Cloud accounts

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud accounts

    A cloud account in ServiceNow Cloud Provisioning and Governance represents your managed cloud infrastructure logically. It can include multiple service accounts from the same or different cloud providers, with specified datacenters (logical datacenters or LDCs) associated with each service account. Cloud accounts enable you to manage and govern your cloud resources effectively by configuring datacenter regions, capacity limits, and provisioning policies.

    Show full answer Show less

    Key Features

    • Logical Datacenters (LDCs): These are region-specific virtual clouds linked to service accounts, hosting your cloud resources.
    • Discovery Integration: Run Discovery on LDCs to update the CMDB with configuration and lifecycle changes of cloud resources.
    • Capacity Limits: Set restrictions on resources such as virtual machines, CPUs, networks, and storage per LDC. These limits help maintain compliance and prevent over-provisioning, especially in capacity-constrained environments like private clouds.
    • Publishing Cloud Accounts: Once finalized and Discovery is run, you can publish cloud accounts to enable business teams to deploy stacks through blueprints and the Cloud User Portal.
    • Flexible Account Structuring: You can add multiple service accounts and associate only selected regions/datacenters, aligning with security and compliance rules. However, the same LDC from different service accounts cannot be added to a single cloud account.

    Managing Cloud Accounts

    • Draft and Publish States: Keep cloud accounts in Draft while configuring datacenters and limits; switch to Published when ready for use.
    • Adding Datacenters: You can add logical datacenters to existing cloud accounts anytime, expanding your managed cloud infrastructure.
    • Setting Capacity Limits: Capacity limits are configurable per logical datacenter to control resource allocation.

    Discovery and Supported Services

    The Discovery process automatically identifies cloud services and categories for providers such as AWS and Microsoft Azure, updating the CMDB with relevant data for governance and provisioning.

    Why This Matters

    Cloud accounts let you organize and control your cloud infrastructure with precision, enforcing regional restrictions and capacity governance. This ensures your cloud provisioning aligns with compliance requirements and operational constraints while enabling business teams to deploy resources safely and efficiently.

    A cloud account is the logical representation in Cloud Provisioning and Governance of all or part of your managed cloud infrastructure. A cloud account can include multiple service accounts — even service accounts from different providers. For each service account, you specify which datacenters to include in the cloud account.

    From a cloud account, you can:
    • Add LDCs. A logical datacenter (LDC) is a region-specific virtual cloud that is associated with a service account. The datacenter hosts your cloud resources.
    • Run Discovery on LDCs to update the CMDB with configuration changes or life cycle changes (create/modify/terminate) for each resource in each logical datacenter (LDC) that is associated with the cloud account.
    • Set capacity limits on cloud services like virtual machines, virtual CPUs, virtual networks, aggregate storage volume size, and others. Set limits to help ensure that cloud resources are provisioned at appropriate scales. Limits are especially important for capacity-constrained environments like private clouds.
    • Publish a cloud account to enable business teams to deploy stacks.

    Structure of a cloud account

    An advantage of cloud accounts is that you can group specified service accounts with only the regions (datacenters) that you want to allow cloud resources in. For example, your AWS account could have more than a dozen datacenters globally. However, you might use only one or two regions. To conform with your security and compliance rules, you might not want any resources provisioned to additional regions around the world.

    Structure of a cloud account

    A cloud account can contain as many service accounts as necessary in the following scenarios:
    Table 1. Possible cloud account structures
    Structure Supported Not supported
    Add the same service account as many times as necessary, provided each entry is associated with a different LDC. X
    Add the same LDC from different service accounts in one cloud account. X
    Add different LDCs from different service accounts to a particular cloud account, provided the regions are not the same.

    Example: You have us-west-1 in serviceaccount1 and us-west-2 in serviceaccount2. Both can be added to cloudaccount1. However, both us-west-1 in serviceaccount1 and us-west-1 in serviceaccount2 cannot be added to cloudaccount1.

    		 X

    Update a cloud account

    You keep a cloud account in the Draft state until you are ready to make the datacenters and capacity limits available for use — in blueprints and the Cloud User Portal, for example. You can change the state to Published after you run Discovery.

    Set up an additional cloud account

    See Set up an additional cloud account.

    Add a datacenter to a cloud account

    At any time, you can add a logical datacenter to the cloud infrastructure that is represented by a cloud account. See Add a datacenter to a cloud account.

    Set capacity limits on user requests for resources

    Capacity limits place restrictions on the attributes of cloud resources such as the number of virtual machines, virtual CPUs, or aggregate storage. You can set limits on resources separately for each logical datacenter in a cloud account.

    Set capacity limits on user requests for resources