Navigate to System Properties > Security.
In the Attachment limits and behavior section, locate the List of roles (comma-separated) that can create attachments: property (glide.attachment.role).
Enter one or more roles separated by commas.
Only roles listed in this property are able to upload attachments to a record. If no roles are entered, then all roles can upload attachments to ServiceNow forms.
Click Save.
How to restrict users to upload an attachment in ServiceNow?
Working Code Asked question December 16, 2023