Alternative way to secret key in credentials in servicenow

ParkHyunSun
Tera Expert

Hi I have a question as for using secret key in credentials for AWS.

Originally, I've known that secret access key field is required in credentials for discovery.

I want to discover Cloud, but there's no policy to grant a secret key because of audit.

My customer always grants temporary secret key per 1 hour, but I want a permanent secret key because I have to track all of the CIs. 

Is there any other means to get alternative secret key? Do I have to ask for the exception of customer's policy?

 

Thank you.

 

P.S. I cannot use SSH either.

1 ACCEPTED SOLUTION

ParkHyunSun
Tera Expert

I just created two roles in AWS and granted IAM role in EC2 instance.

Then I put the name of EC2 instance into ServiceNow MID Server Profile Name.

It seems that it works so far, I will update (or add comment to this reply) after Discovery is finished.

 

View solution in original post

2 REPLIES 2

Maik Skoddow
Tera Patron
Tera Patron

Hi @ParkHyunSun 

please check whether the following solution matches your requirements: https://docs.servicenow.com/bundle/vancouver-platform-security/page/product/credentials/concept/c_Ex... 

Maik

ParkHyunSun
Tera Expert

I just created two roles in AWS and granted IAM role in EC2 instance.

Then I put the name of EC2 instance into ServiceNow MID Server Profile Name.

It seems that it works so far, I will update (or add comment to this reply) after Discovery is finished.