Two possible versions of a business role can exist:
Published: Before you can publish a business role, it must go through the approval process and be approved, if it requires approval. A published business role is available for governance process and in the general catalog.
Deactivated: You can edit published, approved, and deactivated roles. When you edit a published business role, Identity Governance creates a draft of the business role that appears in the Draft tab that you can send for approval if required, publish, or discard. However, deactivated roles are not available for the governance process or in the general catalog.
The edit and approve cycle is a single cycle that is independent of the publication cycle. When you edit the published business role, Identity Governance creates a draft version of the business role.
The approval cycle is not independent of the draft. If no approval is required the draft is automatically approved but not published. If the draft is then published, it replaces the currently published version.
When the business role administrator deactivates a published role, three things can occur:
If there is an approved draft, Identity Governance archives the active version and the approved draft replaces it.
If there is not an approved draft when the published role is deactivated, Identity Governance prompts the administrator to keep the published version or the unapproved draft version of the business role.
If there is no draft, Identity Governance moves the published business role to the approval state.
When a business role is deactivated, the role cannot take part in the review process. The role must be published to be part of the review process. For more information, see Understanding the Review Process.
To Publish or Deactivate a business role:
Log in to Identity Governance as a Business Role or Global Administrator.
Under Policy, select Business Roles.
Select the business role to change, then select Edit.
If you have one version of the business role, select Publish or Deactivate the business role.
NOTE:Deactivating disables the role from being a part of the review process but does not automatically revoke all permissions. Permissions are only revoked if an user is no longer a member of the business role.
or
If you have multiple versions of the business role, select the Draft or Published tab, then select Publish or Deactivate.
NOTE:You must have two versions of the business role to have the Draft and Publish tabs appear.
If you have a number of business roles that need to be published, Identity Governance provides a way to publish all of the roles at the same time. On the Business Roles page, select the business roles to publish, then select Actions > Publish.