GCP Networking pattern-based discovery

  • Release version: Zurich
  • Updated January 18, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of GCP Networking pattern-based discovery

    The GCP Networking pattern-based discovery in ServiceNow enables automated identification and mapping of Google Cloud Platform (GCP) networking resources within your cloud environment. This discovery populates the Configuration Management Database (CMDB) with detailed information about your GCP networking components, supporting accurate infrastructure visibility and management.

    Show full answer Show less

    To leverage this feature, ensure you meet the GCP discovery prerequisites and have the latest version of the Discovery and Service Mapping Patterns application installed from the ServiceNow Store.

    Key Features

    • Discovery of GCP Networking Resources: Identifies and collects data on key networking entities such as Cloud Service Accounts, Availability Zones, Google Datacenters (regions), Cloud Networks (VPCs), Cloud Subnets, Network ACLs (firewall rules), and Network ACL Rules.
    • Comprehensive Data Collection: Captures essential attributes for each resource, including names, unique identifiers, descriptions, states, IP ranges, routing details, and operational statuses. This supports detailed and accurate CMDB records.
    • CI Relationships: Automatically establishes relationships among configuration items (CIs) to reflect GCP’s networking structure, such as hosting, containment, and association between Cloud Service Accounts, Datacenters, Availability Zones, Networks, Subnets, and Firewall Rules.

    Key Outcomes

    • Enhanced CMDB Accuracy: By discovering and mapping GCP networking resources, you gain a reliable and up-to-date CMDB that reflects your cloud infrastructure’s current state.
    • Improved Infrastructure Visibility: The relationships between CIs provide clear insight into how networking components interconnect and depend on each other, aiding impact analysis and operational decision-making.
    • Operational Efficiency: With automated discovery of network configurations and firewall rules, your teams can reduce manual efforts, improve compliance tracking, and accelerate troubleshooting.

    Discovery and Service Mapping Patterns finds GCP networking resources on your cloud environment. Discovering some of these resources may require updating to the latest version of the Discovery and Service Mapping Patterns application from the ServiceNow Store.

    Pattern-based discovery and mapping requirements

    Verify the GCP discovery prerequisites section in Google Cloud Platform (GCP) Cloud discovery using Patterns.

    Data collected by Discovery during horizontal discovery

    Discovery populates the data in the CMDB when running the Google Cloud Platform (GCP) - Networking pattern.

    Table 1. Cloud Service Account [cmdb_ci_cloud_service_account]
    Field Description
    Account Id [account_id] Name of the project used for the discovery.
    Object ID [object_id] Name of the project used for the discovery.
    Datacenter Type [datacenter_type] Datacenter type: Google Datacenter [cmdb_ci_google_datacenter].
    Table 2. Availability Zone [cmdb_ci_availability_zone]
    Field Description
    Name [name] Name of the availability zone.
    Description [short_description] Description of the availability zone.
    State [state] State of the Availability Zone. Possible values are Available or Terminated.
    Table 3. Google Datacenter [cmdb_ci_google_datacenter]
    Field Description
    Name [name] Datacenter or region name.
    Region [region] Datacenter or region name.
    Object ID [object_id] Unique identifier allocated by GCP for this resource.
    Description [short_description] Datacenter or region description.
    Table 4. Cloud Network [cmdb_ci_network]
    Field Description
    Name [name] Name of the Google Cloud Virtual Private Cloud (VPC) network.
    Object ID [object_id] Unique identifier for the VPC network resource in Google Cloud.
    Description [short_description] Description of the VPC network.
    Default Gateway [default_gateway] Default gateway IPv4 address for the network.
    State [state] Current state of the VPC network. Default value is Available.
    Install Status [install_status] Install status of the resource. Default value is Installed.
    Operational status [operational_status] Operational status of the resource. Default value is Operational.
    Table 5. Cloud Subnet [cmdb_ci_cloud_subnet]
    Field Description
    Name [name] Name of the Google Cloud subnetwork. If the network has auto-creation enabled, the Classless Inter-Domain Routing (CIDR) notation is used as the name.
    Object ID [object_id] Unique identifier for the subnetwork resource in GCP.
    CIDR [cidr] IP address range of the subnetwork in CIDR notation. May include primary IPv4, secondary IPv4, and IPv6 ranges as a comma-separated list.
    Subnet Mask [subnet_mask] Dotted representation of the subnet mask. For example: 255.255.240.0.
    Gateway [gateway] Gateway address for default routing out of the network.
    Broadcast Address [broadcast_address] Broadcast address of the subnet.
    Available IP Count [available_ip_count] Number of IPs that are available in the subnet. This amount does not include network and broadcast addresses.
    State [state] Current state of the subnetwork. Default value is Available.
    Install Status [install_status] Install status of the resource. Default value is Installed.
    Operational status [operational_status] Operational status of the resource. Default value is Operational.
    Table 6. Network ACL [cmdb_ci_network_acl]
    Field Description
    Name [name] Name of the Google Cloud firewall rule.
    Object ID [object_id] Unique identifier for the firewall rule in Google Cloud.
    Description [short_description] Description of the firewall rule.
    Install Status [install_status] Install status of the firewall rule. Default value is Installed.
    Operational status [operational_status] Operational status of the resource. Default value is Operational.
    Table 7. Network ACL Rule [cmdb_ci_network_acl_rule]
    Field Description
    Name [name] Name of the firewall rule.
    Allow Deny [allow_deny] Indicates whether traffic is allowed or denied.
    Outbound [is_outbound] Traffic direction for the firewall rule.
    • true: EGRESS
    • false: INGRESS
    Source Ranges [source_ranges] Source IP address ranges in CIDR notation for the firewall rule.
    Destination Ranges [destination_ranges] Destination IP address ranges in CIDR notation for the firewall rule.
    Target Tags [target_tags] Network tags that identify which instances the firewall rule affects.
    Allowed\Denied Traffic [allowed_denied_traffic] Protocols and ports that are allowed or denied by this rule.
    Install Status [install_status] Install status of the resource. Default value is Installed.
    Operational status [operational_status] Operational status of the resource. Default value is Operational.

    CI relationships

    The Google Cloud Platform (GCP) - Networking pattern creates these relationships to support GCP networking discovery.

    CI Relationship CI
    Google Datacenter [cmdb_ci_google_datacenter] Hosted on::Hosts Cloud Service Account [cmdb_ci_cloud_service_account]
    Google Datacenter [cmdb_ci_google_datacenter] Contains::Contained by Availability Zone [cmdb_ci_availability_zone]
    Google Datacenter [cmdb_ci_google_datacenter] Contains::Contained by Cloud Subnet [cmdb_ci_cloud_subnet]
    Cloud Network [cmdb_ci_network] Hosted on::Hosts Cloud Service Account [cmdb_ci_cloud_service_account]
    Cloud Network [cmdb_ci_network] Contains::Contained by Cloud Subnet [cmdb_ci_cloud_subnet]
    Cloud Network [cmdb_ci_network] Contains::Contained by Network ACL [cmdb_ci_network_acl]
    Network ACL [cmdb_ci_network_acl] Contains::Contained by Network ACL Rule [cmdb_ci_network_acl_rule]