Problem
When you request infrastructure through the Terraform ServiceNow Service Catalog integration, the action is denied with the following error:
Read operation on table 'sys_app' from scope 'Terraform' was denied. The application 'Terraform' must declare a cross scope access privilege. Please contact the application author to update their privilege requests.
Cause
This error is caused by ServiceNow application access settings. It can occur when scoped resources, such as tables, are configured to deny access to other scopes by default.
Solution
A ServiceNow administrator can resolve this issue by creating a cross scope privilege record to grant the Terraform application read access to the sys_app table.
- Navigate to
System Applications > Application Cross-Scope Access. - Select New to add a new record.
- Configure the record with the following settings:
-
Source Scope:
Terraform -
Target Scope:
Global -
Target Name:
sys_app -
Target Type:
Table -
Operation:
read
-
Source Scope: