cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IdentityNow Rule Guide - BuildMap Rule

IdentityNow Rule Guide - BuildMap Rule

Purpose

A BuildMap rule is used to manipulate the raw input data (provided via the rows and columns in the file) and build a map out of the incoming data.

 

Execution

  • Cloud Execution - This rule executes in the IdentityNow cloud, and has read-only access to The records from the Delimited File being imported, however it doesn't have access to on-premise sources or connectors.
  • Logging - Logging statements are currently only visible to SailPoint personnel.

 

 

Input

 

Argument Type Purpose
col java.util.List An ordered list of the column names from the file’s header record or specified Columns list.
record java.util.List An ordered list of the values for the current record (parsed based on the specified delimiter)
application sailpoint.object.Application The source object sent to the connector from IdentityNow.
schema sailpoint.object.Schema A reference to the Schema object for the Delimited File source being read.

 

 

Template

 

 

 

 

 

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Example Rule" type="BuildMap">
  <Description>Describe your rule here.</Description>
  <Source><![CDATA[

  // Add your logic here.

  ]]></Source>
</Rule>

 

 

 

 

 

Example

 

 

 

 

 

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule name="Example Rule" type="BuildMap">
  <Description>This basic rule performs the combines 2 values into a single attribute.</Description>
  <Source><![CDATA[

     import sailpoint.connector.DelimitedFileConnector;

     Map map = DelimitedFileConnector.defaultBuildMap( cols, record );
     String access = (String) map.get( "access" );
     String permission = (String) map.get( "permission" );

     if ( access != null && permission != null ) {
          map.remove("access");
          map.remove("permission");
          map.put("access", access + " - " + permission);
     }
     return map;

  ]]></Source>
</Rule>

 

 

 

 

 

Labels (1)
Comments

Great info.  But only SailPoint support can execute this, correct?  

Hi @Mike_E , Yes, rule installation is performed by SailPoint Services team, and as such rules have to go through a rule review process. For more information, refer https://community.sailpoint.com/t5/IdentityNow-Wiki/IdentityNow-Rule-Guide/ta-p/76665

Thanks. 

 

Using beta REST APIs, can we update BuildMap rule to the delimited file source?

If Yes i cannot find any connector Attribute related to BuildMap delimited file source for unlike JDBC. How to patch this rule to the Source.

I got the solution for the above query,

To patch the BuildMap rule to the Source, we can use APIs,

using the below method, rule can be added to the source:

PATCH : {{api-url}}/v3/sources/{id}
Content-Type: application/json-patch+json

[
{
“op”: “add”,
“path”: “/connectorAttributes/buildMapRule”,
“value”: “Rule Name”
}
]

 

Thanks

I have a similar requirement like the example above. I get the following error when I try to aggregate accounts:

sailpoint.connector.ConnectorException: BeanShell script error: Parse error at line 1, column 153. Encountered: ( BSF info: BuildMapRuleForADPAccess at line: 0 column: columnNo

I created buildmap rule using API beta/connector-rules and patched the source to use the rule.

====================beanshell======

import sailpoint.connector.DelimitedFileConnector;
Map map = DelimitedFileConnector.defaultBuildMap( cols, record );
String serviceRole = (String) map.get( \"Service Role\" );
String serviceType = (String) map.get( \"Service Type\" );
if ( serviceRole != null && serviceType != null ) {
map.put(\"access\", serviceType + \" - \" + serviceRole);
}
return map;

==================Rule====

 

{
    "name": "BuildMapRuleForADPAccess",
    "type": "BuildMap",
    "sourceCode": {
        "version":  "1.0",
        "script":  "import sailpoint.connector.DelimitedFileConnector;Map map = DelimitedFileConnector.defaultBuildMap( cols, record );String serviceRole = (String) map.get( \"Service Role\" ;String serviceType = (String) map.get( \"Service Type\" );if ( serviceRole != null && serviceType != null ) {map.put(\"access\", serviceType  + \" - \" + serviceRole);}return map;"
  },
    "description": "This rule concatenates serviceRole and serviceType to create entitlement",
    "signature": {
        "input": [],
        "output": {
            "name":  "access",
            "description":  "Concatenated access",
            "type":  "Map"
        }
    },
    "attributes": {}
}

 

Thank you

I had a syntax error in java code, once I fixed the error it worked! This is a connector execution rule, this page calls BuildMapRule as Cloud Execution.

Can we IDN Rule Utility in BuildMap Rule?

anyone notice that the document Input table shows an argument of "col" yet the example code uses "cols".  Which is it?

updating my own comment to say through testing can confirm it should be "cols"

Hi,

Can we use idn.getIdentityById in buildmap rue ?

 

Thank you,

Saikumar

Version history
Revision #:
5 of 5
Last update:
‎Apr 28, 2023 06:38 AM
Updated by: