Cloud Configuration Governance actions reference

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud Configuration Governance Actions Reference

    Cloud Configuration Governance (CCG) streamlines the interaction with cloud resources and updates configuration data in the Configuration Management Database (CMDB) through Integration Hub subflows. This functionality is essential for maintaining accurate and compliant cloud configurations.

    Show full answer Show less

    Key Features

    • CCG – Read Config Setting: This action allows users to read configuration data from a specific resource. Users must select the resource and configuration key to retrieve the necessary data.
    • Create Record: Enables the creation of audit result records in the CMDB. Users specify the table and include details such as scan run, violation definition, and severity of the audit issue.
    • CCG – Insert Resource Record: This action is for inserting resource records into the CMDB. Required fields include service account, logical datacenter, resource identifier, and additional attributes.

    Key Outcomes

    By utilizing CCG actions, ServiceNow customers can effectively manage cloud configurations, ensure compliance through reporting violations, and maintain robust data accuracy within the CMDB. This governance capability ultimately supports better operational decision-making and enhances overall cloud management efficiency.

    Cloud Configuration Governance (CCG) uses Integration Hub subflows to interact with the cloud and update the configuration data in the Configuration Management Database (CMDB).

    CCG – Read Config Setting

    Use this action to read the configuration data of the resource.

    To use this action, insert an action and then navigate to Action > Cloud Configuration Governance > Utils > CCG – Read Config Setting.

    Table 1. CCG – Read Config Setting action
    Field Description
    Resource [Resource] Resource record that contains the configuration data.
    Configuration key [Configuration Key] Configuration key you want to read.

    Assign Subflow Outputs

    Table 2. Assign Subflow Outputs form
    Field Description
    Report issue

    Option to enable the subflow to report the audit violation.

    Select the Report Issue option in the Data column or clear this check box to set or clear this field.

    • Selected: Report the issue as per the violation definition selected in the Audit Violation Reporting field of the policy.
    • Cleared: Cloud Configuration Governance doesn’t report the violation. Create a custom record for the audit violation. You can specify conditions to control the creation of the audit violation record.
    Details Violation definition that you want to report for the violation.

    Enter the violation definition in the Details field in the Data column. This field is required if you've selected the Report Issue option.

    Create Record

    Use this action to create a record in the CMDB.

    To use this action, insert an action and then navigate to Action > ServiceNow Core > Default > Create Record.

    Table 3. Create Record action
    Field Description
    Table Name of the Configuration Management Database (CMDB) table where the audit result is stored.

    Set this field to Audit Result [sn_itom_ccg_audit_result].
    Fields Details of the record that you want to create in the Configuration Management Database (CMDB).

    Add the following fields and configure input for them:

    • Scan Run: Scan run during which Cloud Configuration Governance has identified the audit issue.
    • Is Test Run: Indicates whether Cloud Configuration Governance has reported the audit issue during a test run.
    • Details: Details of the violation.
    • Violation Definition: Violation definition of the audit issue.
    • Resource: Cloud resource for which Cloud Configuration Governance has raised the audit issue.
    • Severity: Severity of the audit issue.

    CCG – Insert Resource Record

    Use this action to insert a resource record to the Configuration Management Database (CMDB).

    To use this action, insert an action and then navigate to Action > Cloud Configuration Governance > Utils > CCG – Insert Resource Record.

    Table 4. CCG – Insert Resource Record action
    Field Description
    Scan run Scan run for which the subflow must create the resource record.
    Service account Service account to which the resource is attached.
    Logical datacenter Logical datacenter to which the resource is attached.
    Identifier Identifier of the resource record.
    Name Name of the resource.
    Type Resource type.
    Provider Cloud provider that hosts the resource.
    Details Details of the object that you want to store in the resource record.
    Attributes Any additional resource attribute that you want to import to the CMDB.