AWS events-driven discovery

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of AWS events-driven discovery

    AWS events-driven discovery in ServiceNow leverages Amazon Web Services (AWS) Config service events to automatically update resource information in the Configuration Management Database (CMDB). When AWS Config detects changes in cloud resources, it sends event notifications via Simple Notification Service (SNS) to the ServiceNow instance, triggering updates in the CMDB to keep resource data current and accurate.

    Show full answer Show less

    Key Features

    • Event Integration: AWS Config sends notifications to ServiceNow’s Cloud Events REST API, which logs events into the Cloud Events [sncmpcloudevent] table based on specific event types such as SubscriptionConfirmation and ConfigurationItemChangeNotification.
    • Automated CMDB Updates: The Cloud Event Scheduler processes events in batches and uses response mappings or discovery patterns to create or update configuration items (CIs) in the CMDB. The method depends on the sncmp.cloudevent.useresponsemappingaws property, which is enabled by default from the Zurich release onward.
    • Scalability: The sncmp.cloudevent.parallelschedulercount property allows scaling of Cloud Event Schedulers based on event inflow, improving processing rates by running multiple schedulers concurrently.
    • Domain Assignment and Error Handling: The scheduler assigns events to the appropriate service account domain. If assignment fails, the sncmp.errorevents.defaultdomain property can be set to restrict visibility of failed events to the service-provider domain, preventing exposure across all domains.

    Practical Benefits for ServiceNow Customers

    • Real-time CMDB Accuracy: Automatically reflects changes in AWS cloud resources, ensuring up-to-date and reliable configuration data.
    • Operational Efficiency: Reduces manual updates and errors by automating discovery and CMDB synchronization based on AWS event triggers.
    • Performance Optimization: Enables customization of event processing scale to handle varying volumes of AWS events efficiently.
    • Controlled Event Visibility: Ensures that failed or unassigned events are properly managed and visible only to designated domain administrators, enhancing security and governance.

    The Amazon Web Services (AWS) Config service can raise events for any changes in the life-cycle state or the configuration of a cloud resource. The ServiceNow® event-driven discovery uses the events to auto-update the latest resource information in the Configuration Management Database (CMDB).

    Figure 1. Overview of the AWS events-driven discovery
    Overview of the AWS events-driven discovery
    Configure the AWS Config service to send Simple Notification Service (SNS) notifications to the ServiceNow instance. For more information, see Configure the AWS Config service to send event notifications to the ServiceNow instance. After you configure the service, it starts sending event notifications to the ServiceNow Cloud Events REST API. When an event meets any one of the following criteria, the API writes it to the Cloud Events [sn_cmp_cloud_event] table:
    • The Type of the event is SubscriptionConfirmation.
    • The Type of the event is Notification and messageType is ConfigurationItemChangeNotification.
    • Amazon CloudWatch has raised the event for a change in the tag associated with the Configuration Item (CI).

    The Cloud Event Scheduler then picks the events in the Ready state for batch processing. During event processing, the event-driven discovery uses response mappings or patterns to update the details of the affected resource in the CMDB. The sn_cmp.cloud_event.use_response_mapping_aws property determines the CMDB update method. To understand the status of an event, review its state in the Cloud Events [sn_cmp_cloud_event] table.

    Starting with the Zurich release, the sn_cmp.cloud_event.use_response_mapping_aws property is set to True by default. When this property is set to True, and suitable response mappings are available, the event-driven discovery uses the response mappings to create or update the CI in the CMDB. Otherwise, the event-driven discovery triggers the appropriate patterns to discover the affected resource and create or update the CI in the CMDB.

    Starting with the Zurich release, use the sn_cmp.cloud_event.parallel_scheduler_count property to scale the Cloud Event Scheduler per the event inflow rate. Running multiple cloud event schedulers in parallel helps to improve the event processing rate of the instance. For more information on scaling the Cloud Event Schedulers, see Scale the AWS cloud event schedulers.

    During event processing, the Cloud Event Scheduler identifies the domain of the service account and assigns to the event. If an error occurs in identifying the domain before processing, the event can sometimes stay unassigned and become visible to all domains. To prevent the failed events visibility to all domains, you can set the sn_cmp.error_events.default_domain property to sys_id of the service-provider domain so that the failed events appears only to the service-provider domain administrator.