Cloud Configuration Governance release notes

  • Release version: Store
  • Updated June 11, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud Configuration Governance release notes

    Cloud Configuration Governance (CCG) is a ServiceNow application designed to help customers manage and enforce cloud resource configuration policies. It enables setting norms for cloud resources, validating these policies, identifying violations, and executing remediations. This ensures improved security, cost control, and availability of cloud resources. The application supports scans on specific or generic cloud resources and offers out-of-the-box remediations, with the ability to create custom remediations via the Automation Engine.

    Show full answer Show less

    Key Features

    • Granular Admin Roles: Introduced in version 1.6.0, replacing broad admin access with feature-specific roles to enhance security by minimizing excess permissions.
    • Access Controls and Security Updates: Multiple releases focused on strengthening security, including predefined query access controls, fixing empty ACLs to prevent unauthenticated access, and improving report view ACLs.
    • Read-Only Field Remediation: A new ChoiceList replaces the prior vulnerable read-only field to prevent unauthorized client-side updates across all applications.
    • Audit Improvements: Audit results now include compliant (non-violating) resources aiding governance, risk, and compliance (GRC) and cloud security posture management (CSPM) use cases.
    • Enhanced API and UI Features: Support for dark theme in Next Experience mode, AWS assume role scanning for member accounts, multi-remediation dialog UI, and record producers for custom remediation inputs.
    • Content Management: Default base-system CCG contents are now provided via a separate Content pack for easier management and updates.
    • CI Resource Linking: Introduced in version 1.2.1 to improve configuration item relationships and tracking.

    Practical Impact for ServiceNow Customers

    By leveraging CCG, customers can establish robust governance over their cloud environments, ensuring that configurations adhere to best practices and organizational policies. The application’s evolving security enhancements reduce risks related to unauthorized access and configuration manipulation. The inclusion of both violating and compliant resources in audits provides comprehensive visibility for compliance teams. Customers can expect streamlined remediation workflows and better control over cloud resource costs, security, and availability, ultimately supporting a more secure and efficient cloud-integrated business.

    Version history for the Cloud Configuration Governance application on the ServiceNow Store.

    Important:
    For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

    Version history

    Version 1.7.0 - June 2026
    Fixed: Manage access through predefined query access controls for all Cloud Configuration Governance tables
    Version 1.6.0 - December 2025
    • New: Introduced granular, feature-specific admin roles to replace the broad 'admin' role, significantly enhancing security by minimizing excess access. These new roles are seamlessly integrated into the standard administrative experience.
    • Fixed: Implemented Read-Only Field Remediation by introducing a new ChoiceList, 'read_only_option,' to replace the previous 'read_only' field (which was prone to unauthorized client-side updates). This change prevents client-side manipulation of read-only fields and significantly mitigates security risks across all applications.
    Version 1.5.0 - November 2024
    Fixed: Applied security and policy updates.
    Version 1.4.3 - January 2024

    This quality release addresses issues with the empty 'no-rule' ACL. The appropriate roles are added to all the empty ACLs for tables to avoid unauthenticated access.

    Version 1.4.2 - May 2023
    • New: CCG pages support dark theme in Next Experience mode
    • Changed: CCG Audit results now return non-violating (compliant) resources also. Prior to this, only violating resources were listed in Audit results. This change was done to aid GRC/ CSPM use-case.
    • Fixed:
      • Issues with running CCG Scan through API
      • Security issue
    Version 1.3.10 - February 2023
    • Changed: Security improvements for report view ACLs
    • Fixed: Fixed the license counting scripts to avoid duplicate CI counting.
    Version 1.3.7 - August 2022
    • New:
      • Use the AWS assume role to scan member accounts from the management account.
      • Use the new remediation dialog (UI) to run multiple remediations for multiple violations.
      • Use the record producer to create custom remediations with additional inputs.
    • Removed: Moved all the default base-system CCG contents to the CCG Content pack available with this release.
    Version 1.2.1 - May 2022
    New: CI resource linking
    Version 1.0.5 - February 2022
    When you have sensitive data in the cloud or use the public cloud heavily, it is essential to establish norms for configuring cloud resources. Failure to set up and follow these norms can prove costly for the business. Cloud Configuration Governance (CCG) helps set policies for cloud resources, validate these policies, identify the violators, and run remediation to fix invalid configurations. For instance, you can turn on encryption for object storage or prevent misuse, turn off VMs with wide network access settings, create any number of rules, and also set up configurations to run scans on a specific or a generic set of cloud resources. Remediations are available out of the box, and more remediations can be built using Automation Engine. Use CCG to get your cloud resource costs, security, and availability under control for building a better cloud-integrated business.