Lab 4.2.1 Create Access Control

zamriy · 3 weeks ago

hi,

i have a question wrt the steps to Establish ACL Rules for the Incident table for Lab 4.2.1 in SNAA Course. i have tested these lab steps on both Xanadu and Zurich instances and both yielded the same results. after following all the steps to create these ACL rules, i noticed that the user with ITIL role could still read, create and write (update) the Incident opened for Service offering = Infinity (HHD). the purpose of the lab is to apply the ACL rules to the Incident table that so that any incidents with Service offering set to Infinity HHD could only be viewed, created and updated by users with role = u_holographic_handheld_hhd_user.

i believe these are replicable.

perhaps the gurus here could confirm this and help me to correct this issue if there are any missing steps for the lab involved.

GlideFather · 3 weeks ago

Hi @zamriy,

could you possibly share some more details? It's impossible to help you without seeing the ACLs, it would be just speculations ;))

_____
No AI was used in the writing of this post. Pure #GlideFather only

zamriy · 3 weeks ago

i hope these would be suffice:

same role and data condition were applied to the write and create rule. take note that the condition set was Service offering is Infinity (HHD).

thanks.

K Sankalp · 3 weeks ago

@zamriy

You can try to use Access Analyzer to get logs where ACL is failing, also as per my understanding you need to add conditions in ACL to filter Incident with Service offering.

Best Regards,

Sankalp

zamriy · 3 weeks ago

those ACLs were already filtered with data condition Service Offering plus Role.

rgds,

zamri