Amazon ECS is a highly scalable, fast, container management service that makes it easy to run, stop, and manage Docker containers. AWS Fargate is a compute engine for Amazon ECS that enables AWS customers to run containers without having to manage servers or clusters.

Discovery uses the Amazon AWS - ECS pattern to run horizontal discovery.

Starting with Discovery and Service Mapping Patterns version 1.18.0, the Amazon AWS - ECS pattern supports the discovery of Amazon Elastic Container Registry (Amazon ECR) images. For more information on container scanning, see Scan container images.

Request apps on the Store

Visit the ServiceNow Store to view all the available apps, and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

Prerequisites

Create AWS credentials with ECS resources viewing privileges

In the AWS console, create AWS credentials with privileges to view ECS resources. For more information, see: https://docs.aws.amazon.com/en_pv/AmazonECS/latest/userguide/get-set-up-for-amazon-ecs.html.

주:

The API requests use AWS Signature Version 4 to authenticate. When the correct credentials are provided, authentication is done internally for the Cloud API Call pattern steps.

Create AWS cloud credential records or use temporary credentials

In the ServiceNow AI Platform, create AWS credential records. You can also use a temporary credential generated by the AWS Security Token Service (AWS STS) for IAM roles. For more information, see Cloud credentials

Create AWS cloud service accounts

• In the ServiceNow AI Platform, create AWS cloud service accounts using permanent or temporary AWS credentials. For more information, see Setting up AWS service accounts.
• In the Cloud Service Account record, select Discover Datacenters to find AWS Datacenters (LDCs) for the configured AWS cloud service account.

Schedule an AWS discovery

In the ServiceNow AI Platform, schedule either a full AWS pattern discovery or only an ECS pattern discovery.

• For more information on scheduling a cloud discovery, see Create a discovery schedule in Cloud Discovery Workspace.
• For more information about creating a serverless schedule for Amazon ECS discovery, see Create a serverless schedule for Amazon ECS discovery.

Verify configuration of VM Object record to find the resource Tags

To enable the pattern to find the resource Tags, the parent ECS table (VM Object) must have a related entry for the cmdb_key_value table:

1. In the ServiceNow AI Platform navigation bar, navigate to All > Configuration > Identification/Reconciliation, and select CI Identifiers.
2. Search for and open the VM Object record.
3. Select the Related Entries tab and make sure it’s configured as shown in the VM Object Related Entry figure. If it isn’t, specify a new related entry: In the Related Entries related list, select New, fill out the form, and then select Submit.

   
   
   

Verify the REST API Permissions

Download the Cloud Discovery patterns spreadsheet so you can grant user permissions required for running the Discovery patterns. In addition to permissions, the spreadsheet also includes useful information such as pattern names, types, CI Classes, and links to vendor documentation. New patterns are available quarterly, so check periodically to be sure you have the latest version of the spreadsheet.

Data collected by Discovery during horizontal discovery

Discovery populates the data in the CMDB when running the Amazon AWS - ECS pattern.

On the Dependency Views map, you can see all discovered resources in your organization that are managed by Amazon ECS, and the relationships between them.

In this example, the AWS Cloud ECS Cluster CI is hosted on an AWS Datacenter. It runs two AWS Cloud ECS Tasks and two AWS Cloud ECS Services, and uses three Docker Containers.

CI relationships

These relationships are created to support Amazon ECS resource discovery.