Cloud Configuration Governance actions reference

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud Configuration Governance actions reference

    Cloud Configuration Governance (CCG) in ServiceNow leverages Integration Hub subflows to interact with cloud environments and update configuration data within the Configuration Management Database (CMDB). These predefined actions enable customers to read configuration settings, create audit records, and insert resource records efficiently, supporting governance and compliance workflows in cloud management.

    Show full answer Show less

    Key Actions and Their Uses

    • CCG – Read Config Setting: Reads configuration data from a specified cloud resource. Users specify the resource record and the configuration key to retrieve targeted configuration details.
    • Assign Subflow Outputs: Controls reporting of audit violations detected during governance checks. It allows enabling or suppressing violation reports and specifying the violation definition to document the issue accurately.
    • Create Record: Creates a new audit result record in the CMDB table Audit Result [snitomccgauditresult]. This action captures key details such as scan run, test run status, violation details, associated cloud resource, and severity, enabling structured audit tracking.
    • CCG – Insert Resource Record: Inserts or updates a resource record in the CMDB with comprehensive metadata including scan run, service account, datacenter, resource identifier, name, type, cloud provider, details, and additional attributes. This ensures the CMDB reflects accurate cloud resource inventory information.

    Practical Benefits for ServiceNow Customers

    • Automates the extraction and updating of cloud configuration data, reducing manual efforts and errors.
    • Supports consistent audit violation reporting aligned with governance policies, improving compliance visibility.
    • Maintains accurate and detailed cloud resource records in the CMDB, facilitating better asset management and impact analysis.
    • Enables integration of cloud configuration governance within broader ServiceNow workflows using Integration Hub actions.

    Cloud Configuration Governance (CCG) uses Integration Hub subflows to interact with the cloud and update the configuration data in the Configuration Management Database (CMDB).

    CCG – Read Config Setting

    Use this action to read the configuration data of the resource.

    To use this action, insert an action and then navigate to Action > Cloud Configuration Governance > Utils > CCG – Read Config Setting.

    Table 1. CCG – Read Config Setting action
    Field Description
    Resource [Resource] Resource record that contains the configuration data.
    Configuration key [Configuration Key] Configuration key you want to read.

    Assign Subflow Outputs

    Table 2. Assign Subflow Outputs form
    Field Description
    Report issue

    Option to enable the subflow to report the audit violation.

    Select the Report Issue option in the Data column or clear this check box to set or clear this field.

    • Selected: Report the issue as per the violation definition selected in the Audit Violation Reporting field of the policy.
    • Cleared: Cloud Configuration Governance doesn’t report the violation. Create a custom record for the audit violation. You can specify conditions to control the creation of the audit violation record.
    Details Violation definition that you want to report for the violation.

    Enter the violation definition in the Details field in the Data column. This field is required if you've selected the Report Issue option.

    Create Record

    Use this action to create a record in the CMDB.

    To use this action, insert an action and then navigate to Action > ServiceNow Core > Default > Create Record.

    Table 3. Create Record action
    Field Description
    Table Name of the Configuration Management Database (CMDB) table where the audit result is stored.

    Set this field to Audit Result [sn_itom_ccg_audit_result].
    Fields Details of the record that you want to create in the Configuration Management Database (CMDB).

    Add the following fields and configure input for them:

    • Scan Run: Scan run during which Cloud Configuration Governance has identified the audit issue.
    • Is Test Run: Indicates whether Cloud Configuration Governance has reported the audit issue during a test run.
    • Details: Details of the violation.
    • Violation Definition: Violation definition of the audit issue.
    • Resource: Cloud resource for which Cloud Configuration Governance has raised the audit issue.
    • Severity: Severity of the audit issue.

    CCG – Insert Resource Record

    Use this action to insert a resource record to the Configuration Management Database (CMDB).

    To use this action, insert an action and then navigate to Action > Cloud Configuration Governance > Utils > CCG – Insert Resource Record.

    Table 4. CCG – Insert Resource Record action
    Field Description
    Scan run Scan run for which the subflow must create the resource record.
    Service account Service account to which the resource is attached.
    Logical datacenter Logical datacenter to which the resource is attached.
    Identifier Identifier of the resource record.
    Name Name of the resource.
    Type Resource type.
    Provider Cloud provider that hosts the resource.
    Details Details of the object that you want to store in the resource record.
    Attributes Any additional resource attribute that you want to import to the CMDB.