Validating Configurations
You are now ready to validate the AWS Service Management Connector for ServiceNow installation procedures.
AWS Service Catalog Integration Features
To order an AWS Service Catalog product
-
Log into your ServiceNow instance as the end user (for example, Abel Tuter).
-
Enter
Service Catalog
in the navigation filter and choose Service Catalog. -
Select the AWS Service Catalog S3 Storage product to provision.
-
Fill in the product request details including product name, parameters, and tags.
-
Choose Order Now to submit the ServiceNow request and provision the AWS Service Catalog product.
-
After approximately one minute, you receive an order status indicating that your request was submitted.
To view provisioned products
End users can view products in two places on the ServiceNow portal through request items (Requests) or My AWS Products widgets.
To view products in Service Portal Requests
-
Choose Requests in the home page navigation bar.
-
Select the request item of your choice (contains the AWS Service Catalog product and request item number).
Note The request item is updated with AWS product events and outputs. When the AWS product is terminated, the ServiceNow request item will go into a state of Closed Complete.
To view products in the My AWS Products widget Service Portal Requests
-
Go to the My AWS Products widget.
-
Choose the AWS Select Product name that you entered into the request form.
-
View the Status and Product Events.
-
If you want to perform post-provisioned operational actions, choose Request Update, Request Self-Service Action, or Terminate.
AWS Config Integration Features
To see AWS Config details, the service settings need to be configured to record data for the resource types of interest. For details, see Setting Up AWS Config with the Console.
To view configuration item details from AWS Config in the ServiceNow CMDB
-
Log into your ServiceNow instance as a user (for example, System Administrator) in the fulfiller view (standard user interface view).
-
In the navigator, enter
AWS Service Management
. -
Choose AWS Config.
Select and view relationships for available AWS resources. The following table illustrates the available AWS resources, ServiceNow CMDB label, and table name.
AWS resources (AWS Config) | ServiceNow CMDB/Scoped App Table Label | ServiceNow CMDB/Scoped App Table Name |
---|---|---|
Accounts | CMDB CI Cloud Service Accounts | cmdb_ci_cloud_service_account |
VPCs | Cloud Networks | cmdb_ci_network |
Availability Zones | Availability Zone | cmdb_ci_availability_zone |
EC2 Instances | Virtual Machine Instance | cmdb_ci_vm_instance |
EBS Volumes | Storage Volume | cmdb_ci_storage_volume |
Security Groups | Compute Security Group | cmdb_ci_compute_security_group |
Auto Scaling Group | Auto Scaling Groups | x_126749_aws_sc_cmdb_ci_autoscaling_group |
Network Interfaces | Cloud Mgmt Network Interface | cmdb_ci_nic |
RDS Instances | Cloud DataBase | cmdb_ci_cloud_database |
Subnets | Cloud Subnet | cmdb_ci_cloud_subnet |
Load Balancers (V2) | Load Balancer Service | cmdb_ci_lb_service |
S3 Buckets | Cloud Object Storages | cmdb_ci_cloud_object_storage |
CloudFormation Stacks | CloudFormation Stack | x_126749_aws_sc_cmdb_ci_cloudformation_stack |
CloudFormation Provisioned Products | CloudFormation Provisioned Product | x_126749_aws_sc_cmdb_ci_config_pp |
Tags | Key Value | cmdb_key_value |
Lambdas | Cloud Function | cmdb_ci_cloud_function |
Dynamo DB | DynamoDB Table | cmdb_ci_dynamodb_table |
Configuration items and relationships are based AWS resources in scope for this release.
AWS Regions are displayed in configuration item relationships.
If you have questions or feedback, email <aws-servicemanagement-connector@amazon.com>
.
AWS Systems Manager Integration Features
To request an AWS Systems Manager automation document execution
-
Log into your ServiceNow instance as the end user (for example, Abel Tuter).
-
In the navigation filter, enter
AWS Systems Manager
, then choose Systems Manager. -
Select an AWS Systems Manager document to execute.
-
Fill in the request details including parameters and tags.
-
Choose Order Now to submit the ServiceNow request and execute the AWS Systems Manager document.
-
You will receive an order status indicating that your request was submitted.
To view AWS Systems Manager documents executions
-
Log into your ServiceNow instance as the end user (for example, Abel Tuter).
-
In the navigation filter, enter
AWS Systems Manager
, then choose Automation Executions. -
The user interface view displays the latest executions and provides their status.
AWS Security Hub Integration Features
To view Findings from AWS SecurityHub
-
To view AWS Security Hub Findings a user must have the role x_126749_aws_sc.finding_manager supplied with the Connector scope app.
-
Log into your ServiceNow instance as a user (for example, System Administrator) in the fulfiller view (standard user interface view).
-
In the navigator, enter AWS Service Management.
-
Choose AWS Security Hub.
-
Choose Findings to show a list of all synced Findings.
-
Choose a Finding to open the record.
-
The Incident and Problem fields show the Incident and Problem related to the Finding if these exist.
-
Choose the ⓘ symbol to the right of the field to preview the Incident or Problem.
-
Choose Open Record on the preview form to open the Incident or Problem.
-
If the connector is not configured to automatically create a ServiceNow Incident or Problem when a new Finding is synced, one can be created manually by clicking the link at the bottom of the form.
Fields mapped from ServiceNow Findings records to ServiceNow either Incident or Problem records
Finding | Incident | Problem |
---|---|---|
Created at | Opened at | Opened at |
Company Name | Company | Company |
Description | Description | Description |
Criticality | Impact | Impact |
Severity | Urgency | Urgency |
Hardcoded to software | Category | Category |
Id of record in cmdb_ci_service with name AWS Security Hub | Business service | Business service |
Description | Short description | Short description |
Reference to related Problem if it exists | problem_id | n/a |
Fields synchronized between AWS Security Findings and ServiceNow Incidents or Problems
AWS Security Hub value | ServiceNow Incident | ServiceNow Problem |
Severity Label | Urgency | Urgency |
Criticality | Impact | Impact |
Fields synchronized between AWS Security Findings, Incidents, and Problems in ServiceNow
-
Finding severity label → Problem/Incident urgency
-
INFORMATIONAL or LOW → LOW
-
MEDIUM → MEDIUM
-
HIGH or CRITICAL → HIGH
-
-
Finding criticality → Problem/Incident impact
-
0 - 29 → LOW
-
30 - 69 → MEDIUM
-
70 - 100 → HIGH
-
Fields synchronized from Findings to AWS Security Hub
-
Severity (Label and Normalized)
-
WorkflowStatus