This article explains how to configure the Cloudaware ServiceNow application. Cloudaware extends the Configuration Item table in ServiceNow with additional cloud inventory data.
Prerequisites
1. Ensure you have the license for ServiceNow IntegrationHub Enterprise Pack.
2. Ensure you have the license for ServiceNow Workflow Studio.
3. Сontact support@cloudaware.com to get credentials required for this integration (Service Account private key, the .p12 certificate file, Project Id, and Dataset Id).
4. Download the .xml file for application installation.
Configure Cloudaware application in ServiceNow
Cloudaware provides credentials for setting up ServiceNow-to-Google integration. This integration is required for authorization based on JWT. JWT Provider will be used as Connection when configuring the data update workflow.
Set up ServiceNow-to-Google integration
1. Set up JWT key(a) and JWT certificate(b):
a) Go to All → System OAuth → JWT Keys.
Click New and fill out the form:
WHERE
Name: set up a meaningful name, e.g. Google JWT Key
Signing Key: insert notasecret
Signing Keystore: click the magnifier icon (Lookup using list) to create a new signing keystore - see the point b) below
b) In a pop-up window, click New to create a JWT certificate that will serve as a signing keystore:
WHERE
Name: set up a meaningful name, e.g. Google JWT Certificate
Type: select 'Java Key Store' from the list
Key store password: insert notasecret
Click the paper clip icon (Manage attachments):
Click Choose file to attach the .p12 certificate file provided by Cloudaware. Click Submit.
c) Go back to setting up the JWT key. In Signing Keystore, click the magnifier icon (Lookup using list) and select the certificate Google JWT Certificate in a pop-up window.
Click Submit.
2. Set up JWT Provider.
Go to All → System OAuth → JWT Providers:
Click New and fill out the form:
WHERE
Name: set up a meaningful name, e.g. Google JWT Provider
Signing Configuration: click the magnifier icon (Lookup using list) and select the configured Google JWT Key from the list
Click on the name of the JWT provider (in this example, Google JWT Provider) to edit settings.
Select the tab 'Standard Claims'. Add the following claims:
iss - string - Service Account email address provided by Cloudaware
sub - string - Service Account email address provided by Cloudaware
aud - string - https://oauth2.googleapis.com/token
Click Update.
3. Set up Application Registry:
Go to All → System OAuth → Application Registry.
Click New → select 'Connect to a third party OAuth Provider' from the list.
Fill out the form:
WHERE
Name: set up a meaningful name, e.g. Google JWT
Client ID: set up as notneeded
Client secret: set up as notneeded
Default Grant type: select 'JWT Bearer' from the list
Token: click the lock icon to insert https://oauth2.googleapis.com/token → click the lock icon to save
Refresh Token Lifespan: 10
Click Submit.
Click on the name of OAuth Entity Profile (in this example, Google JWT default_profile) to edit settings:
Next to the JWT Provider, click the magnifier icon (Lookup using list) and select the Google JWT Provider from the list.
Click Update.
4. Go back to JWT Providers. Select the configured Google JWT Provider from the list.
Select the tab 'Custom Claims'. Add a new claim: scope - string - https://www.googleapis.com/auth/bigquery.readonly
Click Update.
5. Set up Credentials.
Go to All → Connections & Credentials → Credentials.
Click New → select 'Auth 2.0 Credentials' from the list. Fill out the form:
WHERE
Name: set up a meaningful name, e.g. Google JWT Credentials
OAuth Entity Profile: select the configured OAuth Entity Profile (in this example, Google JWT default_profile)
Click Update.
Click Get OAuth Token to test the connection.
Go to All → Connections & Credentials Aliases. Click New.
Set the alias as Google JWT and save it by right-clicking on the upper grey menu.
In the section that appears below, click New to create a HTTP(s) Connection.
Fill out the form:
WHERE
Name: set up a meaningful name, e.g. Google JWT Connection
Credential: select Google JWT Credentials from the list
Check the box 'URL builder'. Insert the link http://bigquery.googleapis.com in 'Host'; insert /bigquery/v2/ in 'Base path’.
Click Submit.
Install the Cloudaware application
1. Go to All → Retrieved Update Sets:
2. Click the link Import Update Set from XML.
3. Choose the .xml file downloaded before. Click Upload.
4. Select the created application.
5. Click Preview Update Set.
6. Click Commit Update Set to install the application.
Please allow some time for the application to be created.
Configure the workflow
1. Go to All → Workflow Studio:
2. Open 'Flows'. Select the flow Update Import Settings and Fields Mapping.
.png?version=2&modificationDate=1730914082698&cacheVersion=1&api=v2&width=1289&height=588)
Click Test → Run test*:
*This should be done once only after the application is installed.
3. Go back to all flows. Set descending order in the column 'Updated' for quicker search. Select the flow Import All CI Data from Cloudaware from the list.
.png?version=1&modificationDate=1730913950841&cacheVersion=1&api=v2&width=1299&height=607)
4. In TRIGGER, click on the section to schedule a trigger. Select 'Scheduled' → Daily* → set the time:
*The recommended frequency is once a day.
Click Done.
5. In ACTIONS, click Set Flow Variables to select:
WHERE
Connection Alias - select the Connections & Credentials Aliases configured in the section 'Set up ServiceNow-to-Google integration' (in this example, Google JWT)
Cloudaware Import Settings Table - the value is auto-populated as this is a system table
Cloudaware Import Fields Mapping Table - the value is auto-populated as this is a system table
Project Id - use the Import Project Id provided by Cloudaware
Dataset Id - use the Import Dataset Id provided by Cloudaware
Click Done.
6. Save and activate the workflow.
Please allow some time for the data to be available. Check the status of data upload to tables.
Tables
As a result, the following tables will be created in ServiceNow:
System tables
Label | Name |
|---|---|
Cloudaware CI | x_ca_cmdb_ci |
Cloudaware CMDB Schema | x_ca_cmdb_schema |
CI Class Import | x_ca_cmdb_ci_class_import |
Cloudaware Import Settings | x_ca_cmdb_ci_class_import_settings |
Cloudaware Import Fields Mapping | x_ca_cmdb_import_fields_mapping |
Application tables
Label | Name |
|---|---|
AWS Account | x_ca_cmdb_aws_account |
AWS DynamoDB Backup | x_ca_cmdb_aws_dynamo_db_backup |
AWS DynamoDB Table | x_ca_cmdb_aws_dynamo_db_table |
AWS EBS Snapshot | x_ca_cmdb_aws_snapshot |
AWS EBS Volume | x_ca_cmdb_aws_volume |
AWS EC2 Image | x_ca_cmdb_aws_image |
AWS EC2 Instance | x_ca_cmdb_aws_instance |
AWS EC2 Security Group | x_ca_cmdb_aws_security_group |
AWS ELB Load Balancer | x_ca_cmdb_aws_load_balancer |
AWS ElastiCache Cluster | x_ca_cmdb_aws_cache_cluster |
AWS ElastiCache Node | x_ca_cmdb_aws_cache_node |
AWS Lambda Function | x_ca_cmdb_aws_lambda_function |
AWS RDS Cluster | x_gigwa_cloudawa_2_aws_db_cluster |
AWS RDS Instance | x_ca_cmdb_aws_db_instance |
AWS Redshift Cluster | x_ca_cmdb_aws_redshift_cluster |
AWS S3 Bucket | x_ca_cmdb_aws_bucket |
Data upload status check
To check the data upload status, append /x_ca_cmdb_ci_class_import_settings.do to the current URL in your web browser.
The full URL should be in the format https://YOURINSTANCE.service-now.com/x_ca_cmdb_ci_class_import_settings.do, where 'YOURINSTANCE' is a placeholder for your ServiceNow instance ID.