create ACL for Record Producer

Somasekhar6 · ‎02-18-2024

Hi Team, When i Run Update set scan I got the below finding for my Record producer to remove that finding i need to create ACL could you please suggest what kind of ACL & How many ACL i need to create to remove this finding ?

Thanks for your Time.

Community Alums · ‎02-18-2024

Hi @Somasekhar6

Have you added any Roles to your record producer? The Roles field won't be available on the form view by default. You can add the OOB snc_internal role for now.

Please try it & let me know if it worked.

Please mark it as "Accept as Solution" and "Helpful". if this solution helped you.

Thanks & Regards,
Madhan Somesh.

Somasekhar6 · ‎02-18-2024

@Community Alums tried but same finding coming

Community Alums · ‎02-19-2024

Hi @Somasekhar6 ,

Could you please try adding any role for the Available for & Not Available from the related tabs of the record producer? This can help prevent the error which is showing up during the scan.

Please try and let me know if this worked.

Please mark it as "Accept as Solution" and "Helpful". if this solution helped you.

Thanks & Regards,
Madhan Somesh.

Akshay Gupta2 · ‎02-18-2024

Hi @Somasekhar6

You could try either configuring new ACL with appropriate roles or setting up user criteria one by one and check if it removes finding.

Identify the Security Requirement: Understand the specific security requirements for your Record Producer. Determine who should have access to the Record Producer and what actions they should be allowed to perform.
Create ACLs: Based on the security requirements, you may need to create Access Control Lists (ACLs) to control access to the Record Producer. ACLs define who can access the Record Producer and what actions they can perform.
Define ACL Rules: Define the rules for each ACL to specify which roles or users should have access to the Record Producer and what level of access they should have (e.g., read-only, write, delete). Consider creating separate ACLs for different roles or groups if access requirements vary.
Assign ACLs to the Record Producer: Once the ACLs are created, assign them to the Record Producer object. This can typically be done through the ServiceNow UI by navigating to the Record Producer record and configuring the security related list.
Test and Verify: Test the ACLs to ensure they are functioning as expected. Verify that users and roles can access and use the Record Producer according to the defined access control rules.
Consider User Criteria: In addition to ACLs, you may also need to define user criteria to further control access to the Record Producer. User criteria allows you to restrict access based on conditions such as user roles, groups, or other attributes.
Re-run Update Set Scan: After implementing ACLs and user criteria, re-run the update set scan to verify that the finding related to the Record Producer has been resolved.

The number of ACLs you need to create depends on your specific access control requirements. You may only need one ACL if the access control rules for the Record Producer are straightforward. However, if you have different access requirements for different roles or groups, you may need to create multiple ACLs to accommodate those variations.

Thanks

KSA Suhail · ‎02-18-2024

Hi @Somasekhar6,

I belive your organization is mantaining ACL / Roles to limit the visiblity record producers catalog item.

What you can do here is try to understand how your existing Record Producers are configured to over come this scan check. There will be something to do with role assocation / application scope / ACLs to it. I hope this helps..