Configure API Service Graph Connector for AWS API Gateway using SGC Central

  • Release version: Washingtondc
  • Updated July 31, 2025
  • 4 minutes to read

    • Set up scheduled import jobs to pull in AWS API Gateway data into your CMDB.

    Before you begin

    Install API Service Graph Connector for AWS API Gateway version 1.0.0 or later from the ServiceNow Store. For ServiceNow Store installation steps, see Install a ServiceNow Store application.

    The authentication mechanism used by the connector is AWS Signature Type (HMAC Authentication Technique) with AWS Security Token Service (STS) token. For information about permissions, see the API Service Graph Connector for AWS API Gateway - Setup Instructions [KB1962734] article in the Now Support Knowledge Base.

    Role required: The following table shows the roles required for each stage of the playbook.

    Table 1. Role required for each playbook stage
    Stage Role
    Prerequisites admin
    Setup cmdb_inst_admin or admin

    About this task

    The playbook experience for onboarding connectors is activated with SGC Central in the CMDB Workspace. To configure the SGC Central application, see Configuring SGC Central and for more information on how to interact with a playbook, see Interact with Playbook.

    Note:
    Alternatively, you can configure a default connection already available from the installed or draft connections in SGC Central. Go to All > Service Graph Connectors, then select Setup for the connector from the menu. To learn about installed and draft connections, see Managing connections added for Service Graph Connectors in SGC Central.

    Procedure

    1. Navigate to Workspaces > CMDB Workspace.
    2. In the CMDB Workspace, select SGC Central.
    3. On the Overview page, select Create connection.
      Tip:
      Alternatively, you can select Create connection on the All connections page.
    4. On the Create connection window, select the AWS API Gateway connector type, and then select Create connection.
    5. Complete the initial prerequisites when setting up a connection for the first time using a connector.
      Note:
      This step is required only during the first-time setup. See Perform initial setup tasks when creating a connection in SGC Central.
    6. Enter connection details and test the API connection for importing AWS API Gateway data.
      1. In the Setup stage of the playbook, select the Create and test connection activity.
      2. On the form, fill in the fields.
        Table 2. Create and test connection form
        Field Description
        AWS API Gateway Connection Name Name to identify the AWS API Gateway connection record.

        For example, SG-AWS-API-Gateway connection.
        Access Key Access key ID of the IAM user that has permissions to interact with the AWS resources.
        Secret Key Secret access key that corresponds to the Access key ID required for authenticating the connection securely.
      3. Select Create and test connection.
      4. Once the connection test is complete, select Continue.
    7. Optional: Copy configuration properties from an existing AWS connection.
      Note:
      The Copy configuration properties activity is displayed only when an AWS connection is already set up on your instance.
      1. In the Setup stage of the playbook, select the Copy configuration properties activity.
      2. In the AWS Connection field, select the connection.
        The values of the following properties are copied from the selected AWS connection:
        • Standalone account ID
        • Management account ID
        • Gov cloud
        • STS assume role
        • AWS regions
        • Config aggregator name
        • Config aggregator account
        • Config aggregator region
      3. Select Continue.
      4. Once the connection test is complete, select Continue.
    8. Set the configuration properties for the connection.
      1. In the Setup stage of the playbook, select the Set configuration properties activity.
      2. Fill in the property details.
        Note:
        If you select to copy the configuration properties from an existing AWS connection, the properties listed in the step 7.b are copied from the existing connection automatically.
        Table 3. AWS API Gateway configuration properties
        Property Description
        Management account ID or standalone account ID
        Management account ID Management account ID associated with the AWS API Gateway account.
        Standalone account ID ID of a member account associated with the AWS API Gateway account.
        STS assume role name and AWS regions
        STS assume role name STS Assume Role name of the AWS account that is used for querying the STS Assume Role API to obtain the API credentials.
        AWS regions List of comma-separated regions where the AWS API Gateway resides.
        Config aggregator setup
        Config aggregator account ID AWS account ID where the aggregator resource type in the AWS Config service has been configured.
        Config aggregator name Name of the aggregator resource type in the AWS Config service.
        Config aggregator region Region where the aggregator resource type resides.
        API usage data
        CollectUsageData Option to enable usage data collection to retrieve API usage data over a specified duration.
        Collection period in days Duration in days for collecting API usage data.
        Gov cloud setup
        Is gov cloud Option to indicate that the connection setup is for the AWS GovCloud.
      3. Select Continue.
    9. Configure the import schedule to import data at regular intervals.
      1. In the Setup stage of the playbook, select the Configure import schedule activity.
      2. Expand the Parent scheduled data import within the Import schedules list to select the Managed API Rest import schedule associated with your connection.
        Note:
        The connection name is prefixed to the schedule name.
      3. In the Configure import schedule dialog box, select the Active check box, and then fill in the run schedule and time details.

        For more information, see Schedule a data import.

      4. Select Save.
        Alternatively, select Execute Now to execute the import schedule immediately.
      5. Select Continue.
    10. In the Setup stage of the playbook, select the Confirm connection creation activity to verify whether the connection was configured.

    What to do next

    Select View all connections to review the connection details. The configured connection appears in the Installed connections list.