Cloud Deployment Automation

  • Release version: Yokohama
  • Updated January 30, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Cloud Deployment Automation

    Cloud Deployment Automation automates the deployment and provisioning of AWS CloudFormation services within ServiceNow using Service Catalog or the Service Portal. It enables efficient management of AWS infrastructure by streamlining stack and stack set operations directly through ServiceNow interfaces.

    Show full answer Show less

    To use this application, customers must activate and configure the AWS CloudFormation spoke. This application also integrates with decision tables and roles to manage approvals, assignments, and failure handling.

    Key Features

    • Catalog Items and Flows: Automate AWS CloudFormation tasks such as creating, updating, and deleting stacks and stack sets. Each catalog item triggers an associated flow which can be customized by copying it into a new application scope.
    • Subflows: Prebuilt subflows handle automation failure events by creating incidents or events and include utility subflows for fetching approvers, assignees, and stack status from AWS.
    • Actions: Includes an action for transforming arrays of objects based on key-value pairs to support flow logic.
    • Decision Tables: Used to define policies for user and group approvals, incident and task assignments, and automation failure handling, enabling dynamic routing and escalation.
    • User Roles: The role snclouddpmtatmn.clouddeploymentautomationuser allows viewing catalog items. To create and submit catalog items, users also require the management user, ITIL, and Catalog Admin roles.
    • System Properties: Configurable properties allow customers to include or exclude AWS regions and control flow execution limits, enhancing flexibility and governance.

    Practical Use and Setup

    ServiceNow customers can set up Cloud Deployment Automation by configuring the Service Portal page to expose default catalog items for AWS CloudFormation operations. Customizing flows and subflows enables tailoring automation to organizational processes.

    This automation reduces manual effort in managing AWS CloudFormation resources, improves consistency, and integrates approval and incident management workflows within ServiceNow.

    Automates the deployment and provisioning of the AWS CloudFormation services using Service Catalog or Service Portal.

    Request apps on Store

    Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Spoke dependencies

    You must activate and set up the AWS CloudFormation spoke to use this application.

    Catalog items and flows

    The Cloud Deployment Automation provides catalog items and flows to automate tasks. When a catalog item is submitted, the associated flow is triggered and the task is performed. To customize a flow, create a copy of it in a new application scope. Available catalog items and flows include:

    Catalog Item or Flow Description
    Create Stack Creates a stack in AWS CloudFormation account.
    Create and Execute Change Set Creates and executes a change set in AWS CloudFormation account.
    Create Stack Set Creates a stack set in AWS CloudFormation account.
    Delete Stack Deletes a stack in AWS CloudFormation account.
    Delete Stack Set Deletes a stack set in AWS CloudFormation account.
    Update Stack Set Updates a stack set in AWS CloudFormation account.

    Subflows

    The Cloud Deployment Automation provides subflows to demonstrate automating tasks. To customize a subflow, create a copy of it in a new application scope. Available subflows include:

    Subflow Description
    Create Event Creates an event if automation fails.
    Create Incident Creates an incident if automation fails.
    Dynamic Flow Template Subflow template to create event and incident.
    Fetch Approvers and Assignees Retrieves details of approvers (groups and users), assignee, and assignment group for the requested item, catalog task, and incident from the decision tables.
    Get Stack Set Operation Result Status Reason Retrieves the AWS CloudFormation stack set operation result status reason.
    Get Stack Set Operation Status Retrieves the operation status of the AWS CloudFormation stack set.
    Get Stack Status Retrieves the status of the AWS CloudFormation stack.

    Actions

    The Cloud Deployment Automation provides an action, Change Array.Object Internal Names to change an array of objects to another array of objects based upon the key value pair.

    Decision tables

    The Cloud Deployment Automation application uses decision tables to save the required information. The decision tables include:
    Decision table Description
    CDA Requested Item User Approval Policy Policy used to assign a requested item to the relevant user for approval.
    CDA Requested Item Group Approval Policy Policy used to assign a requested item to the relevant group for approval.
    CDA Incident User Assignment Policy Policy used to assign an incident to the relevant user.
    CDA Incident Group Assignment Policy Policy used to assign an incident to the relevant group.
    CDA Failed Automation Flow Policy Policy used to choose between creating an incident or an event when an automation failure occurs.
    CDA Catalog Task User Assignment Policy Policy used to assign a catalog task to the relevant user.
    CDA Catalog Task Group Assignment Policy Policy used to assign a catalog task to the relevant group.

    User roles

    The Cloud Deployment Automation application provides the sn_cloud_dpmt_atmn.cloud_deployment_automation_user role. Users with this role can view cloud deployment automation catalog items.
    Note:
    User must have the sn_cloud_dpmt_atmn.cloud_deployment_automation_user _mgmt_user, ITIL, and Catalog Admin roles to create and submit catalog items.

    System properties

    The Cloud Deployment Automation application provides system properties that you can configure as per your requirement.
    System property Description
    sn_cloud_dpmt_atmn.exclude_aws_regions List of additional regions that should be excluded from those mentioned in the CloudDeploymentAutomationUtils script include.
    sn_cloud_dpmt_atmn.include_aws_regions List of additional regions that should be included to those mentioned in CloudDeploymentAutomationUtils script include.
    sn_cloud_dpmt_atmn.flow_loop_limit Number of hours that flows should run in loop before they exit.

    Navigate to System Properties > All Properties to configure the values of these properties.