1-Step Access Reviews
Configure a new access review using the quick builder.
Early Access: Please contact the Veza support team to enable this feature.
Overview
1-step access reviews enable administrators to quickly create, delegate, and initiate access reviews, without first creating a reusable review configuration.
The 1-step review wizard provides a streamlined builder for defining the scope of the review based on:
Pre-defined scopes for common scenarios and applications such as Okta, AWS, and Salesforce.
A saved query, either built-in or constructed using the query builder.
Creating a 1-step review
When 1-step reviews are enabled, administrators and operators can choose from two options when creating a review on the Access Reviews > Reviews page:
1-Step: Create a review using the quick builder by giving it a name, defining the scope, and configuring optional settings such as reviewers and due date.
Use Configuration: Open the full review builder to create a configuration, which can be used for recurring certification campaigns using the same scope. See Access Reviews Query Builder for more information on the full query builder.
To create a review with the 1-step builder:
On the Access Reviews > Reviews page, click Create Review > 1-Step.
1-Step Access Reviews Enter the required details:
Review name: This will be used to identify the review in Veza and reviewer notifications. Names should be unique to simplify tracking and reporting.
Scope: Choose an option to define the entities and relationships to review:
Quick Builder:
Application: Choose a provider from Integrations added to Veza.
Review Type: The type of entities and relationships to review: e.g., "Okta user AWS IAM group memberships"
Narrow Scope: Choose specific data sources Veza has discovered.
Saved Query: Choose from any out-of-the-box or user-defined query created using the Query Builder or Separation of Duties page.
Due date: Specify the Date (UTC) and Timezone when the review must be completed.
Reviewers: See Assigning Reviewers for more on assigning reviewers and auto-assignments.
Assign Reviewers: Assign default reviewers for all rows in the review.
Auto-assign reviewers: Assign row-level reviewers based on Veza metadata like managers or resource owners.
Fallback reviewers: Used when an auto-assignment is prevented or can't be found.
Second-level Reviewers: Require multi-level approval, with the option to assign to first-level reviewer's managers.
Access Intelligence: Show risk scores and risk level for rows in the reviewer interface.
Click Create and Publish to make the results available to reviewers, or click Create to save a draft and preview the results.
Notes:
New reviews created using the 1-step builder have the "1-Step" review type.
A review configuration is created in the background, which can be used to re-initiate reviews with that scope and provide historical decision data.
1-step access reviews use Digest Notification Settings to notify reviewers of assignments and deadlines, with the option to configure more granular notifications, reminders, and orchestration actions after review creation.
Last updated
Was this helpful?