What is a one sentence summary of your feature request?
Natively use the dimensions defined on a Policy in the evaluation of Access Rules and to filter permissions that can be given to the users
Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.
The dimensions you can define on a Policy are not natively used by the role model.
For automated assignment rules, dimensions of the Policy are not evaluated meaning that you have to redefine the dimensions as criteria of the rule for each of them.
For manual assignments, Roles and ResourceTypes associated with a policy that has dimensions defined on it can be given to anyone that doesn’t match the dimensions if you don’t use filters in the NIM profiles.
Dimensions associated to a Policy should be natively used in automated assignment rules as criteria without having the need to respecify them in the rules.
Also, it would be great to have the possibility to say that natively, for permissions associated to a Policy, they can only be given to users matching the Policy’s dimensions without the need of any complicated configuration in the NIM profiles to do that filtering.
How do you currently solve the challenges you have by not having this feature?
At the moment, automated rules criteria matching the Policy’s dimensions are redefined on each rules and the filtering of the permissions for manual assignments is done through complicated filterings (related to this topic Add "Policy" in the filtering criteria of AssignedProfiles)