What role gives admin the write to read on all tables?

Go to solution
juan9
Giga Guru

‎12-09-2024 02:49 PM

I think if a user has the admin role they can read from any table.

Why is the admin role allowed to read from tables that they dont acls to?

 

I checked to see the acls the admin had before creating a dummy table:

Screenshot 2024-12-09 at 5.46.48 PM.png

I created a dummy table and I checked the acls associated with the admin again and didnt see a change.

 

so how am I able to see the table if I dont have the acls associated with that table?

0 Helpfuls
  • 434 Views
1 ACCEPTED SOLUTION

Go to solution
AshishKM
Kilo Patron
Kilo Patron

‎12-09-2024 02:57 PM - edited ‎12-09-2024 03:05 PM

Hi @juan9 ,

I get it , what you referring here but role "admin" exist since inception and has some special privileges that allow it to bypass many access control restrictions.

 

This behavior is by design and serves several important purposes:

  1. Elevated Privileges: The admin role is considered an elevated privilege role, which means it has broader access across the system.
  2. Override Functionality: ServiceNow has a built-in "admin override" functionality that allows administrators to access tables and records even without explicit ACL permissions.
  3. System Management: Administrators need comprehensive access to manage and troubleshoot the entire system effectively.
  4. Default Behavior: By default, the admin role is not treated as a regular role subject to normal ACL restrictions

This design ensures that administrators can perform their duties without being hindered by access restrictions, while still allowing for customization if stricter controls are required for compliance or security reasons.

 

-Thanks,

AshishKM


Please mark this response as correct and helpful if it helps you can mark more that one reply as accepted solution

View solution in original post

1 REPLY 1

Go to solution
AshishKM
Kilo Patron
Kilo Patron

‎12-09-2024 02:57 PM - edited ‎12-09-2024 03:05 PM

Hi @juan9 ,

I get it , what you referring here but role "admin" exist since inception and has some special privileges that allow it to bypass many access control restrictions.

 

This behavior is by design and serves several important purposes:

  1. Elevated Privileges: The admin role is considered an elevated privilege role, which means it has broader access across the system.
  2. Override Functionality: ServiceNow has a built-in "admin override" functionality that allows administrators to access tables and records even without explicit ACL permissions.
  3. System Management: Administrators need comprehensive access to manage and troubleshoot the entire system effectively.
  4. Default Behavior: By default, the admin role is not treated as a regular role subject to normal ACL restrictions

This design ensures that administrators can perform their duties without being hindered by access restrictions, while still allowing for customization if stricter controls are required for compliance or security reasons.

 

-Thanks,

AshishKM


Please mark this response as correct and helpful if it helps you can mark more that one reply as accepted solution