Amazon Web Services EC2 Linux Out Of Box Catalog items

  • Release version: Washingtondc
  • Updated September 22, 2023
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Amazon Web Services EC2 Linux Out Of Box Catalog Items

    The Amazon Web Services EC2 Linux Out Of Box Catalog items provide a streamlined way for ServiceNow customers to request Linux virtual machines (VMs) on EC2, with a focus on compliance, security, and configuration management. The catalog enables the ordering of various instance types and additional disk volumes while ensuring adherence to organizational policies.

    Show full answer Show less

    Key Features

    • Linux VM Ordering: Customers can order a Linux VM on EC2 capable of installing the Agent Client Collector (ACC), which is essential for production instances.
    • Approval Workflow: Instance types other than t2.nano and t2.micro require administrative approval; automated compliance checks are performed via a Cloud Configuration scan.
    • Disk Volume Management: Up to 10 additional disks can be ordered, with no approval needed for the first two. Additional disks require administrator approval.
    • Enhanced Security: Customers can assign a Network Security Group to ensure secure access to the VM, allowing for restricted network access based on VPC and subnet configurations.
    • Tagging: Resources are tagged with key-value pairs for management, with plans for future updates to reflect these tags in the public cloud.

    Key Outcomes

    By utilizing the EC2 Linux Out Of Box Catalog items, ServiceNow customers can effectively provision compliant and secure Linux VMs on Amazon EC2, enhance their operational efficiency, and maintain adherence to security policies, all while simplifying the request and approval process for additional resources and configurations.

    Cloud Services Catalog Linux VM with agent client collector (ACC), up to 10 additional disks on EC2 or with security groups.

    This is a fully functional sample catalog item that can be used to request a Linux instance of any instance type from Amazon EC2.

    The video demonstrates how to order an Amazon Web Services EC2 Linux virtual machine.

    Linux VM orders and features:

    Order Features

    Order a Linux virtual machine on EC2, that allows installation of agent client collector. ACC is compulsory for production instances. VM sizes other than t2.nano, t2.micro require approval. Cloud configuration scan is run for compliance checking.

    For instance types other than t2.nano and t2.micro, approval is needed from administrator, by policy. The catalog item has built in client rules to drive an ACC (Agent Client Collector) installation when the deployment environment is marked for production.

    To select the credential alias key for ACC deployment from mid, the appropriate ACC admin role permissions are required to be bestowed to the user. For prerequisites check “Deploy ACC-* in post provisioning” below. The work-flow automation runs a CCG scan on the deployed Linux instance and checks the policy rule with the configuration of the VM. If there is any violation, the stack will be set with 'Follow up required' state to notify that the stack deployment is not as per norms.

    Order a Linux virtual machine on EC2 and specify up to 10 additional disk. For up to two disks, no approval is necessary. Seek approval for anything beyond that.

    This catalog item form allows ordering up to 10 additional disks (volumes) attached to the VM of varying sizes and types. If more than two additional disks are added to the request, seek approval from administrator, by policy.

    Order a secure Linux virtual machine with enhanced security by assigning a Network Security Group for highest level of security.

    This catalog item form allows capability to assign one Network Security Group to the compute instance so that the network access to the VM is restricted. Security groups are listed for the selected VPC and subnets.
    Note:

    Tag (key-value) is assigned to all deployed resources. Example: VM, network, storage as present in the stack.

    The key-value is updated only in the cmdb_key_value table, not in public cloud at this time. This will be fixed in future releases to update the tags in cloud.