How to restrict ability to commit update sets
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-17-2023 06:23 AM
Is there a way to restrict the ability to commit and retrieve update sets? Within the system admin group, we're looking to further limit the ability to commit and retrieve update sets to a specified group that is more controlled.
Is there any way to limit access to update sets based on roles, scripts, etc. outside of the usual 'admin' OOB role?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-17-2023 06:26 AM
Hi @Kevin Recio ,
Refer to this link :
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0824660
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-17-2023 06:47 AM
Hi Sandeep,
Will this allow for restricting an admin user from update sets, or will they continue to have access to update set apps? This KB does show how to provide access to update sets to a non-admin role user, however we're looking to also limit admin users from update sets as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-19-2023 07:33 AM
Grant those users role ONLY READ access to the Update Set table [sys_update_set].
If I could help you with your Query then, please hit the Thumb Icon and mark as Correct !!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-19-2023 05:36 PM
Hi Hanumath,
It is my understanding that it is not possible (or at least very difficult) to restrict access to read-only for someone that has the 'admin' role. Are you saying that I need to limit the base OOB 'admin' role to read-only access to the Update Set table?
