Dear ServiceNow Community,
I'm encountering an issue with enforcing a Zero Trust Access (ZTA) policy in my scoped application, particularly regarding role limitations for admin users. Here's the scenario:
I have a table named "Books" within my scoped application, accessible to two roles: "Simple User" and "Admin." The admin role has full permissions, including the ability to create, read, update, and delete records, while the simple user role is restricted from creating new records.
To enforce the ZTA principle, I implemented a policy where if a user has the admin role, their role should be limited to the simple user role, effectively restricting their ability to create new records. However, despite applying this policy, users with the admin role, such as Abel, are still able to create new records.
I have double-checked the role assignments, ensured that the role limiting policy is correctly configured, and verified the access controls and permissions associated with the "Books" table. However, I'm still unable to prevent admin users from creating new records as intended by the ZTA policy.
Could someone please advise on why the ZTA policy might not be properly enforcing role limitations for admin users in this scenario? Suggest something that might be pre-requisite for applying ZTA policy.
Thank you
