The commoditization of technology has reached its pinnacle with the advent of the recent paradigm of Cloud Computing. Infosys Cloud Computing blog is a platform to exchange thoughts, ideas and opinions with Infosys experts on Cloud Computing

« Infosys approach to SAP on Cloud assessment. | Main | The Intelligent Guard Who Detects Threat in Cloud- AWS GuardDuty »

Enable Enterprise self-service through AWS ASM connector for ServiceNow

Last decade of cloud computing was all about rushing to cloud to reap the benefits of being economical, agile, flexible, scalable, reliable, elastic and speed of deployment. But now clients want more, they are looking for cloud 2.0 where they look for consistent and repeatable experience when they scale by establishing right level of controls without slowing down the innovation.

This translates into cloud operations requirements like:-

  • Enable enterprise to achieve self-service through automated resource provisioning in standardize manner and integration with enterprise ITSM systems.
  • Manage proactive central governance and security.

 But there are some challenges like:-

  • There are too many operational tools in organizations.
  • Different ownership for ITSM tools and AWS platform. 
  • Lengthy procedure and lot of time taken for resources from placing the request to get it provisioned and there are several hand-offs  

The solution is to have an integration between ITSM tools like JIRA, ServiceNow and AWS platform. For ServiceNow it can be achieved using AWS service management connector. This ASM connector enables integration features for AWS Service Catalog, AWS Config and AWS Systems Manager within ServiceNow which enable end users to provision, manage and operate AWS resources natively through ServiceNow. This helps enterprises to achieve integrated and streamlined resource provisioning and management process where cloud resources are also ordered, provisioned and removed like other IT assets. 

Below are some of the features of this solution: -

  • Support AWS Service Catalog portfolios and products to enable ServiceNow users to request, update and terminate AWS products via ServiceNow Service Catalog.
  • Support for AWS Config configuration items of provisioned products to enable end users to see resource details and relationships via ServiceNow CMDB
  • Support for AWS Systems Manager automation documents to enable end users to request permitted automation playbooks on AWS resources via ServiceNow
  • Freely available in the ServiceNow Store for Orlando, New York and Madrid platform releases. Only ITSM module of SNOW is required to leverage it.

Below will be the experience of ServiceNow end user:-

  • End user is able to browse AWS products and portfolio in ServiceNow interface which are synced in SNOW from AWS service catalog via API's. 
  • User then place a service request like any other IT resource. 
  • This request then follows a pre-defined approval workflow and moves to approver. Once approved, it triggers AWS service catalog to provision requested AWS resources in AWS platform.
  • There is a clear segregation of responsibilities where SNOW team is responsible to manage the SNOW side integration as well as interface and AWS platform team is responsible for CloudFormation templates, publishing catalog products and govern AWS resources.
  • Since CloudFormation template is used in the backend, almost all AWS services can be ordered and provisioned via this integration. 
  • They are immutable, which means end user can't alter them or they can be requested as is only. 
  • AWS administrator can standardize best practice and enforce compliance by putting some constraints, perimeter validation, IAM assignment, tag enforcement, EBS encryption, specific security group etc to name a few.
  • Once request is fulfilled and AWS resources are provisioned a notification is triggered and they are available for end user to access them.
  • Workflow completes, end user gets required AWS resource and will also be able to perform certain self-service actions like update, start, stop, terminate and reboot AWS resources.

The advantage of this workflow is that users do not need to be cloud experts. They need not be concerned about governance and compliance which needs to be followed while consuming cloud services. Even they do not need to have the access to that specific AWS service being ordered in AWS platform. They have pre-defined and pre-approved set of AWS services to be leveraged meeting all enterprise requirements.

If client is looking to accelerate cloud adoption, Agility, faster time to market and boost experimentation and innovation while adhering to compliance and security requirements, this solution is worth looking into.

Reference- Amazon Web Service

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.