The Group Expansion connector will crawl and expand identities from the Identity Cache
Introduction
The Group Expansion connector can crawl and expand identities from the Identity Cache. The Identity Cache is part of the Aspire crawl state database. Typically, Elasticsearch is used as a repository for crawl state database and the Identity Cache is stored in the index aspire-identitycache. The Identity Cache works for connectors as a storage for their identities, like groups and users. For example, we can find in the Identity Cache: LDAP users and groups, Confluence users and groups etc. The purpose of the Group Expansion Connector is to crawl identities for required seeds, do group expansion and publish the expanded identities. The connector also supports custom mapping configuration for selected seeds.
What is group expansion
Let us use this example: if User1 is part of the group Grp1 and the group Grp1 is part of the group Grp0, then the result of the group expansion is updated information for User1. Instead of just having the group Grp1 in the user information, we will have now the list of 2 groups there: Grp1 and Grp0. This is what expanding groups means.
What is custom mapping
Some seeds require custom mapping for key attribute names. For example, we may need to map a username coming from Confluence connector to the standard AD name. We support two kinds of mapping:
- local: we can define which attribute name from the current identity should be used as an identity key.
- external: we can define the seed and mapping attributes to fetch identities for the purpose of mapping from. This would be typically LDAP/AD seeds.
Environment and Access Requirements
Repository Support
The Group Expansion connector crawls identities from the identity cache. The Identity Cache is part of the Aspire crawl state database. Typically, Elasticsearch is used as a repository for crawl state database and the Identity Cache is stored in the index aspire-identitycache.
Account Privileges
Not relevant here
Environment Requirements
No special requirements here
Framework and Connector Features
Framework Features
| Name | Supported |
|---|---|
| Content Crawling | yes |
| Identity Crawling | no |
| Snapshot-based Incremental s | yes |
| Non-snapshot-based Incremental s | no |
| Document Hierarchy | no |
Connector Features
The Group Expansion connector has the following features:
- Seeds filtering using include and exclude lists.
- Custom mapping configuration for selected seeds
Content Crawled
The Group Expansion connector is able to crawl the following objects:
| Name | Type | Relevant Metadata | Content Fetch & Extraction | Description |
|---|---|---|---|---|
| Seed | container | NA | The identities are grouped by seeds, and we crawl identities belonging to seeds | |
| Identity |
| NA | The identities with expanded groups |
Limitations
No limitations defined
Overview
Content Tools
Copyright © 2024 Accenture
