| CPC G06F 21/6218 (2013.01) [G06F 16/22 (2019.01); G06F 16/27 (2019.01); G06F 16/2308 (2019.01); G06F 16/275 (2019.01); G06F 21/41 (2013.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01); H04L 67/1095 (2013.01); H04L 67/125 (2013.01)] | 18 Claims |
|
1. A computer implemented method, executed by one or more hardware processors, method comprising:
receiving a first command to add an access management tag to a user profile in an identity access management (IAM) system comprising a first database, the access management tag comprising a key value pair that defines an access privilege associated with the user profile, wherein the user profile is associated with at least one of a user, a role, or a group of users, and wherein the access privilege defines an access authorization by the user, the role, or the group of users to a computing resource;
sending a validation request for the access management tag to a tagging system comprising a second database;
receiving a positive validation response from the tagging system, wherein the positive validation response comprises a validation token and indicates that the access management tag satisfies validation criteria of the tagging system;
generating the access management tag by the IAM system;
storing the access management tag in the first database;
storing the validation token in the first database;
adding an entry for the access management tag in a synchronization table in the first database, wherein the entry lacks a synchronized flag;
performing, by the one or more hardware processors, a synchronization process between the first database and the second database;
determining that the entry of the synchronization table lacks the synchronized flag;
sending a request for the tagging system to write a copy of the access management tag to the second database, wherein the request comprises the validation token; and
setting the synchronized flag for the entry in the synchronization table.
|