What-if for Authorization Change Management

From the Manage menu click What-ifs. The What-ifs home page is displayed.
Click New. A drop-down list displays a list of What-ifs that can be created for the Insights installed on your machine.
Click SAP - Authorization Change. The page for creating a new what-if is displayed.

Introduction

The What If Analysis for Authorization Change helps you determine the impact of a change in the authorizations for a role before actually making a request for it.

Creating a What-if Analysis for SAP - Authorization Change

If Access Manager for SAP is installed on your server, you will be able to generate a Authorization Change type of request from this type of What-if analysis as follows:

General Information

Use this panel to provide general information about the What-if such as the What-if name and other details, the connection through which data will be extracted for this What-if analysis.

Provide a name for the What-if task. This name identifies the task on the What-if home page.

From the drop-down list, select the priority of this What-if analysis. By default, the priority is medium.

Select a connection for the analysis. The What-if analysis is performed on the data extracted from this connection. You can set this connection as default from Preferences page.

To select a connection, type in a part of the connection name in the autosuggest text box. All connection names matching the search criteria will be displayed. Select the required connection.

Alternatively, browse and select the desired connection and click OK. The selected connection appears in the Connections field.

Note: In case of secured connections, users signed into IRC will be able to view and use only those connections that they have access to.

Note: A What-if analysis cannot be performed for a connection for which extraction is in progress. In such cases, the system displays an error message . To proceed with the What-if analysis, select another connection and fill in the remaining fields.

Select the role for which authorizations are to be modified.

To select a role, type in part of the role name in the autosuggest text box. All roles from the selected connection and matching the search criteria are displayed. Select the required role.

Alternatively, browse and select the desired role and click OK. The role appears in the Select Role field.

Authorizations

This panel displays a list of authorizations for the selected role. The panel enables you to add new authorizations to the role or to delete existing authorizations, if required.

To add new authorizations, type in a part of the authorizations name in the autosuggest text box. All authorizations names matching your search criteria are displayed. Select the desired authorizations names.

Alternatively, browse and select authorizations and click OK. The selected authorizations names appear in the Authorizations field and are marked with an icon.

Note: Click the icon next to the authorization to view its attributes. You can add or modify attribute value for every authorization.

Click the icon next to an attribute to see a text box. Enter a value and click the Add icon.

To delete authorizations:

Select the check box next to the authorization to be deleted and click the Delete icon.

Note: If all authorizations assigned to a role are deleted and no new ones are assigned, the What-if analysis will be completed successfully but will not generate violations.

Select Rule Books and Parameter Lists

In the Rule Books field, select the rule books to be used in the What-if analysis as follows:

Type in a part of the rule book name in the autosuggest text box. All rule books matching your search criteria are displayed. Select the required rule book.
Alternatively, browse and select the required rule books and click OK. The selected rule books are displayed in the panel below.
To select all rule books in the system, select the check-box All.

To remove a rule book from the list, select the rule book to be removed and click the Remove icon.

If the rules in the selected rule books use parameters in the rule conditions, you need to select the required parameter lists containing these parameters.

Note: If no parameter list is selected, the What-if analysis will be performed against all the available parameter lists.

All parameters attached to a rule must exist in the specified parameter list. The parameter list must also contain values for the parameters in the rule. If this is not the case, the rule will be skipped during analysis and the What-if will be partially analyzed. Rules without parameters will not be affected by this selection.

To select parameter lists:

In the Parameter Lists field, type in a part of the parameter list name in the autosuggest text box. All parameter lists matching your search criteria are displayed. Select the required parameter list.
Alternatively, browse and select the required Parameter List and click OK. The selected parameter lists are displayed in the grid below.
To select all parameter lists, select the check-box All.

To remove a selected parameter list, select the parameter list to be removed and click the Remove icon.

SAP - Authorization Change

Introduction

Creating a What-if Analysis for SAP - Authorization Change

General Information

Authorizations

Select Rule Books and Parameter Lists

More Details