Exploring Cloud Account Management

Release version: Yokohama

Updated July 31, 2025

3 minutes to read

Summarize

Summarized using AI

Summary of Exploring Cloud Account Management

The ServiceNow Cloud Account Management application within Cloud Workspace streamlines cloud account lifecycle processes such as creation, suspension, reactivation, and certification. It automates administrative tasks to improve efficiency and compliance by confirming the integrity and security of user accounts in your cloud environment.

Show full answer Show less

As an administrator, you have access to a Home tab dashboard that presents key account statistics, including critical and high severity accounts, suspended accounts, accounts pending certification, and accounts with undefined budgets.

Key Features

Dynamic Entitlements: Access to features depends on your license entitlements. The ITOM Cloud Accelerate license enables Cloud Account Management, while the Cloud Governance Suite (CGS) license is required to use Cloud Workspace. Combining CGS with Cloud Account Management entitlements (CGS + CAM) unlocks capabilities such as submitting and approving account requests, certifying accounts, viewing compliance dashboards, and configuring request policies.
Compliance Dashboard: Provides a unified view combining data from ITOM Visibility and Cloud Account Management, facilitating security and compliance reporting.
Cloud Terminology Alignment: The application aligns terminology with major cloud providers—Azure (subscriptions), AWS (management/member accounts), and GCP (projects)—and standardizes access mechanisms as IAM service accounts across platforms.
User Personas and Roles: Supports defined roles including Requester, Approver, Admin, Certifier, Asset Viewer, and Account Manager, each with specific permissions to initiate requests, approve, configure, certify, or view account data.
Request Policies and Automation: Enables creation of policies to automate account request approvals, budget checks, and the account lifecycle process.

Benefits for ServiceNow Customers

Standardized and Compliant Account Creation: Ensures consistent procedures and role-based permissions that align with security policies.
Lifecycle Management: Simplifies suspending, reactivating, and adding unmanaged accounts, reducing manual effort and errors.
Visibility and Control: Dashboards and reports provide actionable insights into account statuses and compliance, supporting governance and audit needs.
Security and Compliance Verification: Data certification processes help verify legitimate account ownership and control, supporting regulatory requirements.

Additional Considerations

Cloud Account Management integrates with other ServiceNow components and cloud provider APIs to facilitate permissions and provisioning modes. Understanding the predefined roles and responsibilities helps optimize the configuration and use of the application to meet organizational needs.

The ServiceNow Cloud Account Management in Cloud Workspace application provides a framework to streamline the cloud account creation and management process.

Cloud Account Management overview

The automation capabilities of Cloud Account Management in Cloud Workspace simplify administrative tasks related to account management, such as creation, suspension, reactivation, and certification. Data certification confirms the integrity and security of user accounts within the organization's cloud environment.

As a Cloud Account Management admin, you can view the account statistics displayed on the Home tab, which include critical severity accounts, high severity accounts, suspended accounts, accounts due for certification, and accounts with undefined budgets.

Cloud Account Management overview infographic

About Cloud Workspace entitlements

Cloud Account Management dynamically adjusts the features available to you based on your entitlements.

Cloud Account Management entitlement becomes available with the ITOM Cloud Accelerate license.
The Cloud Governance Suite (CGS) license is a prerequisite to have Cloud Workspace. The CGS license provides the following capabilities:
- Access the home page
- Access the asset explorer, which provides an overview of your cloud assets and asset details
The Cloud Governance Suite with the Cloud Account Management entitlements (CGS + CAM) provides the following additional capabilities:
- View an overview of your accounts and account details
- Submit, view, or approve account requests
- Certify an account
- View the compliance dashboard
- Configure Cloud Account Management or view configuration details
- Create request policies to automate the complete account creation and suspension process

Compliance dashboard in Cloud Workspace

The compliance dashboard consolidates data from ITOM Visibility, Cloud Account Management to provide a unified view of cloud data and key metrics critical for security and compliance reporting.

For more details, see Viewing the compliance dashboard.

Cloud account terminology

Cloud Account Management uses the term "cloud account," but other cloud providers use different terms for similar concepts. The terms are as follows:

Microsoft Azure Cloud (Azure) refers to subscriptions
Amazon AWS Cloud (AWS) refers to management and member accounts
Google Cloud Platform (GCP) refers to projects

Cloud providers offer two main access mechanisms for performing operations:

Console user access
Programmatic user access

For Cloud Account Management, these operations are referred to as IAM service accounts. However, other cloud providers use different terminology:

AWS refers to the IAM user
Azure refers to service principals
GCP refers to service accounts

Cloud Account Management user personas

Table 1. Personas used in Cloud Account Management
User	Description
Requester	Initiates cloud account creation requests and requests for suspension or reactivation of their own accounts.
Approver	Reviews account requests and either approves or denies them.
Admin	Confirms that the Cloud Account Management configurations align with cloud configurations. Customizes the default data certification policy. Onboards accounts created outside the Cloud Account Management application.
Certifier	Approves an account as certified or failed. Acts as a verification entity by confirming the accuracy and integrity of the data.
Asset viewer	Can view all the configuration items (CIs) in Asset Explorer and access the compliance dashboard.
Account manager	Can view all account details and associated assets. Account managers have edit access to accounts with primary ownership and read-only access to those with secondary ownership.

For more information about Cloud Account Management groups and responsibilities, see Cloud Account Management ACL groups, roles, and responsibilities.

Cloud Account Management Benefits

The Cloud Account Management provides several benefits.

Table 2. Cloud Account Management Benefits
Benefit	Feature	Users
Simplifies subscription account creation by defining standardized procedures and user roles and permissions to promote consistency and compliance with security policies.	Request a cloud account Cancel a Cloud account request	Requester
Enables suspending or reactivating accounts, and adding unmanaged accounts. Offers a visualization dashboard to manage accounts and request policies to automate account creation, approvals, and budget checks.	Suspend a Cloud account Reactivate a cloud account Add an unmanaged cloud account Creating configurations About data visualization in Cloud Account Management Review request policies	Admin
Streamlines performing verifications that a person or entity has legitimate ownership or control over an account for security, compliance, and regulatory purposes.	Certify an account	Certifier