Unable to re-edit a RSA Identity Governance & Lifecycle condition containing IN for a rules definition
2 years ago
Originally Published: 2018-03-02
Article Number
000040801
Applies To
RSA Product Set:  RSA Identity Governance & Lifecycle
RSA Version/Condition: 6.9.1, 7.0.2, 7.1
 
Issue
A rule is created where the Condition for Are the only ones with access to any of contains an IN clause that was entered manually using the Advanced mode.  For example, approles.name in ('Access Request Administrator','Application Administrator')
 
Rule with an IN clause

However, when the condition is re-edited, there is no IN clause and in Advanced mode, the Where Clause textbox is empty.
 
Rule Edit Advanced Condition selection
 
Rule Edit Condition is blank

This results in the IN clause needing to be re-entered.
Cause
This is a product defect reported under engineering ticket ACM-84791.
Resolution
As of March 2018, there is no resolution to this issue.  Please see the workaround below.
Workaround
There are two workarounds, one using Advanced Mode and one using Simple Mode.

Advanced Mode

Manually enter the IN clause as a set of OR statements instead. For example, change: 
    approles.name in ('Access Request Administrator','Application Administrator')
    to: 
    approles.name = 'Access Request Administrator' OR approles.name = 'Application Administrator'
 

Please note that there is a maximum limit of 4000 characters.

Simple Mode

Alternately, do not use Advanced Mode, use Simple Mode. 
  1. Click on the object to be included:
User-added image
  1. Select the object values from the picklist and click OK.
User-added image

Related Articles

Trending Articles

Don't see what you're looking for?