- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2025 07:42 AM
Hello,
we have a problem with OOB SG AWS key rotation setup:
Exception occurred while rotating keys for SG-AWS-CredentialAlias-Org, Error Message: com.glide.script.fencing.MethodNotAllowedException: Function „setDisplayValue“ is not allowed in scope „sn_aws_integ“
from AWS side looks all good, but the issue is: the script will replace the keys, the old one, which now can NOT be overwritten, will stay in ServiceNow, which means SG-AWS will be completely broken.
As this is OOB (scoped application), no changes should be made, I'm wondering if someone else had a same problem.
Thanks!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2025 08:51 AM - edited 07-03-2025 08:53 AM
Hi @strahinjast,
You're encountering a specific error: com.glide.script.fencing.MethodNotAllowedException: Function „setDisplayValue“ is not allowed in scope „sn_aws_integ“
during Service Graph Connector for AWS key rotation. This means the out-of-the-box (OOB) script is attempting an action (setDisplayValue
) that is restricted within the sn_aws_integ
scoped application, preventing the old keys from being overwritten and breaking the connector.
Have you checked for -
-
Version Incompatibility: A conflict between your ServiceNow instance version and the SGC connector's version, or a recent patch? Which version are you currently on?
-
ServiceNow User's SnowAccountAccessPolicy IAM permissions: For SGC AWS, Specific IAM permissions are required for a ServiceNow user where it is created. These roles are packaged as part of CreateServiceNowUser.yml with the policy SnowAccountAccessPolicy. If you need AWS Key rotation feature, then you should have 'iam:CreateAccessKey' and 'iam:DeleteAccessKey' permissions assigned in the policy. Can you verify this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2025 08:51 AM - edited 07-03-2025 08:53 AM
Hi @strahinjast,
You're encountering a specific error: com.glide.script.fencing.MethodNotAllowedException: Function „setDisplayValue“ is not allowed in scope „sn_aws_integ“
during Service Graph Connector for AWS key rotation. This means the out-of-the-box (OOB) script is attempting an action (setDisplayValue
) that is restricted within the sn_aws_integ
scoped application, preventing the old keys from being overwritten and breaking the connector.
Have you checked for -
-
Version Incompatibility: A conflict between your ServiceNow instance version and the SGC connector's version, or a recent patch? Which version are you currently on?
-
ServiceNow User's SnowAccountAccessPolicy IAM permissions: For SGC AWS, Specific IAM permissions are required for a ServiceNow user where it is created. These roles are packaged as part of CreateServiceNowUser.yml with the policy SnowAccountAccessPolicy. If you need AWS Key rotation feature, then you should have 'iam:CreateAccessKey' and 'iam:DeleteAccessKey' permissions assigned in the policy. Can you verify this?