Simulating a policy

You simulate a policy to evaluate the user membership of a service to check whether the membership meets your expectations. You can simulate dynamic provisioning policies and recertification policies. The simulation does not change the membership of the service. It shows you which users comprise the proposed membership of the service. Results can be viewed and saved as a CSV file.

Procedure

  1. If you do not have the policy selected, search for and select the service. Open the Manage Policies window to edit the policy.
  2. Click Run Simulation.
    Running a simulation in the Manage Policies window.
  3. Select a simulation type to run.
    • Dynamic provisioning policies.
      • Simulate all users in the directory. This option compares the policy selection to all users in Cloud Identity Service. Users that satisfy the policy are listed in the results as either being added or retained. Users that do not satisfy the policy are listed in the results as either removed from the service or not added.
      • Simulate all users currently in the group. This option compares the policy selection criteria against the attributes of all users that are currently in the service. Each user in the service is listed in the results as either removed or retained. No new users are listed as added.
      • Simulate a single user. This option compares the policy selection criteria against a selected user. That user is listed in the results as either retained, removed, added or not added. Search for the user by using their user name. Enter the first few characters of the user name in the Filter Users field, click Search Users, and select the user.
        Selecting a user in the Manage Policies window.
    • Recertification policies.
      • Simulate all current service members. This option compares the policy selection criteria against the attributes of all users that are currently in the service. Each user in the service is listed in the results as either included or excluded. No new users are listed as added.
      • Simulate a single service member. This option compares the policy selection criteria against a selected user. That user is listed in the results as either included, excluded, added or not added. Search for the user by using their user name. Enter the first few characters of the user name in the Filter Users field, click Search Users, and select the user.
        Selecting a user in the Manage Policies window.
  4. Click Run Simulation.
    • The results for a single user provisioning policy simulation are displayed in the Simulate Provisioning Policy window.
    • The results for a single user recertification policy simulation are displayed in the Simulate Recertification Policy window.
    Close the Simulate Policy window to return to the Manage Policies window, and click Cancel.
  5. Click Refresh in the Manage Policies window to view the results of simulations. When the simulation is complete, a check mark icon and a link to a CSV file are displayed.
    Selecting a results CSV file in the Manage Policies window.
  6. View the results.
    • Click the check mark icon Check mark icon to open the Simulation Results window. You can select which results columns to view by clearing or checking the column header check boxes. Close the Simulation Results window to return to the Manage Policies window.
      Note: Clicking Clear Simulation Results clears all the results from the Simulation Results window and the Manage Policies window.
    • Click the CSV icon CSV icon to view the results in a CSV file. You can open the file or save the file.

What to do next