AWS Backup Vault pattern-based discovery

  • Release version: Yokohama
  • Updated May 6, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of AWS Backup Vault pattern-based discovery

    The AWS Backup Vault pattern-based discovery in ServiceNow identifies AWS Backup Vaults within your cloud environment using Discovery and Service Mapping Patterns. This enables you to accurately populate and update your Configuration Management Database (CMDB) and related tables with detailed vault information, supporting effective cloud resource management.

    Show full answer Show less

    Prerequisites and Setup

    • AWS Discovery Prerequisites: Ensure you meet all AWS discovery prerequisites as outlined in the Amazon AWS Cloud components discovery documentation.
    • Resource Inclusion List: Verify that AWS Backup Vault resources are not included in the Resource Inclusion List [sacloudinventoryresourcewhitelist] to prevent duplicate discovery.
    • Pattern Activation: The AWS Backup Vault pattern is disabled by default. Starting with Visibility Content version 6.28.0, enabling or disabling patterns does not count as customization, and patterns automatically reset to the latest version upon upgrade while retaining their active status.

    Data Population

    The discovery process populates data in both CMDB and non-CMDB tables:

    Non-CMDB Data

    When running the Amazon AWS - Backup Backup Vault - Extended Inventory (LP) pattern, data is stored in non-CMDB AWS tables accessible via All > Configuration > AWS or by searching the pattern name. Key fields include:

    • Name: AWS Backup Vault name.
    • Object ID: Unique Amazon Resource Name (ARN) for the vault.
    • Max Retention Days: Maximum retention period for recovery points.
    • Number of Recovery Points: Count of recovery points in the vault.
    • Vault State and Type: Current state and type of the backup vault.
    • Configuration Item: Reference to the Cloud Resource table.

    CMDB Data

    The same pattern populates the Cloud Resource [cmdbcicmpresource] table with key vault details such as Object ID (ARN), name, resource type (set to AWS::Backup::BackupVault), operational status (default Operational), and install status (default Installed).

    Configuration Item (CI) Relationships and References

    The pattern creates important relationships and references to support comprehensive discovery:

    • CI Relationships: Links the AWS Backup Vault to the AWS Datacenter where it is hosted.
    • CI References: Connects the Backup Vault record to its corresponding Cloud Resource and Key Value records for tags.

    AWS Tag Discovery

    The pattern collects AWS tags associated with the Backup Vault and stores them in the Key Value [cmdbkeyvalue] table. Each entry includes the tag name (key), tag value, and a reference to the relevant Cloud Resource configuration item.

    Benefits for ServiceNow Customers

    • Automates discovery and inventory of AWS Backup Vaults, ensuring accurate and current data in your CMDB.
    • Supports cloud governance by tracking vault retention policies, recovery points, and operational status.
    • Enables relationship mapping between vaults and AWS datacenters for better infrastructure visibility.
    • Facilitates tag management to enhance resource categorization and reporting.
    • Reduces manual effort and risk of duplicate records through resource whitelist management and pattern activation features.

    Discovery and Service Mapping Patterns finds AWS Backup Vaults on your cloud environment. Discovering some of these resources may require updating to the latest version of the Discovery and Service Mapping Patterns application from the ServiceNow Store.

    Pattern-based discovery and mapping requirements

    Verify the AWS discovery prerequisites
    For more information, see the prerequisites section in Amazon AWS Cloud components discovery using patterns.
    Remove resources from the Resource Inclusion List table
    Verify that the relevant resource isn't listed in the Resource Inclusion List [sa_cloud_inventory_resource_whitelist] table to avoid duplicate discovery. For more information on removing resources from the Resource Inclusion List, see Amazon Web Services (AWS) Resource Inventory.
    Enable the relevant pattern
    The pattern for this service is disabled by default. Starting with Visibility Content version 6.28.0, activating or deactivating a pattern won't be considered a customization, and it will continue to receive updates. Patterns that were previously activated or deactivated will reset to the latest predefined version after upgrading while retaining the last active field value. For more information on enabling patterns, see Activate a disabled pattern.

    Discovery and Service Mapping Patterns application populates data in both CMDB and non-CMDB tables.

    Data stored in non-CMDB tables

    Discovery and Service Mapping Patterns application populates data in the non-CMDB table when running the Amazon AWS - Backup Backup Vault - Extended Inventory (LP) pattern.

    You can review the non-CMDB AWS tables by navigating to All > Configuration > AWS. You can also search the navigation filter for the specific pattern name.

    Table 1. AWS Backup Backup Vault [cmdb_aws_backup_backup_vault]
    Field Description
    Name [name] Name of the AWS Backup Vault.
    Object ID [object_id] Amazon Resource Name (ARN) that uniquely identifies the backup vault.
    Max Retention Days [max_retention_days] Maximum number of days a recovery point can be retained in the backup vault.
    Number of Recovery Points [number_of_recovery_points] Number of recovery points stored in the backup vault.
    Vault State [vault_state] Current state of the backup vault.
    Vault Type [vault_type] Type of the backup vault.
    Configuration Item [configuration_item] References the Cloud Resource [cmdb_ci_cmp_resource] table.

    Data stored in CMDB tables

    Discovery and Service Mapping Patterns application populates data in the CMDB when running the Amazon AWS - Backup Backup Vault - Extended Inventory (LP) pattern.

    Table 2. Cloud Resource [cmdb_ci_cmp_resource]
    Field Description
    Object ID [object_id] ARN that uniquely identifies the backup vault.
    Name [name] Name of the AWS Backup Vault.
    Resource type [resource_type] Type of resource. The value is set to AWS::Backup::BackupVault.
    Operational status [operational_status] Operational status of the resource. Default value is Operational.
    Install Status [install_status] Install status of the resource. Default value is Installed.

    CI relationships

    The Amazon AWS - Backup Backup Vault - Extended Inventory (LP) pattern creates the following relationships and references to support AWS Backup Vault discovery. References link to records in other tables and don't appear in the CI Relationship [cmdb_rel_ci] table.

    Table 3. CI relationships
    CI Relationship CI
    Cloud Resource [cmdb_ci_cmp_resource] Hosted on::Hosts AWS Datacenter [cmdb_ci_aws_datacenter]
    Table 4. CI references
    CI Field Referenced CI
    AWS Backup Backup Vault [cmdb_aws_backup_backup_vault] Configuration Item [configuration_item] Cloud Resource [cmdb_ci_cmp_resource]
    Key Value [cmdb_key_value] Configuration item [configuration_item] Cloud Resource [cmdb_ci_cmp_resource]

    AWS Tag discovery

    The Amazon AWS - Backup Backup Vault - Extended Inventory (LP) pattern collects tags and populates them in the Key Value [cmdb_key_value] table.

    Table 5. Key Value [cmdb_key_value]
    Field Description
    Key [key] Tag name.
    Value [value] Tag value.
    Configuration item [configuration_item] References the Cloud Resource [cmdb_ci_cmp_resource] table.