Configure access using permanent credentials

Australia IT Operations Management

Release

australia

ft:locale

fr-FR

ft:publication_title

Australia IT Operations Management

ft:clusterId

itom

bundleId

itom

workflow

Technology

Configure access to the AWS accounts using permanent AWS credentials

Rversion finale: Australia

Mis à jour 12 mars 2026

3 minutes de lecture

To securely access data on your provider account, the Discovery process must present appropriate credentials. To make the credentials available to Discovery and Cloud Provisioning and Governance, you first create a user with programmatic access in the AWS Management Console. You then securely store the credentials in a service account at ServiceNow AI Platform.

Avant de commencer

Roles required:

AWS Management Console administrator
For Cloud Discovery: discovery_admin
For Cloud Provisioning and Governance: admin or sn_cmp.cloud_admin

Pourquoi et quand exécuter cette tâche

Cloud providers often use different names for accounts, regions, and credential settings. Because the ServiceNow application supports several cloud providers, the app uses general-purpose names for the settings.

Procédure

Facultatif : To create a user for Cloud Provisioning and Governance (for programmatic access to your AWS resource and billing data), perform the following steps.

On the AWS Management Console, navigate to Identity and Access Managements (IAM) > Access Management > Users.
On the IAM Resources portal, select Users.
Select Add user.

On the Details page, configure the user settings, and then select Next.

Tableau 1. Details page
Field	Description
User name	Name for the programmatic user. For example, `servicenowcloud`.
Access type	Select Programmatic access.

On the Permissions page, attach the user to a policy.

Configure the following settings and then select Next.


Field	Description
Set permissions for <user name>	Select Attach existing policies directly.
Attach one or more policies …	Select the appropriate policy. Remarque : The AdministratorAccess policy has the most powerful permission level, including permission to provision cloud resources. The policy enables the same access that would be granted to the instance if you were not using IAM and used your AWS account Access Key ID and Secret Access Key. You might instead prefer to create a policy or combine multiple policies to grant the appropriate permission level. See Control AWS access and permissions using policies for details.

On the Review page, verify your selections and then select Create user.
On the Security Credentials page, copy the secret access key and the access key ID.
Important :
Do not leave the page until you have completed both steps. The Secret access key value does not appear again. You need to paste the values that you generate in these steps into a Cloud Provisioning and Governance form.
1. Select Show to display the Secret access key. Copy the value.
2. Select Download .csv to save the CSV-format file that contains the user name, Access key ID, and the Secret access key value. You create the file as a backup in the case that you lose the values. Verify that the file was created and then store the file securely.

On the ServiceNow AI Platform, configure AWS credentials.

In the ServiceNow instance, navigate to Discovery > Credentials.

Select New, select AWS Credentials, enter a unique and meaningful Name (for example, Cloud Provisioning Account), and then fill in the form.

Tableau 2. AWS Credentials form fields
Field	Input value
Name	Unique and descriptive name for the AWS credentials.
Active	Option to use the credential.
Access Key ID	The Access key ID that you generated on the AWS Management Console, such as: APIAIOSFODNN7EXAMPLE.
Secret access key	The Secret access key that you generated on the AWS Management Console, such as: wPalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY.

Select Update or Submit.

Que faire ensuite

Create an AWS service account on the ServiceNow AI Platform. For more information, see Create AWS service accounts.