How to restrict access to certain CIs?

Johannes
Kilo Sage

Hi,

We have some Service Maps with CIs that we would like to restrict the access to. We only want to restrict access to certain CIs, not whole classes, and using query business rules would probably slow down our huge CMDB a lot.
Is there already a lightweight ootb way to do this?
If not, I guess adding a boolean attribute to cmdb_ci, and restricting access the CIs where this is set to true to some ACL would be the easy way to customize this?
How about something like the Confidential records functionality in the GRC module, can we expect that to also come to the CMDB?

3 REPLIES 3

Mike_R
Kilo Patron
Kilo Patron

I agree with your approach of creating a boolean attribute and configuring an ACL.

 

If you are on Tokyo, or can wait until you get on Tokyo, there is a data filtration option. This might be beneficial.

 

https://docs.servicenow.com/en-US/bundle/tokyo-platform-security/page/administer/security/concept/da...

Johannes
Kilo Sage

I had missed the new data filtration option, that looks really nice 👍

Yep, it's a great new feature.

If this resolved your question, can you please mark the answer as correct so it closes out the post.