Cloud Deployment Automation

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud Deployment Automation

    Cloud Deployment Automation automates AWS CloudFormation deployment and provisioning using Service Catalog or Service Portal in ServiceNow. This solution streamlines the creation, update, and deletion of AWS CloudFormation stacks and stack sets, enabling efficient cloud infrastructure management directly from ServiceNow.

    Show full answer Show less

    To use this application, the AWS CloudFormation spoke must be activated and configured.

    Key Features

    • Catalog Items and Flows: Pre-built catalog items trigger flows to perform AWS CloudFormation tasks such as creating stacks, executing change sets, managing stack sets, and deleting resources. Users can customize flows by copying them into new application scopes.
    • Subflows: Included subflows handle automation failure scenarios by creating events or incidents and provide utilities to fetch approvers, assignees, and stack operation statuses.
    • Actions: Provides an action to transform arrays of objects based on key value pairs, supporting data manipulation within flows.
    • Decision Tables: Utilized to manage approval policies, assignment rules, and failure handling policies for requested items, incidents, and catalog tasks.
    • User Roles: The role snclouddpmtatmn.clouddeploymentautomationuser allows viewing catalog items. To create and submit catalog requests, users also need management, ITIL, and Catalog Admin roles.
    • System Properties: Configurable properties enable control over AWS region inclusions/exclusions and flow execution limits, allowing tailored deployments and operational constraints.

    Setting Up and Use

    To set up, configure the Service Portal page to present default catalog items, enabling users to request cloud deployment automation tasks easily. Customization of flows and subflows is supported by copying them into new application scopes.

    Benefits for ServiceNow Customers

    • Automates complex AWS CloudFormation tasks within the ServiceNow platform, reducing manual errors and accelerating cloud provisioning.
    • Provides flexible customization options for workflows, approvals, and failure handling, ensuring alignment with organizational processes.
    • Integrates AWS cloud infrastructure management with ServiceNow’s catalog and portal experience, enhancing user accessibility and governance.
    • Enables clear role-based access control to protect and manage deployment operations securely.

    Automates the deployment and provisioning of the AWS CloudFormation services using Service Catalog or Service Portal.

    Request apps on Store

    Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Spoke dependencies

    You must activate and set up the AWS CloudFormation spoke to use this application.

    Catalog items and flows

    The Cloud Deployment Automation provides catalog items and flows to automate tasks. When a catalog item is submitted, the associated flow is triggered and the task is performed. To customize a flow, create a copy of it in a new application scope. Available catalog items and flows include:

    Catalog Item or Flow Description
    Create Stack Creates a stack in AWS CloudFormation account.
    Create and Execute Change Set Creates and executes a change set in AWS CloudFormation account.
    Create Stack Set Creates a stack set in AWS CloudFormation account.
    Delete Stack Deletes a stack in AWS CloudFormation account.
    Delete Stack Set Deletes a stack set in AWS CloudFormation account.
    Update Stack Set Updates a stack set in AWS CloudFormation account.

    Subflows

    The Cloud Deployment Automation provides subflows to demonstrate automating tasks. To customize a subflow, create a copy of it in a new application scope. Available subflows include:

    Subflow Description
    Create Event Creates an event if automation fails.
    Create Incident Creates an incident if automation fails.
    Dynamic Flow Template Subflow template to create event and incident.
    Fetch Approvers and Assignees Retrieves details of approvers (groups and users), assignee, and assignment group for the requested item, catalog task, and incident from the decision tables.
    Get Stack Set Operation Result Status Reason Retrieves the AWS CloudFormation stack set operation result status reason.
    Get Stack Set Operation Status Retrieves the operation status of the AWS CloudFormation stack set.
    Get Stack Status Retrieves the status of the AWS CloudFormation stack.

    Actions

    The Cloud Deployment Automation provides an action, Change Array.Object Internal Names to change an array of objects to another array of objects based upon the key value pair.

    Decision tables

    The Cloud Deployment Automation application uses decision tables to save the required information. The decision tables include:
    Decision table Description
    CDA Requested Item User Approval Policy Policy used to assign a requested item to the relevant user for approval.
    CDA Requested Item Group Approval Policy Policy used to assign a requested item to the relevant group for approval.
    CDA Incident User Assignment Policy Policy used to assign an incident to the relevant user.
    CDA Incident Group Assignment Policy Policy used to assign an incident to the relevant group.
    CDA Failed Automation Flow Policy Policy used to choose between creating an incident or an event when an automation failure occurs.
    CDA Catalog Task User Assignment Policy Policy used to assign a catalog task to the relevant user.
    CDA Catalog Task Group Assignment Policy Policy used to assign a catalog task to the relevant group.

    User roles

    The Cloud Deployment Automation application provides the sn_cloud_dpmt_atmn.cloud_deployment_automation_user role. Users with this role can view cloud deployment automation catalog items.
    Note:
    User must have the sn_cloud_dpmt_atmn.cloud_deployment_automation_user _mgmt_user, ITIL, and Catalog Admin roles to create and submit catalog items.

    System properties

    The Cloud Deployment Automation application provides system properties that you can configure as per your requirement.
    System property Description
    sn_cloud_dpmt_atmn.exclude_aws_regions List of additional regions that should be excluded from those mentioned in the CloudDeploymentAutomationUtils script include.
    sn_cloud_dpmt_atmn.include_aws_regions List of additional regions that should be included to those mentioned in CloudDeploymentAutomationUtils script include.
    sn_cloud_dpmt_atmn.flow_loop_limit Number of hours that flows should run in loop before they exit.

    Navigate to System Properties > All Properties to configure the values of these properties.