Try Serpent Free
← Salesforce DevOps Glossary

Sharing Rules

Sharing rules extend record access beyond the org-wide default, and they deploy as metadata but the access they grant recalculates as a background job.

Definition

Sharing rules open up record access beyond what the org-wide default sharing setting allows, granting broader access to records based on record owner or a criteria match, without touching the underlying object's baseline sharing model. They only matter for objects whose org-wide default is Private or Public Read Only; if the org-wide default is already Public Read/Write, sharing rules have nothing to add. Rules deploy as metadata like any other component, but the actual access grants they produce are calculated and stored separately as sharing records, recalculated by an asynchronous job whenever a rule, role hierarchy, or group membership changes, so a rule can deploy successfully while the resulting access still takes time to apply, especially in orgs with large data volumes where a full sharing recalculation can run for hours. Our change sets to continuous delivery playbook covers access model changes as part of a release.

In practice

How it works in Serpent

Serpent tracks sharing rule changes by task with full history, so a rule that widens or narrows access is reviewable before it ships instead of getting buried in a bulk metadata deploy. See task-based workflow in Serpent for how changes get reviewed.

Approval and audit traceability in Serpent

Start free. No credit card, no install, no commitment.

Set up in under 15 minutes. No DevOps hire needed.

Curious about faster shipping before you dive in? Let's talk

Commitment free!