- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello Everyone,
Can anyone please let me know why we require "Service Account" when doing "Cloud Discovery" & why it is used?.
Thanks
Solved! Go to Solution.
- Labels:
-
Data Foundations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @csatish,
Sorry for the late reply, client must create the actual identity in the Cloud Console (AWS IAM User, Azure Service Principal, etc.) first. They are the only ones with permissions to generate the Access Keys or Client Secrets. Then you will create the record in ServiceNow using the keys/IDs provided by the client.
If you find my response helpful, mark it as helpful and accepted solution.
Regards,
Maham Tahir.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @csatish,
In ServiceNow Cloud Discovery, a Service Account is required because it acts as the "identity" or "bridge" that allows ServiceNow to talk to your Cloud Provider (AWS, Azure, GCP).
Why it is used:
Authentication: It stores the specific credentials (like AWS IAM keys or Azure Service Principals) needed to log in to your cloud environment API.
Targeting: It tells ServiceNow which specific Cloud Account or Subscription ID to scan.
Automation: It allows the MID Server to run automated API queries to fetch datacenters, images, and hardware types without human intervention.
Without a Service Account record in ServiceNow, the discovery process does not know who is asking for the data or where to look. It is the record that binds your Credentials to your Cloud Provider ID.
If you find my response helpful, mark it as helpful and accepted solution.
Regards,
Maham Tahir.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi,@Maham Tahir
Thanks for the information, Should we create the service account, or will the client handle that? If it's on us, what values do we need to fill in for the table?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @csatish,
Sorry for the late reply, client must create the actual identity in the Cloud Console (AWS IAM User, Azure Service Principal, etc.) first. They are the only ones with permissions to generate the Access Keys or Client Secrets. Then you will create the record in ServiceNow using the keys/IDs provided by the client.
If you find my response helpful, mark it as helpful and accepted solution.
Regards,
Maham Tahir.
