This sample policy allows you to compare a user’s current access to the access specified by Identity Manager roles. The policy ensures that all resource attributes specified by roles are set for the user.
This policy fails if:
The user is missing any resource attributes specified by roles
The user’s resource attributes differ from those specified by roles