Cloud accounts

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud accounts

    A cloud account in ServiceNow Cloud Provisioning and Governance represents all or part of your managed cloud infrastructure. It logically groups multiple service accounts, each linked to specific datacenters (logical datacenters or LDCs), which host your cloud resources. This structure enables you to manage and govern cloud resources effectively across different providers and regions while complying with your organizational security and compliance requirements.

    Show full answer Show less

    Key Features

    • Multiple Service Accounts and LDCs: You can include several service accounts in one cloud account, each with specific datacenters. However, the same region (LDC) from different service accounts cannot coexist in the same cloud account.
    • Logical Datacenters (LDCs): These are region-specific virtual clouds associated with service accounts, hosting the resources you manage.
    • Discovery Integration: Run Discovery on LDCs to update the CMDB with configuration and lifecycle changes, ensuring accurate tracking of cloud resources.
    • Capacity Limits: Set restrictions on cloud services like virtual machines, CPUs, networks, and storage per LDC to manage resource allocation and prevent over-provisioning—particularly important in capacity-constrained environments such as private clouds.
    • Publishing Cloud Accounts: Transition cloud accounts from Draft to Published state after Discovery to enable their use in blueprints and the Cloud User Portal for business teams to deploy stacks.

    Practical Use and Configuration

    • Selective Region Inclusion: Cloud accounts can be configured to include only specific regions needed for compliance and security, restricting resource provisioning to those areas.
    • Adding and Updating Cloud Accounts: You can add new datacenters to existing cloud accounts and update capacity limits as needed, maintaining flexibility in your cloud infrastructure management.
    • Service Discovery: Discovery processes automatically identify services available in AWS and Azure, keeping cloud accounts current with available service categories.

    Why It Matters

    This logical grouping and governance enable ServiceNow customers to efficiently manage multi-cloud environments, enforce compliance controls, optimize resource usage, and streamline deployment processes. Setting capacity limits helps prevent resource sprawl and ensures cloud infrastructure is used within organizational constraints.

    A cloud account is the logical representation in Cloud Provisioning and Governance of all or part of your managed cloud infrastructure. A cloud account can include multiple service accounts — even service accounts from different providers. For each service account, you specify which datacenters to include in the cloud account.

    From a cloud account, you can:
    • Add LDCs. A logical datacenter (LDC) is a region-specific virtual cloud that is associated with a service account. The datacenter hosts your cloud resources.
    • Run Discovery on LDCs to update the CMDB with configuration changes or life cycle changes (create/modify/terminate) for each resource in each logical datacenter (LDC) that is associated with the cloud account.
    • Set capacity limits on cloud services like virtual machines, virtual CPUs, virtual networks, aggregate storage volume size, and others. Set limits to help ensure that cloud resources are provisioned at appropriate scales. Limits are especially important for capacity-constrained environments like private clouds.
    • Publish a cloud account to enable business teams to deploy stacks.

    Structure of a cloud account

    An advantage of cloud accounts is that you can group specified service accounts with only the regions (datacenters) that you want to allow cloud resources in. For example, your AWS account could have more than a dozen datacenters globally. However, you might use only one or two regions. To conform with your security and compliance rules, you might not want any resources provisioned to additional regions around the world.

    Structure of a cloud account

    A cloud account can contain as many service accounts as necessary in the following scenarios:
    Table 1. Possible cloud account structures
    Structure Supported Not supported
    Add the same service account as many times as necessary, provided each entry is associated with a different LDC. X
    Add the same LDC from different service accounts in one cloud account. X
    Add different LDCs from different service accounts to a particular cloud account, provided the regions are not the same.

    Example: You have us-west-1 in serviceaccount1 and us-west-2 in serviceaccount2. Both can be added to cloudaccount1. However, both us-west-1 in serviceaccount1 and us-west-1 in serviceaccount2 cannot be added to cloudaccount1.

    		 X

    Update a cloud account

    You keep a cloud account in the Draft state until you are ready to make the datacenters and capacity limits available for use — in blueprints and the Cloud User Portal, for example. You can change the state to Published after you run Discovery.

    Set up an additional cloud account

    See Set up an additional cloud account.

    Add a datacenter to a cloud account

    At any time, you can add a logical datacenter to the cloud infrastructure that is represented by a cloud account. See Add a datacenter to a cloud account.

    Set capacity limits on user requests for resources

    Capacity limits place restrictions on the attributes of cloud resources such as the number of virtual machines, virtual CPUs, or aggregate storage. You can set limits on resources separately for each logical datacenter in a cloud account.

    Set capacity limits on user requests for resources