ServiceNow Administrator Tutorials

>>

Chapter 10 - Access Controls (ACL)

>>

ACL Operations & Creating ACL Rules

10

ACL Operations & Creating ACL Rules

As we have discussed, the core of access control lists comprises permission types and security modules. In this topic, we will focus on the different ACL operation types and ways to create ACL rules. 

What are the ACL Operation Types?

In addition to the CRUD (create, read, write, and delete) operations that control basic access in the ServiceNow instance, there are a few advanced operations. These operations offer specific control over user interactions and platform features. 

list_edit (Inline Editing)

List_edit operations in ServiceNow allow users to edit fields directly from the list view. It prevents any mass updates through list views.

Users with write access but without list_edit access cannot edit fields from the list. They can only edit from the record form. 

Execute

The execute operation controls the permissions for server-side scripts, automated workflows, and system tools. It helps identify if a user or a system can run specific code or trigger actions. 

It helps secure the execution layer, preventing unauthorized users from running backend processes. 

save_as_template

The save_as_template operations verify and control whether a user can save a record as a template. It helps in maintaining integrity by preventing users from creating complex templates that bypass standard form configurations. 

If the operation is restricted by the admin, it is hidden from the context menu. 

Creating ACLs

Access Control Lists in ServiceNow are created to ensure data protection by verifying the CRUD operations. There are two ways to create ACLs rule types: row-level and column-level access. 

Creating Table ACLs

Table level ACLs or row-level access control provide access to an entire table. To create a table ACL, the steps are: 

  1. Ensure that you have the security admin role. 
  2. Find System Security in Access control through Application Navigator. 
  3. Click New. 
  4. Add attributes such as the record type, CRUD operations, and the target table name. Keep the field option as None. 
  5. Add permissions as per roles, conditions, and scripts. It will help define the access. 

Creating Field ACLs

Field level ACLs or column-level access provide restricted access to specific columns in the ServiceNow instance. The following steps are used to create field ACLs:

  1. Ensure that you have the security admin role. 
  2. Go to System Security in Access Control and click New. 
  3. Add attributes such as the record type, read and write operations, and the target table name. The Field dropdown must be set to the SPECIFIC FIELD you want to control (e.g., ‘salary’, ‘password’). 
  4. Add required roles and conditions.

Conclusion 

Now that we have come to an end, it is important to understand that Access Control Lists are an important part of the ServiceNow instance, as they ensure a record level security environment that allows businesses to validate who should be granted access to what.

In the next module, we will be covering Metrics in depth. 

Next Chapter

Sign Up for Free Demo

Book Free15-Minutes Career Counselling

Schedule Now
Call Us On