The CreatorCon Call for Content is officially open! Get started here.

Can a developer create ACLs without having admin or security_admin role?

MP22
Giga Contributor

‎07-04-2020 03:28 PM

Several developers are using a shared instance of ServiceNow, each with his/her own scope. Without granting admin or security_admin role to the developers, is there a way to assign roles to the developers such that they can create ACLs within their individual scopes? Is so, what roles should they be assigned.

Thank you for your help.

Labels:
0 Helpfuls
  • 1,712 Views
8 REPLIES 8

Shantharao
Kilo Sage

‎07-05-2020 09:12 PM

Hi MP,

 

No matter whether it is a global scope or custom scope, in order to create or modify ACLs, we should require security_admin role for sure.

 

 Mark Correct if my response solves your issue and also mark 👍 Helpful if you find my answer helps you based on the impact. 

0 Helpfuls

Ankush Jangle1
Kilo Guru

‎07-05-2020 09:18 PM

Hello,

 

security_admin role is required to create the ACL

 

 

 

Mark if helpful/correct if it helps you

0 Helpfuls

Harish Vaibhare
Kilo Guru

‎07-05-2020 09:20 PM

Hi,

without security_admin role you can not create new acl and even you can not edit the existing acl.

secirity_admin role is specially created to create or edit acl for security purpose,even if you have admin role and you don not have security_admin role they no use.

 

Kindly mark helpful and correct if it is useful.

Thanks.

0 Helpfuls

Gaurav Shirsat
Mega Sage

‎07-05-2020 09:32 PM

Hi Mp

In addition to Harish and Ankush I would Like to add my View.

as per the Service Now Docs,Importance of This Role as Follows:-

The security_admin role is an elevated privilege role provided with High Security Settings that lets users create and change access controls and change High Security Settings.

In the base system, only the default System Administrator (admin) user has the security_admin role. Since it requires elevating privileges, the admin user does not have this role at login. After elevating privileges, the admin user has the security_admin role for the duration of the user session.

The record for the System Administrator (admin) role is only visible to users who elevate privileges to the security_admin role.

To maintain high security, the security_admin role requires elevating privileges. Limit the users and groups to which you assign this role.

Please Refer the Below Docs for Additional Information:-

https://docs.servicenow.com/bundle/orlando-platform-administration/page/administer/security/concept/...

https://docs.servicenow.com/bundle/orlando-platform-administration/page/administer/roles/reference/r...

Please Mark Correct and Helpful

Thanks and Regards

Gaurav Shirsat

 
0 Helpfuls