Introduction
When attempting to request for infrastructure through the Terraform ServiceNow Service Catalog integration, the action is denied with the following error:
Read operation on table 'sys_app' from scope 'Terraform' was denied. The application 'Terraform' must declare a cross scope access privilege. Please contact the application author to update their privilege requests.
Cause
This is caused by ServiceNow application access settings and can occur when scoped resources, such as tables, are configured to deny access to other scopes.
Solution
To resolve this, a ServiceNow administrator can perform the following steps to grant the Terraform application read access on the sys_app
table through a cross scope privilege record:
- Go to system applications > application cross-scope access
- Click new to add a new record
- Set source scope to terraform, target scope to global, target name to sys_app, target type to table, and operation to read, as shown in the screenshot below