ACL for read access to every table

Go to solution
jna2756
Tera Expert

‎06-16-2016 06:01 AM

Hi all,

We have a need to create an ACL for a user/role (it's a service account) that will have read access to every table on ServiceNow. I assume creating a " *.* " read ACL with the custom role we created for the user will work but wanted to double check make sure this wouldn't affect anything else since it is " *.* ".

Thanks in advance,

Joshua Anderson

Labels:
0 Helpfuls
  • 6,753 Views
1 ACCEPTED SOLUTION

Go to solution
JC Moller
Giga Sage

‎06-16-2016 06:37 AM

Hi,



Could you take advantage of the snc_read_only role?



I have used it in similar situations in combination with some other roles/groups that give access to the tables themselves. Quick and less dirty



ServiceNow Read Only Role - ServiceNow Wiki



BR,



Jan


View solution in original post

8 REPLIES 8

Go to solution
Chuck Tomasi
Tera Patron
In response to JC Moller

‎06-16-2016 06:46 AM

I love the option of snc_read_only role. I believe that came along in Fuji.



The integration account still needs to be granted access to all those tables. It would have to be coupled with another role that already has access to those tables such as admin.



Two options:


  • Option A: Create some ACLs to grant that new role read access on all records on all tables on all fields
  • Option B: Grant that account admin+snc_read_only role


I love this community!


Go to solution
jna2756
Tera Expert
In response to Chuck Tomasi

‎06-17-2016 07:59 AM

Thanks for the Help Chuck and Jan, I greatly appriecate it.



-Joshua Anderson


0 Helpfuls

Go to solution
dpr1
Kilo Contributor
In response to Chuck Tomasi

‎07-21-2016 12:15 PM

Hi Chuck,



Would it be possible granting a snc_red_only role to a user, and still open to few selected fields to write on a record (lets take incident table)


Scenario : user has snc_read_only and itil role, so when he opens a incident record it will read only, but we want to enable write operation to few fields like short description and additional comments.


I tried having additional ACLs but snc_read_only take the final call and shows read only view of the record.
how can we achieve this? Appreciate your assistance in advance, thx



regards,


Durga.


I


0 Helpfuls

Go to solution
Chuck Tomasi
Tera Patron
In response to dpr1

‎07-21-2016 01:08 PM

That's right Durga. snc_read_only role has the final word. It all becomes read-only. It's hard coded in to the system and not the ACLs.