Enforce Read Roles for Catalog Variable Search [New in Security Center 7.0]

リリースバージョン: Australia

更新日 2026年03月12日

所要時間：2分

Use system properties to ensure that only catalog variables with an empty read role are indexed for search.

When the property glide.ais.ingestion.ignore_catalog_variables_read_roles is set to the recommended value of false, only catalog variables with an empty read role are indexed for search. If this property is set to true then all variables are indexed for search regardless of any read roles specified on the variable.

Verify that the glide.ais.ingestion.ignore_catalog_variables_read_roles system property does not exist in the System Properties [sys_properties] table, or exists and is set to false.

More information


Attribute	Description
Configuration name	glide.ais.ingestion.ignore_catalog_variables_read_roles
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	false
Default value	false
Category	Access control
Functional impact	This property affects the indexing of searchable content from catalog variables that require specific roles for read access.
Security risk	Severity score: 2.6 CVSS score: Low Security risk details: Users will be able to search for variables that they do not have read roles to access to causing information disclosure.
Dependencies	None
References	Service catalog variables