Automate User Permission Audit
Summary
This is a client script that creates a ticket if the applied user classes permissions are changed for the users or if new user classes are added or removed from the users.
This script creates a custom table user_class_mapping at the very first stage and then runs at every 2 hour interval and compare the Automate user's permission change by storing it to the temporary table and match with the stored custom table data.
If the changes found then it creates the ticket with the details.
Note: It is mandatory to run the script with SetEnvironment set to 1 during the initial script import stage so that it allows to create the custom table user_class_mapping and system property pvl_parentclientid.
Sample Run
Dependencies
- System Property
pvl_parentclientid- By default it is set to 1 which is reserved for the primary client in most environment.
- Custom table user_class_mapping
- It stores the Automate user's permission history.
Variables
| Name | Description |
|---|---|
| Client_ID | This stores the clientid that it fetched from the system property pvl_parentclientid |
| PermissionChangeAudit | It stores the record for the Automate users who permission changes detected in last script execution. |
User Parameters
| Name | Example | Required | Description |
|---|---|---|---|
| SetEnvironment | 1 | False | If the SetEnvironment = 1, it will create the custom table user_class_mapping and system property pvl_parentclientid |
System Property
| Name | Default | Value |
|---|---|---|
| pvl_parentclientid | 1 | Set the Client ID in it so that it can create ticket respective to the clientid provided in the system property. Note: By default it is set to 1. |
Output
- Ticket
Ticketing
It creates a one single ticket with the clientid referenced in the system property pvl_parentclientid.
Please NOTE : There will be always a new ticket for a new permission change. The script is not commenting about any changes on an old ticket. This is to keep our partner notified about the new changes.
To enable comment and avoid any new ticket, please enable steps for comment in the script.
Ticketing:
Subject:
Automate User(s) Permission Change Detected.
Body:
Automate User(s) Permission Change Detected. Refer to the below logs for the detail:
@PermissionChangeAudit@