Apply permissions to a service catalog variable

To control which users can create, write, update, read, and delete values for a service catalog variable, apply role-based permissions to the variable.

About this task

On the Variable form, you can select roles for the following fields to specify who has these permissions.
Table 1. Fields for service catalog variable permissions
Field Description
Create roles Roles that users must have to create values for the variable.
Read roles Roles that users must have to read values for the variable.
Update roles Roles that users must have to update values for the variable.
Write roles Roles that users must have to write values for the variable.

Procedure

  1. Navigate to Service Catalog > Catalog Definitions > Maintain Items, and select the catalog item with the variable that you want to set permissions for.
  2. In the Variables related list, select the variable.
  3. If the fields for the permissions that you want to set are not on the Variable form, configure the form layout to add these fields.
  4. Next to the field for the permission that you want to set, click the lock icon.
  5. In the window that opens for the permission, select the roles that should have the permission and move the roles to the Selected list.

    In the following figure, the itil role is selected in the Write roles window.

  6. Click Done after you finish selecting roles for the permission.

    On the Variable form, the roles that you selected are listed next to the field for the permission.

    The following figure shows the itil role listed next to the Write roles field on the form for the CPU Speed variable used by the Executive Desktop catalog item. With this setting, only users with the itil role can write values for the variable.

  7. Click Update.