Cloud Configuration Governance dashboard

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud Configuration Governance dashboard

    The Cloud Configuration Governance dashboard helps ServiceNow customers manage and monitor their cloud resources to ensure compliance with organizational and security standards. It provides a centralized view of cloud health scores, policy violations, remediation efforts, and trends, enabling proactive governance of cloud configurations.

    Show full answer Show less

    Key Features

    • Access and Roles: Viewing the dashboard and widgets requires the snitomccg.ccgoperator or snitomccg.reportviewer roles.
    • Dashboard Navigation: Accessible via Cloud Configuration Governance > Dashboard.
    • Cloud Health Monitoring: Displays the percentage of cloud resources free of audit issues through a speedometer chart.
    • Policy Violation Insights: Visualizes violation severity per cloud resource type, counts, and trends using stacked bar charts, donut charts, and line charts.
    • Remediation Tracking: Shows remediation counts by violation type and cloud resource type, time taken to remediate, and daily remediation trends.
    • Policy Compliance Details: Provides embedded lists showing compliant and non-compliant resource counts for individual policies and policy sets.
    • Filtering Capabilities: The CCG Drilldown filter allows users to filter data by cloud provider, account, and region to focus on specific environments and resources.

    Key Outcomes

    • Enable teams to quickly assess the overall security posture of their cloud environments.
    • Identify and prioritize remediation efforts based on the severity and trend of policy violations.
    • Track compliance status at both individual policy and policy set levels for effective governance.
    • Gain actionable insights into remediation efficiency and timeframes to improve cloud configuration management.
    • Customize views by cloud provider, account, and region to target governance activities appropriately.

    Cloud Configuration Governance is a tool used to manage the configuration of the cloud resources as per your organizational standards and established security standards. Use the dashboard to review the health score of the cloud, policy violation statistics, policy violation trend, remediations overview, and more.

    Figure 1. Cloud Configuration Governance dashboard

    Cloud Configuration Governance dashboard.

    Required ServiceNow AI Platform roles

    sn_itom_ccg.ccg_operator or sn_itom_ccg.report_viewer roles are required to view the dashboard and its widgets.

    Access the Cloud Configuration Governance dashboard

    To open the dashboard, navigate to Cloud Configuration Governance > Dashboard.

    Use cases

    For examples of how different people in your organization would use this dashboard, see these use cases.
    User Dashboard use
    sn_itom_ccg.ccg_operator or sn_itom_ccg.report_viewer
    • Review the cloud heath score.
    • Time taken to remediate the identified policy violations.
    • Understand the trend of the policy violation.

    Reports

    Title Type Source table Description
    Cloud health score Speedo chart sn_itom_ccg_scan_summary Percentage of scanned cloud resources that doesn’t have any audit issue.
    Violating resources Stacked bar chart sn_itom_ccg_scan_summary Severity of the detected audit issues per cloud resource type.
    Violations count Donut chart

    sn_itom_ccg_violation_stats

    		 Violation per severity of the audit issue.
    Scanned resources Donut chart sn_itom_ccg_scan_summary Number of cloud resources scanned per cloud resource type.

    Use the CCG Drilldown Filters to filter the data and visualize the data of interest.
    Issues Horizontal bar chart sn_itom_ccg_audit_stats Number of violations reported per violation definition.

    The chart can display a maximum of 10 bars, that is one per violation definition type. If the data contains more than 10 violation definition types, all the additional violation definition types are merged under the Others bar.

    Use the CCG Drilldown Filters to filter the data and visualize the data of interest.
    Policy compliance Embedded lists

    sn_itom_ccg_policy_compliance_stats

    		 Displays the following information for the given policy:
    • Count of compliant resources
    • Count of non-compliant resources
    Policy set compliance Embedded lists

    sn_itom_ccg_policy_set_compliance_stats

    		 Displays the following information for the given policy set:
    • Count of compliant resources
    • Count of non-compliant resources
    Total issues remediated Half donut chart sn_itom_ccg_remediation_daily_trend Remediations performed per violation definition type.
    Remediations by type Pie chart sn_itom_ccg_remediation_daily_trend Remediations performed per cloud resource type.
    Remediated on Half donut chart sn_itom_ccg_remediation_daily_trend Time taken to remediate the violations.
    Trend Line chart sn_itom_ccg_daily_trend Trend of reporting violations over time.

    Filters

    Name Type Description
    CCG Drilldown filter Choice-based filter Use this filter to select the cloud provider, cloud account, and regions for visualizing their scanned resources and issues data.