Baseline permissions - AWS Service Management Connector

Baseline permissions

This section describes how to configure Identity and Access Management (IAM) permissions, AWS Service Catalog, and other AWS services to use AWS Service Management Connector for ServiceNow.

Available template for baseline permissions

This section describes how to configure Identity and Access Management (IAM) permissions, AWS Service Catalog, and other AWS services to use AWS Service Management Connector for ServiceNow.

To use an AWS CloudFormation template to set up the AWS configurations of the Connector for ServiceNow, see the AWS configurations for Connector for ServiceNow 4.5.0 AWS Commercial Regions and AWS GovCloud Regions.

Note

If you use the Connector for ServiceNow 4.5.0 _AWS Configuration template, skip to Configuring AWS Service Catalog.

For each AWS account, the Connector for ServiceNow requires two IAM users:

  • AWS Sync User: An IAM user to sync AWS resources (such as portfolios, products, automation documents (runbook), Ops Items, Incident Manager incidents, change templates and requests, configuration items, and security Findings), sync AWS support cases, and AWS Health events and resources to ServiceNow .

  • AWS End User: An IAM user who can provision products as an end user, execute requests, and view resources that ServiceNow exposes. This role includes any required roles to provision and execute.