Exploring Cloud Account Management

Release version: Zurich

Updated July 31, 2025

3 minutes to read

Summarize

Summarized using AI

Summary of Exploring Cloud Account Management

The ServiceNow Cloud Account Management feature within Cloud Workspace provides a streamlined framework to automate and manage cloud account lifecycle tasks such as creation, suspension, reactivation, and certification. It enhances administrative efficiency by enabling data certification that ensures the integrity and security of user accounts across your cloud environments.

Show full answer Show less

As an administrator, you can monitor key account statistics like critical severity accounts, suspended accounts, certification due dates, and budget statuses directly from the Home tab.

Key Features

Entitlement-Based Access: Cloud Account Management capabilities are available through the ITOM Cloud Accelerate license, requiring the Cloud Governance Suite (CGS) license as a prerequisite. The CGS license grants access to asset exploration and the home page, while the combined CGS + CAM licenses enable account overview, request submissions and approvals, account certification, compliance dashboard viewing, configuration management, and automated request policies.
Compliance Dashboard: Consolidates cloud data and security/compliance metrics from ITOM Visibility and Cloud Account Management for unified reporting and monitoring.
Cloud Terminology Alignment: Recognizes equivalent cloud account structures across providers (Azure subscriptions, AWS accounts, GCP projects) and access methods (console and programmatic access), standardizing them as cloud accounts and IAM service accounts within the application.
User Personas: Supports distinct roles including Requester (initiates requests), Approver (reviews requests), Admin (configures and onboards accounts), Certifier (validates account data), Asset Viewer (views configuration items and dashboards), and Account Manager (manages account details and ownership access).
Automation and Control: Enables defining request policies for automating account creation, suspension, approvals, and budget validations, promoting consistency and compliance with organizational security policies.

Practical Benefits for ServiceNow Customers

Standardized Account Management: Simplifies cloud subscription account workflows with defined procedures and role-based permissions to ensure governance and security compliance.
Lifecycle Management: Facilitates easy suspension, reactivation, and addition of unmanaged cloud accounts.
Enhanced Visibility: Provides dashboards and reporting tools to monitor account health, policy compliance, and operational risks effectively.
Data Integrity Assurance: Supports certification processes that verify rightful ownership and control of cloud accounts, aiding regulatory and security requirements.

Next Steps

Customers should ensure appropriate licensing (CGS and ITOM Cloud Accelerate) to enable these capabilities and consider assigning defined user roles to align with their cloud governance practices. Utilize the compliance dashboard for ongoing monitoring and leverage request policies to automate account management processes tailored to your organizational needs.

The ServiceNow Cloud Account Management in Cloud Workspace application provides a framework to streamline the cloud account creation and management process.

Cloud Account Management overview

The automation capabilities of Cloud Account Management in Cloud Workspace simplify administrative tasks related to account management, such as creation, suspension, reactivation, and certification. Data certification confirms the integrity and security of user accounts within the organization's cloud environment.

As a Cloud Account Management admin, you can view the account statistics displayed on the Home tab, which include critical severity accounts, high severity accounts, suspended accounts, accounts due for certification, and accounts with undefined budgets.

Cloud Account Management overview infographic

About Cloud Workspace entitlements

Cloud Account Management dynamically adjusts the features available to you based on your entitlements.

Cloud Account Management entitlement becomes available with the ITOM Cloud Accelerate license.
The Cloud Governance Suite (CGS) license is a prerequisite to have Cloud Workspace. The CGS license provides the following capabilities:
- Access the home page
- Access the asset explorer, which provides an overview of your cloud assets and asset details
The Cloud Governance Suite with the Cloud Account Management entitlements (CGS + CAM) provides the following additional capabilities:
- View an overview of your accounts and account details
- Submit, view, or approve account requests
- Certify an account
- View the compliance dashboard
- Configure Cloud Account Management or view configuration details
- Create request policies to automate the complete account creation and suspension process

Compliance dashboard in Cloud Workspace

The compliance dashboard consolidates data from ITOM Visibility, Cloud Account Management to provide a unified view of cloud data and key metrics critical for security and compliance reporting.

For more details, see Viewing the compliance dashboard.

Cloud account terminology

Cloud Account Management uses the term "cloud account," but other cloud providers use different terms for similar concepts. The terms are as follows:

Microsoft Azure Cloud (Azure) refers to subscriptions
Amazon AWS Cloud (AWS) refers to management and member accounts
Google Cloud Platform (GCP) refers to projects

Cloud providers offer two main access mechanisms for performing operations:

Console user access
Programmatic user access

For Cloud Account Management, these operations are referred to as IAM service accounts. However, other cloud providers use different terminology:

AWS refers to the IAM user
Azure refers to service principals
GCP refers to service accounts

Cloud Account Management user personas

Table 1. Personas used in Cloud Account Management
User	Description
Requester	Initiates cloud account creation requests and requests for suspension or reactivation of their own accounts.
Approver	Reviews account requests and either approves or denies them.
Admin	Confirms that the Cloud Account Management configurations align with cloud configurations. Customizes the default data certification policy. Onboards accounts created outside the Cloud Account Management application.
Certifier	Approves an account as certified or failed. Acts as a verification entity by confirming the accuracy and integrity of the data.
Asset viewer	Can view all the configuration items (CIs) in Asset Explorer and access the compliance dashboard.
Account manager	Can view all account details and associated assets. Account managers have edit access to accounts with primary ownership and read-only access to those with secondary ownership.

For more information about Cloud Account Management groups and responsibilities, see Cloud Account Management ACL groups, roles, and responsibilities.

Cloud Account Management Benefits

The Cloud Account Management provides several benefits.

Table 2. Cloud Account Management Benefits
Benefit	Feature	Users
Simplifies subscription account creation by defining standardized procedures and user roles and permissions to promote consistency and compliance with security policies.	Request a cloud account Cancel a Cloud account request	Requester
Enables suspending or reactivating accounts, and adding unmanaged accounts. Offers a visualization dashboard to manage accounts and request policies to automate account creation, approvals, and budget checks.	Suspend a Cloud account Reactivate a cloud account Add an unmanaged cloud account Creating configurations About data visualization in Cloud Account Management Review request policies	Admin
Streamlines performing verifications that a person or entity has legitimate ownership or control over an account for security, compliance, and regulatory purposes.	Certify an account	Certifier