Policy types for @turbot/servicenow-azure-iam
- Azure > IAM > Role Assignment > ServiceNow
- Azure > IAM > Role Assignment > ServiceNow > Configuration Item
- Azure > IAM > Role Assignment > ServiceNow > Configuration Item > Record
- Azure > IAM > Role Assignment > ServiceNow > Configuration Item > Table Definition
- Azure > IAM > Role Assignment > ServiceNow > Table
- Azure > IAM > Role Assignment > ServiceNow > Table > Definition
- Azure > IAM > Role Definition > ServiceNow
- Azure > IAM > Role Definition > ServiceNow > Configuration Item
- Azure > IAM > Role Definition > ServiceNow > Configuration Item > Record
- Azure > IAM > Role Definition > ServiceNow > Configuration Item > Table Definition
- Azure > IAM > Role Definition > ServiceNow > Table
- Azure > IAM > Role Definition > ServiceNow > Table > Definition
Azure > IAM > Role Assignment > ServiceNow
tmod:@turbot/servicenow-azure-iam#/policy/types/roleAssignmentServiceNow
Azure > IAM > Role Assignment > ServiceNow > Configuration Item
Synchronize the data for the Azure > IAM > Role Assignment
based on the policies Azure > IAM > Role Assignment > ServiceNow > Configuration Item > *
The Configuration Item control is responsible for automatically synchronizing records in a designated ServiceNow table, maintaining an up-to-date reflection of the Azure > IAM > Role Assignment
information within the ServiceNow CMDB.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleAssignmentServiceNowConfigurationItem
[ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete"]
{ "type": "string", "enum": [ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete" ], "example": [ "Skip" ], "default": "Skip"}
Azure > IAM > Role Assignment > ServiceNow > Configuration Item > Record
The policy facilitates the accurate representation of cloud resource within the ServiceNow environment, ensuring that critical data is effectively mapped and managed. Attribute of an Azure > IAM > Role Assignment
is systematically mapped to a specific column in a ServiceNow table.
The policy allows enabling organizations to select and map only those attributes that are most relevant to their operational needs. It significantly reduces the manual effort involved in data transfer and minimizes the risk of errors, thereby enhancing the overall efficiency of data management.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleAssignmentServiceNowConfigurationItemRecord
"{\n resource: roleAssignment{\n data\n metadata\n turbot {\n akas\n id\n tags\n title\n }\n }\n}\n"
"id: {{ $.resource.data.id | dump | safe }}\nprincipaltype: {{ $.resource.data.principalType | dump | safe }}\nprincipal_id: {{ $.resource.data.principalId | dump | safe }}\nroledefinitionid: {{ $.resource.data.roleDefinitionId | dump | safe }}\nrole_assignment_name: {{ $.resource.data.name | dump | safe }}\nscope: {{ $.resource.data.scope | dump | safe }}\nsubscription_id: {{ $.resource.metadata.azure.subscriptionId | dump | safe }}\ntype: {{ $.resource.data.type | dump | safe }}\n"
{ "type": "object"}
Azure > IAM > Role Assignment > ServiceNow > Configuration Item > Table Definition
This policy specifically allows users to define two key aspects: the name of the ServiceNow table where the Azure > IAM > Role Assignment
data will be stored, and the details of the columns used for archiving purposes.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleAssignmentServiceNowConfigurationItemTableDefinition
[ "{\n serviceNowInstance: resources(filter: \"resourceTypeId:tmod:@turbot/servicenow#/resource/types/instance level:self limit:1\") {\n items {\n turbot {\n id\n }\n }\n }\n}\n", "{\n tableDefinition: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow-azure-iam#/policy/types/roleAssignmentServiceNowTableDefinition resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n applicationScope: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow#/policy/types/serviceNowApplicationScope resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n}\n"]
"tableName: "{%- if $.applicationScope.items | length == 0 or $.tableDefinition.items | length == 0 %} {%- else %}{{$.applicationScope.items[0].value}}_{{$.tableDefinition.items[0].value.table.name | lower}}{% endif %}"\n"
{ "type": "object", "additionalProperties": false, "required": [ "tableName" ], "properties": { "tableName": { "type": "string" }, "archiveColumns": { "type": "object" } }}
Azure > IAM > Role Assignment > ServiceNow > Table
Configure a Table for Azure > IAM > Role Assignment
resource type in ServiceNow via the Azure > IAM > Role Assignment > ServiceNow > Table > *
policies.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleAssignmentServiceNowTable
[ "Skip", "Check: Configured", "Enforce: Configured"]
{ "type": "string", "enum": [ "Skip", "Check: Configured", "Enforce: Configured" ], "example": [ "Skip" ], "default": "Skip"}
Azure > IAM > Role Assignment > ServiceNow > Table > Definition
The policy enables the definition of ServiceNow table properties, including its name and the base table from which it extends, and details the specific columns required for representing Azure > IAM > Role Assignment
data.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleAssignmentServiceNowTableDefinition
{ "type": "object", "additionalProperties": false, "required": [ "table", "columns" ], "properties": { "table": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string" }, "extendsTable": { "type": "string", "pattern": "^([0-9a-z_])+$" } } }, "columns": { "type": "array", "description": "An array of columns with their mappings to the CMDB.", "default": [], "items": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "description": "The name of the column in the table.", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string", "description": "The label for the column." }, "type": { "description": "The data type of the column.", "type": "string" }, "size": { "type": "integer", "description": "The length for data type." } } } } }, "default": { "table": { "name": "guardrails_azure_iam_roleassignment", "label": "Azure > IAM > Role Assignment", "extendsTable": "cmdb_ci" }, "columns": [ { "name": "id", "label": "ID" }, { "name": "principaltype", "label": "Principal Type" }, { "name": "principal_id", "label": "Principal ID" }, { "name": "roledefinitionid", "label": "Role Definition ID" }, { "name": "role_assignment_name", "label": "Name" }, { "name": "scope", "label": "Scope" }, { "name": "subscription_id", "label": "Subscription ID" }, { "name": "type", "label": "Type" } ] }}
Azure > IAM > Role Definition > ServiceNow
tmod:@turbot/servicenow-azure-iam#/policy/types/roleDefinitionServiceNow
Azure > IAM > Role Definition > ServiceNow > Configuration Item
Synchronize the data for the Azure > IAM > Role Definition
based on the policies Azure > IAM > Role Definition > ServiceNow > Configuration Item > *
The Configuration Item control is responsible for automatically synchronizing records in a designated ServiceNow table, maintaining an up-to-date reflection of the Azure > IAM > Role Definition
information within the ServiceNow CMDB.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleDefinitionServiceNowConfigurationItem
[ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete"]
{ "type": "string", "enum": [ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete" ], "example": [ "Skip" ], "default": "Skip"}
Azure > IAM > Role Definition > ServiceNow > Configuration Item > Record
The policy facilitates the accurate representation of cloud resource within the ServiceNow environment, ensuring that critical data is effectively mapped and managed. Attribute of an Azure > IAM > Role Definition
is systematically mapped to a specific column in a ServiceNow table.
The policy allows enabling organizations to select and map only those attributes that are most relevant to their operational needs. It significantly reduces the manual effort involved in data transfer and minimizes the risk of errors, thereby enhancing the overall efficiency of data management.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleDefinitionServiceNowConfigurationItemRecord
"{\n resource: roleDefinition{\n data\n metadata\n turbot {\n akas\n id\n tags\n title\n }\n }\n}\n"
"assignable_scopes: {{ $.resource.data.assignableScopes | dump | safe }}\ndescription: {{ $.resource.data.description | dump | safe }}\nid: {{ $.resource.data.id | dump | safe }}\npermissions: {{ $.resource.data.permissions | dump | safe }}\nrole_definition_name: {{ $.resource.data.name | dump | safe }}\nrole_name: {{ $.resource.data.roleName | dump | safe }}\nrole_type: {{ $.resource.data.roleType | dump | safe }}\nsubscription_id: {{ $.resource.metadata.azure.subscriptionId | dump | safe }}\n"
{ "type": "object"}
Azure > IAM > Role Definition > ServiceNow > Configuration Item > Table Definition
This policy specifically allows users to define two key aspects: the name of the ServiceNow table where the Azure > IAM > Role Definition
data will be stored, and the details of the columns used for archiving purposes.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleDefinitionServiceNowConfigurationItemTableDefinition
[ "{\n serviceNowInstance: resources(filter: \"resourceTypeId:tmod:@turbot/servicenow#/resource/types/instance level:self limit:1\") {\n items {\n turbot {\n id\n }\n }\n }\n}\n", "{\n tableDefinition: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow-azure-iam#/policy/types/roleDefinitionServiceNowTableDefinition resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n applicationScope: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow#/policy/types/serviceNowApplicationScope resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n}\n"]
"tableName: "{%- if $.applicationScope.items | length == 0 or $.tableDefinition.items | length == 0 %} {%- else %}{{$.applicationScope.items[0].value}}_{{$.tableDefinition.items[0].value.table.name | lower}}{% endif %}"\n"
{ "type": "object", "additionalProperties": false, "required": [ "tableName" ], "properties": { "tableName": { "type": "string" }, "archiveColumns": { "type": "object" } }}
Azure > IAM > Role Definition > ServiceNow > Table
Configure a Table for Azure > IAM > Role Definition
resource type in ServiceNow via the Azure > IAM > Role Definition > ServiceNow > Table > *
policies.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleDefinitionServiceNowTable
[ "Skip", "Check: Configured", "Enforce: Configured"]
{ "type": "string", "enum": [ "Skip", "Check: Configured", "Enforce: Configured" ], "example": [ "Skip" ], "default": "Skip"}
Azure > IAM > Role Definition > ServiceNow > Table > Definition
The policy enables the definition of ServiceNow table properties, including its name and the base table from which it extends, and details the specific columns required for representing Azure > IAM > Role Definition
data.
tmod:@turbot/servicenow-azure-iam#/policy/types/roleDefinitionServiceNowTableDefinition
{ "type": "object", "additionalProperties": false, "required": [ "table", "columns" ], "properties": { "table": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string" }, "extendsTable": { "type": "string", "pattern": "^([0-9a-z_])+$" } } }, "columns": { "type": "array", "description": "An array of columns with their mappings to the CMDB.", "default": [], "items": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "description": "The name of the column in the table.", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string", "description": "The label for the column." }, "type": { "description": "The data type of the column.", "type": "string" }, "size": { "type": "integer", "description": "The length for data type." } } } } }, "default": { "table": { "name": "guardrails_azure_iam_roledefinition", "label": "Azure > IAM > Role Definition", "extendsTable": "cmdb_ci" }, "columns": [ { "name": "assignable_scopes", "label": "Assignable Scopes", "type": "string", "size": 1000 }, { "name": "description", "label": "Description" }, { "name": "id", "label": "ID" }, { "name": "permissions", "label": "Permissions", "type": "string", "size": 1000 }, { "name": "role_definition_name", "label": "Name" }, { "name": "role_name", "label": "Role Name" }, { "name": "role_type", "label": "Role Type" }, { "name": "subscription_id", "label": "Subscription ID" } ] }}