Use the Scope tab in the web client to assign accounts, account groups, assets, and asset groups to an access request policy.
To assign accounts, account groups, assets, and asset groups to an access request policy
-
In the web client, navigate to Security Policy Management > Entitlements > Access Request Policies, then create or edit a policy.
-
On the Scope tab:
-
Click Add from the details toolbar and select one of the following options:
-
Add accounts to this policy
-
Add account groups to this policy
-
Add an asset to this policy
-
Add an asset group to this policy
-
-
In the dialog, make a selection, and click OK.
If you do not see the selection you are looking for, depending on your Administrator permissions, you can create it in the dialog. (You must have Asset Administrator permissions to create accounts and assets. You must have Security Policy Administrator permissions to create account groups and asset groups.)
-
-
Repeat step one to make additional selections. You can add multiple types of objects to a policy; however, you can only add one type of object, like an accounts or account group, at a time.
All of the selected objects appear on the Scope tab in the Access Request Policy dialog. To remove an object from the list, select the object and click Delete.