Used during aggregation from specific connectors, such as JDBC, Delimited
File, and SAP
Correlation rules: Define identity correlation for applications whose accounts can't be
correlated to identities using a simple attribute match
Creation rules: Only run when a new identity is created during aggregation
Manager correlation rules: Specify how one identity should be linked to another in a
manager-direct-report relationship
Life cycle sailpoint:
In SailPoint, a user's lifecycle describes their status within an organization. Lifecycle states
can be used to:
Grant access: Give access profiles to users in a specific lifecycle state
Disable access: Automatically revoke access or disable source accounts for users who leave
the organization
Send invitations: Automatically send new user invitations when they enter a specified
lifecycle state
