ServiceNow Cloud Management Certification-Orlando

runtime expressions

$(Stack.Items[network].attributes[object_id]) - this expression is evaluated at runtime. It returns the network name of the resource called Network in the Stack.Items - AWS name needed to configure another resource will not become available until the stack is executed

Definitional expressions

${parameter.CloudAccount} - evaluated before runtime returns the name of the cloud account selected from cmdb_ci_cmp_cloud_account list by the cloud account pool, resource pool

REST API return variables

1) 200 is success 2) 400 error client or 500 error server is failure

Azure Cloud products

1) Resource groups-management 2) virtual machines - virtualization 3) storage accounts - storage 3) virtual networks 4) network security groups - host based firewall 5) arm Templates 6) Azure active directory - identity and access management 7) microsoft insights -configuration management 8) subscriptions - billing

REST API components

1) Service - i.e. S3, EC2 2) method -REST verbs o perform CRUD operations - GET, POST, PUT, DELETE 3) endpoint - a url designated by cloud provider for api calls 4) header - mandatory or optional info required to setup API call between REST client and REST service 5) data-information exchanged by REST client and REST service typically JSON format 6) authentication - programmatic credentials to perform cloud tasks

Policy actions

1) enforce attribute settings 2) aborting the execution for an unapproved user 3) approvals 4) Custom workflows

Expressions used to

1) hold values for resource blocks that can be read and written 2) map input parameters in blueprints for resource block parameters 3) invoke set or override values in forms

Expression evaluated during stack execution

1) late binding during orchestration 2) allows access to values not know before orchestration - stack items, script include, conditional expressions, runtime expressions ( ), complex expressions formed by nesting expressions within expressions ( ( ) )

Endpoint operations

1) list of operations available for bound resource blocks i.e. attaching and detaching storage volume resource block from virtual server resource block

Naming new CAPI interface

1) name that reflects general function 2) suffix - Interface

Policy Action scripts

1) require Action script category to group similar scripts 2) customScripts function is only part to modify 3) two methods - userData, formData

Host Resource

1) resource block that guest resource block will run on 2) Host interface are the ports available on a server 3) Host resource block must have a guest interface that the resource block you are creating can connect to 4) virtual server resource block connects to Compute Guest interface of the AWS Datacenter Resource block. host interface of the virtual server resource block must also be the Compute interface

Blueprint composition

1) resource blocks and input values 2) operations i.e. provision is automatically broken down into steps and each step is associated with a resource block.

property override action

1) set or override value of parameters of operation 2) Action name must start with alpha character and no spaces 3) value to set is not a literal or calculated value or value only know at run-time - can use script

How cloud management works

1) setup credentials and cloud service accounts 2) compute profiles - Cloud admin -virtual hardware, OS profile setup 3) Blueprints - designing, configuring, publishing to define operating system 4) Cloud catalog items 5) Policy - stack approvals, naming conventions, configuration settings (security and compliance)

Resource Pool definition

1) static - does not change when items are selected from it 2) Diminishing - reduces items and useful for resources that can only be used once 3) Lookup table - table form which values are presented 4) Lookup field labels - ignored for scripted resource pool

Resource Block Cloud Management Object

1) ties CAPI operations and the CI class together 2) resource block executes CAPI operation. often utilizes response processor to write results of the operation to a CMDB CI 3) used to build a blueprint and blueprint will make new product\service available to end users via cloud catalog

Manage stack icon

1) toggle to stack operations view, 2) view dependency icon

Stack Lifecycle Management-Activities Window

1) track state of stake, request support, 2) Change requests & approvals, Incidents and Cloud events

Policy rule components

1) trigger - some function or user making a request to activate conditional logic 2) conditions - conditional logic to group membership or value of an atttibute 3) actions to perform

Resource Block

1) used to group CAPI operations for a particular type of Service. 2) Ties CAPI operations and CI class together- operations to a particular CI class 3) used to build a blueprint

createSnapshot() function

1) uses AWSCloudAPIBase class to create awsAPI object

Mid Server (java application on windows or linux)

1) uses port 80 or 443 (no inbound calls) 2) windows is required if running powershell scripts 3) ECC queue stores all messages between mid and servicenow instance 4) mid_server role 5) JRE installed separately 6) typically behind firewall (SSH, HTTPS, HTTP, ICMP enabled)

Software Deployment with Resource Blocks

1) Powershell scripts used to install software on Windows servers -Need windows MID server 2) shell scripts to install software on Linux 3) applications installed via a resource block are mapped to a CI class 4) fewer steps do not need to configure binding and endpoint mappings 5) hosted on a virtual server resource block

Rule actions

1) Reload 2) show 3) Hide 4) make mandatory 5) MakeNonMandatory 6) SetValue 7) SetValueByScript 8) TriggerChangeEvent 9) MakeReadOnly 10) MakeEditable

Cloud agnostic blueprints

1) Requires use of logical datacenter resource 2) property option - constraint that specifies what clouds blueprint can run on if used

Policy rule actions - on Task remediation

1) ServiceNow approval- manager or group approval 2) custom approval - returns approved or rejected as output

scripted resource pools components

1) execute resource pool filter script 2) call script include 3) run query with environment information 4) return results 5) return records 6) output records to pool

Response processor

1) format of data returned by Operations response (vendor documentation 2) data format required by CI class - CI class atributes 3) needs object_id not name

Cloud Admin portal

manage, design, govern, operate, analyze - cloud admin and system admin roles

Manage stack

need 1) Blueprint names 2) StackName

Runtime expressions

network - $(Stack.items[network].attributes[object_id]) at runtime the compute security group resources network attribute is mapped to the object id of the network attribute that is available in the executing blueprint. example is public IP address will not be available until stack is executed

Action -abort process

prevents user from launching a stack - can customize end user message for abort

Rest API error code 400

this is a client error

Policy Expressions

1) $(parameter.formData.BusinessService) - retrieves the value entered in the order form by the user 2) $(parameter.userData.userId) - captures the ID of the user filling out the form 3) $(randomNumber) - generates a 3 digit random number> It can be written next to another parameter to create a concatenated value

Budget configuration

1) group 2) budget period - weekly, monthly, quarterly, yearly 3) Group max limit-the max dollar amount the group should spend on cloud resources 4) per user limit - the max any member of the group should spend on cloud resources 5) alerting mechanism-will not prevent user or group from launching a stack

Cloud Operations dashboard

1) identify stack failures 2) placement and consumption of resources 3) Cloud Service Requests

Billing tags

1) internal created by cloud management app 2) ServiceNow tags created by Servicenow instance 3) user defined imported from Azure or AWS

AWS cloud formation templates (JSON, YAML)

text files in JSON no YAML ServiceNow support

Host Resource Block

the guest resource block may run on. Host interface similar to ports -SSH is port 22

AWSCloudAPIBase

this class uses AmazonWebServicesInvoker and inherits from CloudAPIBase. Only class required to write a REST API call to AWS. Class provides option of using an executeAction method, which is an AWS implementation of GET or the invoke method which provides all of the standard REST API verbs

Successful Rest API

Returns a code of 200

Policy rule actions - no approvals required

1) execute a script 2) Property override 3) abort process

CAPI extension

architect dependencies between CDMB, CAPI and the Resource block

endpoint operation mapping -attached to

use is reserved for special dependencies/operations required between two resources. connection between two attach points is a binding and it has properties. it also creates an additional step in blueprint

Cloud Management Resource Blocks

used to model cloud infrastructure required to deploy an application - i.e. lego blocks

Cloud management programmatically connected to target cloud provider

uses discovery to capture cloud resources and store them in CMDB and Cloud management tables- abstraction layer controls attributes display. Cloud admin manually map virtual hardware and OS to configure virtual machines

Cloud orchestration service

utilize CAPI to translate blueprint to provision stack. Code is passed to mid server to run API proxy probe against target cloud. Inbound ICMP traffic is required networking.

Resource Block operations

1) edit 2) new 3) Override - add functionality to existing operation without negatively impacting the the ability to upgrade Cloud management application

Cloud API - REST API

1) API calls are methods implemented as operations to programmatically create, configure, delete resources in the target cloud 2) resource block used to group and order the CAPI operations for a particular service 3) resource block mapps the operations to a particular CI class to ensure that the current state of the target cloud is accurately reflected.

Viewing launched stacks

1) All stacks discovered by ServiceNow (Cloud resources with ServiceNow tags) 2) Stacks with Issues 3) Discovered Stacks - stack found during discovery key name tag "ServiceNow Instance" 4) other categories automatically generated based on blueprint name of stack that is launched.

Cloud Admin - custom tag

1) Analyze>tag>tag management tab 2)must Sync Catalog item

blueprint - connecting resources

1) Attached to 2) deployed on point - most common

Azure credentials

1) Azure Service Principal - pay as you go subscription 2) Azure AE account- pay per enterprise each month

Policy rule approvals

1) Blue print provision approval - approval before provision stack based on blueprint 2) stack operation approval - operations such as stop, start stack3) stack resource operation approval - consume resources such as storage in blueprint

Cloud API components

1) CAPI providers collection of software products and cloud providers - used for billing 2) CAPI interface- framework to make rest api calls 3) CAPI API - implements the code required to make rest api calls to a product or cloud service

Root Cause analysis dashboard logs

1) Cloud API (CAPI) trail logs orchestration tasks related to cloud api calls 2) Cloud orchestration trail and Cloud root cause analysis search

CAPI interface naming

1) Cloud API interface is generic 2) name should explain function (create, list, delete, etc) 3) creating parameters - check vendor documentation and test with REST api client

definitional expressions (parameters)

1) Cloud account ($parameter.CloudAccount) - mapping the cloud account attribute of blueprint container to its cloud account parameter 2) OS profile $parameter.Virtual_Server_OSProfile 3) availability zone $parameter.Storage_Volume_AvailabilityZone - availability zone attribute of virtual server resource to availability zone of the storage volume resource

Troubleshooting - error from cloud provider

1) Cloud orchestration trail 2) look in CAPI provides info on transactions that traverse the mid-server first, then look in MID Server Logs 3) Mid server logs capture all communication between ServiceNow and cloud provider api endpoint- result of a malformed request or unavailable server can be found

IaaS cloud components

1) Compute and storage, 2) Management portals and API's 3) Monitoring and logging 4) Security and networking

Blueprint update set export

1) Dependent scripts are not included automatically and need to be explicitly selected for export 2) Metadata lists the exact order that update sets need to be imported into target instance 3) sn_cmp.cloud_service_designer required to export update sets

Cloud admin portal - add a field

1) Design>Blueprint>provision>deployment model tab 2) Sync catalog item adds to catalog item variable sets

Cloud Admin Portal - add tab

1) Design>cloud catalog item 2) variable set record name 3) tab must have variable field to show as a tab

Blueprint - Fixed values and boolean (parameters) - case sensitive

1) Device /dev/xvdf - mapping device attribute of storage volume to virtual server attach resource to a fixed value 2) DHCP enabled - True - mapping a DHCP enabled attribute of a subnet to boolean value of true

Resource Pools

1) Display a subset of records from a table 2) all of the records in a table

blueprint operations section

1) Display operation steps for inputs 2) Optimize plan will order steps in parallel to reduce deployment times

Blueprint designer - publish to catalog

1) Draft mode, checked in, and published to show up in catalog

AWS cloud products

1) EC2 (elastic cloud compute) - virtualization 2) EBS (elastic block storage) - storage 3) S3 - storage 4) VPC - networking 5) Cloud formation - AWS templates 6) IAM - identity and access management 7) SNS - simple notification services 8) config - configuration management

Stack Lifecycle Management-header & resources

1) Header -stack status, operation-stop, start, deprovision 2) resources window - green functioning, yellow resource is being modified, red resource failed, grey resource has been terminated

Resource profiles

1) OS profiles - operating systems that can be installed 2) compute profiles - virtual hardware (instance types) available to provision instances 3) application profiles- allow servicenow to use applications created by a continuous delivery tool like chef or ansible 4) schedule profiles - allow cloud admin to define operational times for virtual infrastructure 5) compute security group profiles - allows users who are deploying network stacks to create security groups to help secure their applications

Cloud management CI classes need

1) Object ID attribute for identification 2) required for CAPI extension 3) identification must take place to ensure uniqueness 4) CI's cannot be added from Cloud Management 5) all have dependency on logical data center CI 6) all have dependency on Cloud service account

CI types in CMDB

1) Physical entity - computer or virtual 2) logical entity - DB 3) conceptual - requisition service

Policy form

1) Policy group - group like policies together 2) Policy trigger - event that calls policy 3) Policy operation - applies to specific operations 4) start and end date when the policy can run 5) order of execution - no order it will run first 6) Rules - conditions and actions of the policy

Policy attributes

1) Policy trigger 2) Blueprint/catalog item/resource block 3) operation 4) moment-only shown when policy trigger is on a resource operation 5) start date 6) end date

Day 2 activities

1) Setup an additional cloud account 2) Add a datacenter to a cloud account 3) schedule discovery of all resources in a service account 4) schedule discovery of all resources in a datacenter 5) discover all resources in a data center on demand 6) discover all datacenters in a service account on-demand 7) set capacity limits on user requests for resources

blueprint operations steps

1) Steps and inputs values assigned by mapping field 2) uses regular expressions to allow for dynamic population of values - often returns sys_id for value being referenced

API Provider - Add new Product form

1) Switch from global scope to Cloud API scope 2) to add new product need new CI class 2) sn_capi_product table for cloud products

Cloud Script components

1) Template - Bash, Powershell, python script 2) Script - javascript code used by Cloud management to call and execute script contained in the template 3) Parameters - inputs or overrides used to configure the template

Quotas

1) VM count 2) vCPU count 3) storage volume size 4) Network count (VPCs)

application profile blueprint

1) WorkloadConfigProviderType - i.e. select configuration management tool chef, ansible 2) WorkloadConfigProvider - i.e. select a specific chef, ansible Tower server to connect to after provider type is chosen

Expression components

1) an expression when evaluated results in a value 2) combination of functions, identifiers, and values interpreted and evaluated to a value

application template -Cfg installables

1) ansible tower job templates 2) chef recipes

Layers to categorize resource blocks

1) application 2) platform 3) logical data center 4) virtual infrastructure 5) virtual workload

Response Processor

1) appropriate for cloud infrastructure 2) ITOM discovery may replace need for Response processors 3) consider using ITOM discovery to discover applications

Blueprint designer-Deployment model view

1) blueprint canvas 2) operations-displays lifecycle operations available for blueprint 3) resources

Policy Rule action - property (attribute value) override

1) blueprint provision trigger/catalog item launch trigger 2) controls order form data 3) replaces values with values or formatting dictated by Policy 4) Virtual Network property requires a sys id

update set content dependencies

1) blueprints (resource blocks, cloud APIs, MID scripts, resource pools, policies, script includes, cloud scripts) 2) cloud catalog items 3) resource blocks (resource pools, resource operation policies, script includes, cloud APIs, dependent resource blocks, MID scripts) 4) Cloud APIs (MID scripts

update sets move cloud management content - download icon cloud admin portal to export

1) blueprints 2) resource blocks 3) cloud APIs

Expressions used in

1) blueprints 2) resource blocks 3) policies 4) forms

application profile blueprint requires

1) bootstrap node operation -initialization of configuration management client 2) Register Node -register hostname/ip with the inventory of CMDB 3) executeConfigPackages installs software/configuration defined by chef recipe/ansible playbook

Execute a script - available using blueprint provision trigger or catalog item launch trigger

1) calls a policy action script to manipulate form data, or generate random numbers 2) userData cannot be overwritten with scripts, but is available to use. 3) cannot edit scripts in publish state

Cloud catalog item

1) catalog 2) source-cloud template 3) template type - ARM or CFT 4) picture - optional 5) validate template successfully 6) set catalog item to active

Azure two deployment models

1) classic 2) resource manager model

OS profile mapping to image template

1) cloud account 2) location (data center/AWS region) 3) image template

AWS cloud events

1) cloud admin portal>operate>Cloud activities 2) cloud activities>cloud events 3) stack has cloud activities/events 4) sent by AWS config Service

Cloud API components

1) cloud api provider 2) cloud api interface 3) cloud api api

Cloud capacity limits vs Quotas

1) cloud capacity are global limits on resources that apply to all users 2) quotas are resource limits that apply to groups and group members (users)

Resource Block binding

1) complimentary relationship of resource block. i.e. relationship between virtual machine resource block and storage volume resource block. Storage volume must be bound (mapped) to a virtual server

Azure setup

1) connect 2) profiles - compute, os for datacenters 3) Cloud alerts - alerts for azure to receive provisioning, de-provisioning, stop, and start notifications 4) Billing

policy object

1) container for policy rules 2) policy rule - trigger conditions - can have multiple policy rules 3) policy rule object is container for policy rules 4)

Schedule profiles

1) control when cloud resources are available 2) lease capability defines when stack terminates 3) Multiplier - Auto-populated value between 0 and 1: The fraction of time that a stack with this schedule is expected to be powered on

add a discovered virtual machine image

1) create or select a new OS profile 2) create OS profile mapping 3) select an image template 4) add Logon credentials for the image (valid AWS username)

Create Script Policy action

1) create policy action script-server side java script 2) create an execution step-policy rule action - not available if requires an approval 3) associate policy with policy action script

CAPI AWS requires

1) credentials - AWS secret key 2) Identity - AWS Access key id

Blueprint designer - Deployment Model

1) defines the connections and the relationships between resource blocks that make up stack

Resource Block - step operation type

1) invoke Cloud API - calls CAPI method from Mid-server script include 2) Invoke host resource operation - allows execution of an operation from a host interface that has been defined for the resource block 3) Invoke script - will execute a script 4) invoke workflow - will execute a workflow 5) resource block operation can have multiple steps

Approval policy - Cloud Governor levels

1) manager approval 2) group approval/assignment group only requires on person in group 3) individual approver/user

Cloud formation templates (CFT) AWS

1) mappings - allows AMI to be associated with the correct regions and hardware types 2) conditions - conditions control what parts of templates are executed

template components - generic

1) metadata - non AWS/Azure information specified by template author 2) resources - an object or service provided by a cloud provider 3) parameters - values use to configure resource attributes 4) outputs - values returned after template is successfully executed

Cloud accounts

1) must be published 2) can be made up of multiple cloud providers and vSphere servers 3) simplest is single datacenter(region)

Blueprint

1) native computing templating solution 2) defines relationship between resource blocks and input mappings to deploy application or cloud infrastructure 3) Blueprint container resource 4) datacenter resource

budget alert

1) notification threshold - percentage budget reached to send alert 2) notification type - alert, severe, warning

Policies on triggers

1) on Blueprint provision 2) on Blueprint provision approval -triggered before call to provision a resource- occurs when the provision workflow checks whether an approval step exits for the blueprint 3) on catalog launch 4) on catalog request end 5) on catalog item request start

Approval policy triggers

1) on blueprint provision approval 2) on stack operation approval 3) on stack resource operation approval 4) Custom approval form workflow editor

Policy triggers-2

1) on lease end 2)on resource operation - on request for an operation on the resource within a stock i.e. stopping a VM within the stack 3) on stack operation approval - approval of a non-provision operation 4) on Task remediation

Azure ARM templates

1) only written in JSON 2) functions - provide ARM templates with logic built in methods and user defined methods 3) variable - feature simplifies the process of resuing values throughout the template

user version billing Dashboards

1) organize by usage data, service category, provider, data center, tags 2) tagged resources all resources (blocks) consumed by users 3) consumed based on application, business service, cost center, project or any servicenow or cloud tag

UI events vs policy

1) policies not viewable by user - UI events are viewable 2) dynamically modify the form based on user choice - UI events 3) policy does not affect performance

Policy components

1) policy 2) policy rule 3) policy rule action

Policies are used to

1) pre-populate or hide form fields 2) complete or override request data 3) manage the approval of requests to provision or change cloud resources 4) generate notifications 5) ensure compliance and conformity 6) abort a process

Profiles

1) profile is the label and 2) template is the actual object in AWS 3) profile mappings connect the profile to the template

Policy rule actions - on resource operation

1) property override - set the value of a parameter of the operation 2) execute a script - operation parameters are available as inputs to the script 3) call cloud api - executes cloud API (CAPI)-output can be used to override parameters 4) IP address management - communicate with an external IPAM system and execute operations on it

Resource Pool filter types

1) query - defined by one or more operator, field, value records 2) script - defined by script that returns lookup value, display value pairs

Expression evaluated before stack executes

1) request submission early binding - before orchestration 2) values contained in CMDB, order form fields, resource blocks (blueprints), tables, resource pools, cloud scripts, random number 3) definitional expressions between { }

AWS billing

AWS billing reports/csv 2) S3 bucket to store billing reports 3) table sn_cmp_imp_aws_cost.list

Cloud data centers

AWS regions where infrastructure/application is located - must be associated with servicenow data center

Cloud Portal - Views button

Allows dashboard to be customized for different groups Cloud administrator, Root Administrator, System Administrator button displays option that allows the portal to display information for all users

Cloud Templates

Azure and ARM templates, AWS Cloud formation, Terraform

Continuous Delivery tools

Chef, Puppet, Ansible, Saltstack

RESTAPIException

Class is used for exception handling. AWSAPIException and AzureAPIException inherit from this class

Add Cloud catalog item to service Catalog from Admin portal

Cloud Admin portal->design cloud template->provision->click pencil icon->create new category with Title of Cloud Compute and catalog value of Service catalog. Save Category and edit its related list ot add the cloud catalog item

CloudRESTRequestSigningUtil

Cloud related signing utilities required for authorization. AmazonWebServicesRequest signer inherits from Cloud RESTRequestSigningUtil. Azure does not require this class because it is built into AzureAPIInvoker

Hybrid Cloud

Combine on-premise resources with off-premise cloud resources (AWS, Azure, Google)

IaaS - Compute and storage

Compute and Storage - virtual infrastructure that applications are deployed to. Most have an image repository for Linux and windows operating systems

SaaS Cloud

Consumer is not responsible for managing any software or hardware associated with the cloud platform. Only application configuration. ServiceNow is an example

IaaS

Consumer is responsible for creating the applicaiton and deploying and managing the virtual network, virtual servers, and the operating systems. Cloud provider provides services to provision core services and virtual machines. ServiceNow Cloud focuses on IaaS clouds

PaaS Cloud

Consumer must create the application, but do not have to manage operating systems, virtual hardware, virtual networking, or application specific services like database and identify management. Advantage is ability scale up or down quickly as required. Cloud Foundry is an example

Cloud Portal - Quota section

Four gauges indicate quota limits for user. Click view all to see comprehensive view of all user and group quotas

Code Repositories

GitHub, BitBucket,

IaaS - Security and Networking

Greatest requirement cloud users - Secure Shell (SSH Keys), host base firewalls, network ACL's, and identity management

Launch a stack>Compute>Ubuntu VM stack-AWS

Inputs 1) Virtual Server network VPC 2) Virtual Server SubnetID (blank until Virtual network is selected) 3) Virtual Server ComputeFirewallName - corresponds to the AWS security group (virtual Server subnetID blank until network is selected)

Auto Update AWS CI information

Integrate AWS Config with a Now Platform instance to receive near real-time Simple Notification Service (SNS) notifications from AWS. The AWS Config service can auto-update CI data in the CMDB whenever Cloud Provisioning and Governance or your AWS account makes a life-cycle state or configuration change to an Amazon resource. As a result, the CI data in the CMDB is updated without having to wait for Discovery to run

ServiceNow uses Java script version of Regex

Javascript version of regex

Cloud Portal-Launch a stack

Launches Cloud Service Catalog to show Cloud catalog templates

Cloud Portal - View Activities

Launches Cloud activities>requests page

Cloud Portal - Manage stacks

Launches Cloud stacks page

Cloud Portal - View Dashboard

Launches page for Billing and Tags

Cloud objects except AWS IAM roles dependent on

Logical Datacenter

VMware Private Cloud

Out of the box VMware Cloud Management

Test REST API with

Postman or Insomnia

Cloud images stored

cmdb_ci_os_template table

Cloud Resource

compute, storage, network, load balancers, security and other cloud related objects

Resource block

container that connects programmatic actions defined by cloud api to a CI class type in CMDB. Makes it possible to perform lifecycle operations (provision, manage, deprovision) against resource mapped to ci class. makes it possible to track consumption of cloud resources

Cloud account capacity limits

control consumption of virtual network, compute, storage resources. set to draft mode to modify capacity limits, schedule discovery, or add data centers

Cloud Management roles - event integration

sn_cmp.cloud_event_integration - provides access to the instance for external cloud event integration

Billing Dashboard

The billing dashboard provides Cloud management users with a visual way to quickly determine how they are consuming cloud resources. The dashboard allows users to determine the costs for stacks that they have provisioned by date, category, cloud provider, data center, user and tags

Billing dashboards

The billing dashboard provides Cloud management users with a visual way to quickly determine how they are consuming cloud resources. The dashboard allows users to determine the costs for stacks that they have provisioned by date, category, cloud provider, data center, user and tags

template (json or YAML)

Text documents 1) resources -cloud object 2) parameters - settings that are used and/or required to configure the various attributes of the resource

Cloud Management roles - Cloud Admin group

sn_cmp.cloud_group_admin - grants admin access to any group that you belong to

Cloud Management roles - Cloud Operator

sn_cmp.cloud_operator - monitors and troubleshoots the cloud management application

Cloud Management > Reports > Cost & Usage Reports.

The Cloud Management application displays a cost and usage overview report covering all providers. The report can be grouped or filtered by provider, category, or tag

Cloud Management roles - Cloud User

sn_cmp.cloud_service_user - requests and manages stacks and resources

Cloud Management roles - Cloud solution designer

sn_cmp.cloud_solution_designer - provides access to the cloud solution deployer

Rest API error code 500

This is a server error

Cloud Management roles - Governor

sn_cmp_.cloud_governor Monitors overall cloud usage and enforces compliance of the organizations rules, quotas, and policies, also manages tags and permissions to various objects

Cloud Management roles - Cloud administrator

sn_cmp_cloud_admin configures the cloud management application and sets up the cloud infrastructure

CAPI API version - new service

Use 1.1 when creating a new service. Default version is 1.0 and Cloud Management designed to support multiple versions of a cloud api for same service. Always use default javascript

Cloud templates - orlando release to replace blueprints

Use Cloud Management cloud templates to create catalog items, instead. Cloud templates enable you to ingest specification syntax from multiple cloud management system's in cloud catalog items to run your cloud deployment orchestration. You can ingest specifications from Azure Resource Manager (ARM), AWS CloudFormation (CFT), Google Deployment Manager (GDM) and Terraform. Cloud template technologies (IaC - Infrastructure as Code) are constantly updated by the cloud vendors - enabling you to specify the infrastructure environment with latest cloud vendor offerings.

Troubleshooting unresponsive stacks

Use sn_cmp_stack table to delete stacks that have become unresponsive

Data Center Resource

specifies the cloud provider that the blueprint will use. current are AWS, Azure, Google and vSphere. This is also a logical data center resource block for any supported cloud vendor

Launch a stack

stack has 2 names StackName and Virtual Server NodeName. 1)StackName is label for ServiceNow 2)Virtual Server is AWS/Azure instance VM

Schedule profile list

stack stop, start, deprovisioning Cloud admin creates schedules

CAPI itnterface before corresponding CAPI API

Yes, CAPI API must reference CAPI interface to automatically build the mappings required to map each operation to a method that will execute a REST API call

Single CAPI interface can be used to support similar services from other cloud providers

Yes- interface is not responsible for executing actual API call

Cloud events for AWS and AWS config

stored in S3 bucket, ServiceNow HTTPS SNS endpoint destination

Blueprint designer - Canvas

allows for the graphical construction of blueprints. Resources are dragged onto the canvas and connected

Stack Lifecycle Management-properties window

build date, AMI used to provision, AWS instance size, public IP, properties wind retrieves Windows server password provisioned in AWS

Policy rule conditions check properties of the operation

check attributes of 1) budget 2) request form 3) user objects

All Cloud CI's

child class of the virtual machine object parent class - 250 child classes and 690 attributes

AzureCloudAPIBase

class uses AzureAPIInvoker and inherits from CloudAPIBase. Only class required to write a REST API call to Azure. Utilizes InvokeRequest method to make REST API calls to Azure using the standard REST API verbs

Policy

defines user rights to deploy the stack and approvals, naming convention

Cloud objects - AWS IAM roles dependent on

dependency on Cloud Service Account

Blueprint - Cloud template

displays the YAML code for the blueprint on the canvas

Cloud API

executes on the mid server, runs over the common mid infrastructure ECC queue probes, but abstracted for ease of use

Cloud API Dashboard

graphical user interface with red and green for successful api calls

RITM ID tracks stack approvals - status

green, yellow -stack is launching, red failed, blue stack is waiting for approval

Resource Pools

groupings of a particular type of cloud resource (i.e. networks, image templates, security groups. Resources are either CI's in CMDB or records in a cloud management table. Typically populated during the cloud discovery process

End user Cloud Management portal

https://servicenow_instance.com/cloud_portal

SNS endpoint format for ServiceNow

https://username:pw@instancename/api/now/cloud_event

Policy Action scripts

support the manipulation and change of form parameters and provide access to user data

Stack Lease

lease date is assigned to all provisioned stacks. Notifications sent 1 day before lease end. On day of lease end stops stack and sends notification. 7 days later stack is terminated and final notification sent to stack owner

Cloud Portal - Pending requests

list of stacks that could not be launched due to errors. Click on pending request to provide details of failed stack in Cloud activities>requests

Cloud Portal - Stack Health

lists incidents raised by user and provides notification if stack becomes unavailable

IaaS - Monitoring and Logging

logging is an extension of billing to track all resources provisioned. logs are email and subscription based messaging services

Troubleshooting - script error

look in CAPI

Troubleshooting - User input error

look in sn_cmp_order table-list of orders and user input values

MID Server script include - CloudRestAPIInvoker

makes REST API call with Invoke functions: invokeGet, invokePost, - AmazonWebServiceAPIInvoker and AzureAPIInvoker inherit from CloudRestAPIInoker

Blueprint container resource

provides each stack with important settings (parameters) and metadata required to deploy and manage stack. automatically added to every blueprint. tags can be added to blueprint container

Cloud Portal - Current Month spend

provides user with costs of stacks they have launched

Cloud Portal - Budget section

provides user with visibility on used budget vs total budget

Field Validation using regular expressions

regular expressions regex string into Validation(Regex) field of the catalog property form of the form parameter and validation error wording

Remediation task created when stack fails to launch

remediation task generated for failure

Discovery, mapping process, and resource blocks are base elements (blueprint template)

required to configure a stack

Polices

rules and conditions to trigger approvals, kick off workflows, execute scripts, enforce standards and/or define configuration details for the stack

Cloud Management roles - Service Designer

service_designer - Creates blueprints, ARM and cloud formation templates, and catalog items

MID Server script include - CloudAPIBase

sets up session between mid server and cloud provider. defines headers, parameters and "this.parameter"

Cloud Portal - Recent stacks

shows last 4 to 5 stacks launched by user