Welcome to Community Week 2025! Join us to learn, connect, and be recognized as we celebrate the spirit of Community and the power of AI. Get the details  

How to address instance scan issue with Record Producer to set role for it and for the script

Community Alums
Not applicable

‎09-12-2022 01:48 PM

Hi Expert,

 Any suggestions how to address the instance security scan issue for record producer as below?

Record producers should be assigned appropriate role, record producer script should secure GlideRecord and/or GlideSystem API calls.

 

Should just assign a public role to it? But the role field is always hide, also  how to address the script security in the record producer?

 

Thanks lot for your help!

Jerry

 

 

 

Labels:
0 Helpfuls
  • 711 Views
1 REPLY 1

Alisa Tipisova
ServiceNow Employee
ServiceNow Employee

‎02-22-2023 03:53 AM

If you look at the check's code, it says that all record produces containing server-side code (GlideRecord specifically) in script field should have a role selected in roles field. Honestly, I'm not convinced this makes a lot of sense, I'd rather use user criteria instead. But if you have a record producer that should be available to all your employees, select snc_internal role. If it should be visible to your customers (assuming you have CSM app) select snc_external.