IdentityNow Rule Guide - BuildMap Rule

IdentityNow Rule Guide - BuildMap Rule

Purpose

A BuildMap rule is used to manipulate the raw input data (provided via the rows and columns in the file) and build a map out of the incoming data.

 

Execution

  • Cloud Execution - This rule executes in the IdentityNow cloud, and has read-only access to The records from the Delimited File being imported, however it doesn't have access to on-premise sources or connectors.
  • Logging - Logging statements are viewable within the ccg.log on the Virtual Appliance and by SailPoint personnel.

 

 

Input

 

Argument Type Purpose
col java.util.List An ordered list of the column names from the file’s header record or specified Columns list.
record java.util.List An ordered list of the values for the current record (parsed based on the specified delimiter)
application sailpoint.object.Application The source object sent to the connector from IdentityNow.
schema sailpoint.object.Schema A reference to the Schema object for the Delimited File source being read.

 

 

Template

 

 

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Example Rule" type="BuildMap">
  <Description>Describe your rule here.</Description>
  <Source><![CDATA[

  // Add your logic here.

  ]]></Source>
</Rule>

 

 

Example

 

 

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Example Rule" type="BuildMap">
  <Description>This basic rule performs the combines 2 values into a single attribute.</Description>
  <Source><![CDATA[

     import sailpoint.connector.DelimitedFileConnector;

     Map map = DelimitedFileConnector.defaultBuildMap( cols, record );
     String access = (String) map.get( "access" );
     String permission = (String) map.get( "permission" );

     if ( access != null && permission != null ) {
          map.remove("access");
          map.remove("permission");
          map.put("access", access + " - " + permission);
     }
     return map;

  ]]></Source>
</Rule>

 

 

Comments

Great info.  But only SailPoint support can execute this, correct?  

Hi @Mike_E , Yes, rule installation is performed by SailPoint Services team, and as such rules have to go through a rule review process. For more information, refer https://community.sailpoint.com/t5/IdentityNow-Wiki/IdentityNow-Rule-Guide/ta-p/76665

Thanks. 

 

Using beta REST APIs, can we update BuildMap rule to the delimited file source?

If Yes i cannot find any connector Attribute related to BuildMap delimited file source for unlike JDBC. How to patch this rule to the Source.

I got the solution for the above query,

To patch the BuildMap rule to the Source, we can use APIs,

using the below method, rule can be added to the source:

PATCH : {{api-url}}/v3/sources/{id}
Content-Type: application/json-patch+json

[
{
“op”: “add”,
“path”: “/connectorAttributes/buildMapRule”,
“value”: “Rule Name”
}
]

 

Thanks

I have a similar requirement like the example above. I get the following error when I try to aggregate accounts:

sailpoint.connector.ConnectorException: BeanShell script error: Parse error at line 1, column 153. Encountered: ( BSF info: BuildMapRuleForADPAccess at line: 0 column: columnNo

I created buildmap rule using API beta/connector-rules and patched the source to use the rule.

====================beanshell======

import sailpoint.connector.DelimitedFileConnector;
Map map = DelimitedFileConnector.defaultBuildMap( cols, record );
String serviceRole = (String) map.get( \"Service Role\" );
String serviceType = (String) map.get( \"Service Type\" );
if ( serviceRole != null && serviceType != null ) {
map.put(\"access\", serviceType + \" - \" + serviceRole);
}
return map;

==================Rule====

 

{
    "name": "BuildMapRuleForADPAccess",
    "type": "BuildMap",
    "sourceCode": {
        "version":  "1.0",
        "script":  "import sailpoint.connector.DelimitedFileConnector;Map map = DelimitedFileConnector.defaultBuildMap( cols, record );String serviceRole = (String) map.get( \"Service Role\" ;String serviceType = (String) map.get( \"Service Type\" );if ( serviceRole != null && serviceType != null ) {map.put(\"access\", serviceType  + \" - \" + serviceRole);}return map;"
  },
    "description": "This rule concatenates serviceRole and serviceType to create entitlement",
    "signature": {
        "input": [],
        "output": {
            "name":  "access",
            "description":  "Concatenated access",
            "type":  "Map"
        }
    },
    "attributes": {}
}

 

Thank you

I had a syntax error in java code, once I fixed the error it worked! This is a connector execution rule, this page calls BuildMapRule as Cloud Execution.

Version history
Revision #:
3 of 3
Last update:
‎Apr 03, 2021 11:42 PM
Updated by: