Amazon DynamoDB discovery using Patterns

  • Release version: Australia
  • Updated March 12, 2026
  • 4 minutes to read

    • The ServiceNow Discovery and Service Mapping applications use the Amazon AWS DynamoDB pattern to find components of DynamoDB. Discovering some of these resources may require updating to the latest version of the Discovery and Service Mapping Patterns application from the ServiceNow Store.

    The Amazon AWS DynamoDB pattern deploys REST APIs for fetching information about DynamoDB. You can also configure Service Mapping and Discovery to discover AWS DynamoDB components using AWS events.

    The ServiceNow AI Platform supports Amazon Commercial Cloud Services (C2S) for discovery and cloud governance. C2S is the government program that brings AWS into the Intelligence Community.

    Request apps on the Store

    Visit the ServiceNow Store to view all the available apps, and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Prerequisites

    User access
    On the AWS Console, provide a user with the following permissions: AmazonDynamoDBReadOnly Access and AWSLambdaInvocation-DynamoDB.
    Cloud Service Account
    On the ServiceNow AI Platform®, set up the service account with these properties:
    • An Account ID, which is the Amazon account ID to which DynamoDB belongs. Use the Account ID as it appears in the AWS Management Console.
    • The appropriate AWS credentials required for the account ID to reach the AWS cloud.
    AWS Credentials
    On the ServiceNow AI Platform®, configure AWS credentials, using a secret key and an access key.
    Entry point for service containing DynamoDB
    Use AWS Resource Name Endpoint as the Entry Point Type when creating a service containing DynamoDB. Provide the Amazon Resource Name (ARN) and host for the entry point.
    (For top-down discovery by Service Mapping) Run horizontal discovery of the Logical Datacenters
    Discover Logical Datacenters hosting DynamoDBs as described in Run Discovery on an AWS cloud service account in the ServiceNow Cloud Provisioning and Governance documentation.
    Cloud Discovery
    For Cloud Discovery, download the Discovery and Service Mapping pattern from the ServiceNow Store.
    MID Server
    When installing the MID Server, ensure that the host machine meets or exceeds the MID Server system requirements.
    Discovery schedule
    Create a schedule for the relevant AWS service account as described in Schedule Discovery on a service account in the ServiceNow Cloud Provisioning and Governance documentation.
    Configure AWS event service
    To enable alert-based discovery, configure the AWS event service as described in Set up AWS event processing for Discovery and Service Mapping in the ServiceNow Cloud Provisioning and Governance documentation.

    Verify the REST API Permissions

    Download the Cloud Discovery patterns spreadsheet so you can grant user permissions required for running the Discovery patterns. In addition to permissions, the spreadsheet also includes useful information such as pattern names, types, CI Classes, and links to vendor documentation. New patterns are available quarterly, so check periodically to be sure you have the latest version of the spreadsheet.

    Note:
    You can test the AWS REST APIs using Postman API platform. For more information, see the How to test AWS REST API using POSTMAN [KB0782183] article in the Now Support Knowledge Base.

    Data collected by Discovery during horizontal discovery

    Table and field Description
    DynamoDB Global Table [cmdb_ci_dynamodb_global_table]
    Object ID [object_id] The Amazon Resource Name (ARN), expressed in this format: arn:aws:dynamodb::xxxxxxxxxxxx:table:<table name>
    DynamoDB Table [cmdb_ci_dynamodb_table]
    Name [name] Table name.
    Creation date [creation date] Creation date of DynamoDB according to the time zone of the MID Server that discovers this DynamoDB.
    Cloud provider [cloud_provider] Amazon AWS
    Object ID [object_id] The Amazon Resource Name (ARN), expressed in this format: arn:aws:dynamodb:<region>:xxxxxxxxxxxx:table:<table name>
    Global ARN [global_arn] The global ARN of the table for the global DynamoDB table. This field is empty if the DynamoDB is not global.
    Stream ARN [stream_arn] The choices are:
    • Stream ARN
    • Disabled
    Service name [service_name] Set to DynamoDB by default.
    Encryption [encryption] Encryption configuration on DynamoDB. The choices are:
    • Enabled
    • Disabled
    Replication group [replication_group] Table ARN of the connected global DynamoDB tables.
    Read Autoscaling [read_autoscaling] The choices are:
    • Enabled
    • Disabled
    Read Units [read_units] The number of read units on the DynamoDB table.
    Read Max Units [read_max_units] The maximum allowed number of read units on the DynamoDB table.
    Read Min Units [read_min_units] The minimum allowed number of read units on the DynamoDB table.
    Write Units [write_units] The number of write units on the DynamoDB table.
    Write Max Units [write_max_units] The maximum allowed number of write units on the DynamoDB table.
    Write Min Units [write_min_units] The minimum allowed number of write units on the DynamoDB table.
    Table Size [table_size] The currently provisioned size of the DynamoDB table in bytes.
    Write Autoscaling [write_autoscaling] The choices are:
    • Enabled
    • Disabled
    Point-in-Time [point_in_time] The choices are:
    • Enabled
    • Disabled
    The graphic illustrates CIs that are part of DynamoDB discovery.
    Figure 1. Dependency Views showing DynamoDB components

    DynamoDB components

    CI relationships

    The Amazon AWS DynamoDB pattern creates the following CI relationships:
    CI Relationship CI
    DynamoDB Global Table [cmdb_ci_dynamodb_global_table] Cluster of::Cluster DynamoDB Table [cmdb_ci_dynamodb_table]

    Data collected by Service Mapping during top-down discovery

    The Amazon AWS DynamoDB pattern identifies connections from the DynamoDB to AWS Lambda functions.

    Troubleshooting

    If the mapping process does not proceed as you expected, follow the following suggestions.
    Symptom Cause Solution
    Discovery fails. The discovery message contains the information about an error caused by the REST timeout. There are many CIs sending the REST call response in the deployment. The MID Server cannot process the REST call response without exceeding the time limit controlled by the mid.sa.cloud.request_timeout parameter. By default, the mid.sa.cloud.request_timeout parameter is set to 30000 milliseconds.
    Increase the value of this parameter on the relevant MID Server and run discovery again.
    Note:
    If the Configuration Parameters related list for the relevant MID Server does not show this parameter, you may need to add it.
    Pattern Designer fails during a debug session. The Pattern Designer message contains information about an error caused by a timeout. The Pattern Designer fails because of a timeout during pattern debugging (and not during discovery). By default, the sa.debugger.max_timeoutparameter is set to 240 seconds.

    Increase the value of this parameter on the relevant MID Server.