Google Cloud Platform (GCP) Organization discovery with Patterns
The ServiceNow Discovery application uses the Discover Google Organization discovery pattern to find GCP Organization projects and resources. Discovering some of these resources may require updating to the latest version of the Discovery and Service Mapping Patterns application from the ServiceNow Store.
Request apps on the Store
Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
Prerequisites
For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.- GCP Organization structure
- Verify that a GCP Organization resource is structured correctly, with projects underneath it in a miscellaneous hierarchy.
- Service Account user settings
- Check that Service Account users have access to the GCP Organization resource node.
- Credentials for API elements
- During the discovery, the pattern uses the following API elements. The user that was
added to the credentials in the instance must have permissions to send these queries.
- https://cloudresourcemanager.googleapis.com/v1/{name=organizations/*}
- https://cloudresourcemanager.googleapis.com/v1/projects
- https://cloudresourcemanager.googleapis.com/v2/folders:search
- Credentials for creating a discovery schedule
- Configure the following credentials:
- Create GCP credentials.
- Create a GCP Service Account:
- Credentials: The GCP credentials.
- Account ID: The Google Service Account ID.
- Datacenter type: Select cmdb_ci_google_datacenter.
- Create a discovery schedule.
- (Optional) Create a serverless discovery schedule
Create a discovery schedule to perform targeted discovery of GCP Organization resources.
- Navigate to .
- Click New and then fill in the form.
Table 1. Discovery Schedule form Field Description Name Name for the Discovery schedule. For example, Discover GCP Organization. Discover Discover type. Select Serverless.
MID Server Name of the MID Server. Active Option for enabling this schedule for discovery. Select this check box to enable discovery. - Right-click the header of the Discovery Schedule form and select Save.
- Click the Serverless Execution Patterns tab, click
New, and then fill in the form.
Table 2. Serverless Execution Pattern form Field Description Name Name for this Serverless Execution Pattern. For example, Discover GCP Organization. Pattern Name of the pattern to run: Discover Google Organization. Proxy Host Fully qualified domain name of the machine on which you are installing the proxy server. Specify Global. Active Option for enabling this schedule for discovery. Select this check box to enable discovery. - Under Discovery Pattern Launcher Parameters, configure
the following parameters with the relevant values:
Parameter Value cloud_account_id The Project ID within GCP. cloud_cred_id The sysid of the GCP credentials. cloud_datacenter_type cmdb_ci_google_datacenter
- Customers with early access to the GCP Organization pattern
- Verify that the Discover-GCP-SubAccounts scheduled job is not enabled in your
instance.
- Navigate to .
- Click the Discover-GCP-SubAccounts scheduled job.
- Clear the Active check box, and then click Update.
Data collected by Discovery during horizontal discovery
| Table and field | Description |
|---|---|
| Organization [cmdb_ci_cloud_org] | |
| name | The name of the organization resource. |
| object_id | The ID of the organization resource. |
| time | The time the organization resource was created in GCP. |
| operational_status | Current operational status. One of the following:
|
| Folder [cmdb_ci_gcp_folder] | |
| name | The name of the organization folder. |
| parent_id | The ID of the parent resource. |
| parent_type | The type of the parent resource. Can be organization or folder. |
| time | The time the resource was created in GCP. |
| status | The status of the folder according to the lifecycleState status in GCP. |
| object_id | The ID of the organization folder. |
| Project [cmdb_ci_gcp_project] | |
| name | The name of the project. |
| project_id | The ID of the project. |
| parent_id | The ID of the parent folder resource. |
| parent_type | The type of the parent resource. Can be organization or folder. |
| time | The time the resource was created in GCP. |
| operational_status | The status of the folder according to the lifecycleState status in GCP. |
| object_id | The ID of the project. |
| discovery_credentials | GCP account credentials. |
| Resource [cmdb_key_value] | |
| key | The key, or label, associated with the GCP project. For example, country. |
| value | The project label value assigned to the GCP project. For example, ca. |
| configuration_item | The URL or path of the CI. |
CI relationships
| CI | Relationship | CI |
|---|---|---|
| Cloud Organization [cmdb_ci_cloud_org] | Contained by::Contains | Google Project [cmdb_ci_gcp_project] |
| Cloud Organization [cmdb_ci_cloud_org] | Contained by::Contains | Service Account |
| Cloud Organization [cmdb_ci_cloud_org] | Contained by::Contains | Google Folder [cmdb_ci_gcp_folder] |
| Service Account | Owns::Owned by | Google Project [cmdb_ci_gcp_project] |
| Google Folder [cmdb_ci_gcp_folder] | Contained by::Contains | Google Project [cmdb_ci_gcp_project] |
| Google Folder [cmdb_ci_gcp_folder] | Contained by::Contains | Sub Google Folder |
| Sub Google Folder | Contained by::Contains | Google Project [cmdb_ci_gcp_project] |