Application Role design example - ABC:PowerUser

Last modified 17 Mar 2022 11:34 +01:00
Business description

Role name

ABC:PowerUser

Description

Power user access to application ABC.

Application

ABC

Environment

PROD

Owner

John Stone

Access level

Power user

Risk level

4

Requestable

Yes

Approval policy

2 level approval - user’s manager and application owner

How to use

You can find application on https://internal.myorganization.com/app-abc.
Use your username and password for login.
Reports can be accessed on fileshare \\apphost3\reports

Technical description

Automatic provisioning

Resource 1

Resource name

Active Directory

Documentation

Create account in AD and assign to group abc-power-users

Object type

User

Entitlements (e.g. group membership)

Entitlement type (Attribute type)

Security group

Resource attribute (Attribute name)

cn=abc-power-users,cn=app-groups,dc=organisation,dc=com

Manual provisioning

Resource 2

Resource name

Windows hosts access

Documentation

Manually assign access to \\apphost\reports share.

Entitlements (e.g. group membership)

Entitlement type (Attribute type)

Windows share

Resource attribute (Attribute name)

apphost3-reports

Realization team

IT:APP:OPERATORS

Provisioning text

Assign user \{$focus/name} to local access group Reports on the windows host apphost3

Deprovisioning text

Remove user \{$focus/name} from local access group Reports on the windows host apphost3