This article explains how to set up the Cloudaware application in ServiceNow. Cloudaware extends the Configuration Item table in ServiceNow with additional cloud inventory data.
Prerequisites
1. Ensure you have the license for ServiceNow IntegrationHub Enterprise Pack.
2. Ensure you have the license for ServiceNow Workflow Studio.
3. Сontact support@cloudaware.com to get credentials required for this integration (Service Account private key, Import Project Id, and Import Dataset Id).
4. Download the .xml file for application installation.
Configure Cloudaware application in ServiceNow
Cloudaware provides credentials for setting up ServiceNow-to-Google integration. This integration is required for authorization based on JWT. JWT Provider will be used as Connection when configuring the data update workflow.
Set up ServiceNow-to-Google integration
Сreate JWT key(1) & JWT certificate(2) in ServiceNow:
1) Go to All → System oAuth → JWT Keys. Click New.
<...>
Set up a meaningful name, e.g. Google JWT Key
(signing key = password,
create a new signing keystore:
Set up a meaningful name, e.g. Google JWT Certificate -> select ‘java key store’ from the list, use the same password in key store password, attach the previously downloaded certificate -> Submit (the pop-up window closes)
Go back to adding a JWT key: in Signing Keystore select the created keystore (click the certificate name ‘Google JWT Certificate’ in the the pop-up window) -> Submit.Сreate JWT Provider in ServiceNow:
All -> System oAuth -> JWT providers -> New
Set up a meaningful name, e.g. Google JWT Provider
in Signing configuration, select the created key (Google JWT Key) from the list
Click the name of the provider. Select the tab Standard Claims. Set the following values for:
(iss - service account email address provided by Cloudaware
sub - service account email address provided by Cloudaware
aud - token https://oauth2.googleapis.com/token
-> updateСreate Application Registry in ServiceNow:
All -> System oAuth -> Application Registry -> New
Select Connect to a third party OAuth Provider from the list
Client ID: notneeded
Client secret: notneeded
Token: click the lock icon to insert https://oauth2.googleapis.com/token -> click the lock icon again to save
Default grant type: select JWT Bearer
Submit
By doing all this, you create an oAuth Entity Profile (ignore errors)
Drill into the profile (by clicking its name)
In JWT Provider select Google JWT Provider from the list
Click Update.Go back to JWT Provider -> select Google JWT Provider from the list. Select the tab Custom Claims. Click plus sign to add a new claim: scope - string - https://www.googleapis.com/auth/bigqueryAll -> type Connections & Credentials (under IntegrationsHub). Select Credentials. New
Select OAuth 2.0 Credentials from the list. For the oAuth Entity Profile, select Google JWT Profile created earlier. Save.
Click Get OAuth Token to test the connection.Go to Connections & Credentials Aliases. New. Set the name as Google JWT and save. In the table below, click New to create a HTTP(s) Connection. For the Credential, select JWT Credentials record created earlier.
Check the box URL builder - in Host input the link http://bigquery.googleapis.com; in Base path input the link - /bigquery/v2/
Save.
Install the Cloudaware application
2.1. Go to All → Retrieved Update Sets:
2.2. Click the link Import Update Set from XML.
2.3. Choose the .xml file downloaded before. Click Upload.
2.4. Select the created application.
2.5. Click Preview Update Set.
2.6. Click Commit Update Set to install the application.
Please allow some time for the application to be created.
Configure the workflow
1. Go to All → Workflow Studio:
2. Open 'Flows'. Select the flow Initial Filling Of The Mapping Data Table.
Click Test → Run test*:
*This should be done once only after the application is installed.
3. Go back to all flows. Set descending order in the column 'Updated' for quicker search. Select the flow Import All data from Cloudaware from the list.
4. Schedule a trigger. Select Scheduled → Daily* → set the time:
*The recommended frequency is once a day.
Click Done.
5. Set Flow Variables:
WHERE
Manage Imports Table - the value is auto-populated as this is a system table
Connection - select the JWT Provider configured in the section 'Set up Cloudaware application in ServiceNow' (point 1)
Mapping Table - the value is auto-populated as this is a system table
Import Project Id - use the Import Project Id provided by Cloudaware
Import Dataset Id - use the Import Dataset Id provided by Cloudaware
Click Done.
6. Save and activate the workflow.
Please allow some time for the data to be available. Check the status of data upload to tables.
Tables
As a result, the following tables will be created in ServiceNow:
System tables
Label | Name |
|---|---|
Cloudaware CI | x_gigwa_cloudawa_2_cmdb_ci_cloudaware |
Cloudaware System Metadata | x_gigwa_cloudawa_2_cloudaware_system_metadata |
Cloudaware Sys Import Tables List | x_gigwa_cloudawa_2_cloudawa_sys_import_tables_list |
Manage Imports Table | x_gigwa_cloudawa_2_list_of_imported_tables |
Mapping Table | x_gigwa_cloudawa_2_mapping_data |
Application tables
Label | Name |
|---|---|
AWS Account | x_gigwa_cloudawa_2_aws_account |
AWS DynamoDB Backup | x_gigwa_cloudawa_2_aws_dynamo_db_backup |
AWS DynamoDB Table | x_gigwa_cloudawa_2_aws_dynamo_db_table |
AWS EBS Snapshot | x_gigwa_cloudawa_2_aws_snapshot |
AWS EBS Volume | x_gigwa_cloudawa_2_aws_volume |
AWS EC2 Image | x_gigwa_cloudawa_2_aws_image |
AWS EC2 Instance | x_gigwa_cloudawa_2_aws_instance |
AWS EC2 Security Group | x_gigwa_cloudawa_2_aws_security_group |
AWS ELB Load Balancer | x_gigwa_cloudawa_2_aws_load_balancer |
AWS ElastiCache Cluster | x_gigwa_cloudawa_2_aws_cache_cluster |
AWS ElastiCache Node | x_gigwa_cloudawa_2_aws_cache_node |
AWS Lambda Function | x_gigwa_cloudawa_2_aws_lambda_function |
AWS RDS Cluster | x_gigwa_cloudawa_2_aws_db_cluster |
AWS RDS Instance | x_gigwa_cloudawa_2_aws_db_instance |
AWS Redshift Cluster | x_gigwa_cloudawa_2_aws_redshift_cluster |
AWS S3 Bucket | x_gigwa_cloudawa_2_aws_bucket |
Data upload status check
To check the data upload status, append /x_gigwa_cloudawa_2_list_of_imported_tables_list.do to the current URL in your web browser.
The full URL should be in the format https://YOURINSTANCE.service-now.com/x_gigwa_cloudawa_2_list_of_imported_tables_list.do, where 'YOURINSTANCE' is a placeholder for your ServiceNow instance ID.