Moving applications between instances
ServiceNow environments typically follow a multi-instance architecture: Development (DEV), Testing/QA (TEST), Staging/UAT (STAGE), and Production (PROD). Each instance serves a distinct purpose in the application life cycle. Development is where you build and iterate. Sub-production instances (TEST, STAGE, UAT) are where you validate changes safely before they reach end users. Production is the live environment that powers day-to-day business operations.
Core principle
The core principle is straightforward: never develop directly in production. All configuration and code changes originate in DEV, flow through one or more sub-production validation stages, and arrive in PROD only after passing quality gates including automated testing, Instance Scan checks, and stakeholder approvals.
When moving an application, every artifact associated with that application scope—business rules, script includes, UI pages, Access Control Lists, tables, flows, and so on must travel together as a coherent unit. Partial deployments create version mismatches and are a leading source of production incidents.
Security considerations for instance movement
- Credential isolation
- Integration credentials, API keys, and OAuth tokens must never be promoted from development to production. Use system properties marked as private or environment-specific credential stores.
- ACL validation
- Run Instance Scan on every deployment to verify that Access Control Lists follow least-privilege principles. Empty or overly permissive Access Control Lists are a common security gap.
- Role separation
- Developers should not have admin access in production. Use dedicated deployment service accounts with only the roles necessary to install applications.
- Data protection
- Ensure test data in sub-production does not contain unmasked production PII. Use data masking or anonymization during clone operations.