IAM in Service Catalog
This document describes support for UW employee location groups including naming, data integration, data quality, life-cycle and access controls.
Employee location groups are identified by UW Group IDs that conform to the UW Group Naming Plan.
The following affiliation/organization stem is reserved for them:
Data Integration Notes
Group IDs include a lower case version the location id, e.g.
Group Display Name
Display names include the location id, e.g.
Group descriptions include location id, e.g.
"Current employees who hold a position that has location ID "Seattle Other Buildings". This group is updated nightly from the HRPWS. It is available for appropriate business purposes in support of the UW mission. Access to the membership is controlled. Authorized clients are responsible for enforcing the defined access control policy and may not share employee group memberships with unauthorized parties without first obtaining authorization to do so. All users are expected to know and follow the rules related to ethical and appropriate use of UW computing and networking resources. Please contact email@example.com for questions about using this group."
Employee location groups have no owner or contact specified.
Employee location groups are classified as restricted.Restricted. See UW Groups Data Classification Guideline.
Group Access Controls
Employee location groups have a membership viewer control that enforces the defined access control policy (below). Only members of the u_groups_org_location-read are authorized to view these memberships.
UW G Suite
Employee location groups cannot be enabled for use in UW G Suite. Contact firstname.lastname@example.org to inquire more.
UW Exchange Status
Employee location groups cannot be enabled for use in UW Exchange. This business rule is in place to ensure the privacy restriction on the group memberships, which the current design of the UW Exchange service cannot enforce by itself. Contact email@example.com to inquire more.
Group Membership List
Memberships are reconciled nightly to accurately represent current operational data rather than historical data. Members are identified by UW NetID.