AWS alert configuration with CMP SummaryThis article is to demonstrate below. Topic 1 Types of Event/Alert mechanism available from AWS 2 What type of AWS Event/Alert mechanism ServiceNow CMP supports? 3 Servicenow CMP Pre-requisites for AWS Alert Management. 4 Configuration requirement at AWS 5 The cloud event table at ServiceNow Instance. 6 Cloud Event Scheduler 7 Troubleshooting Cloud Event configuration. ReleaseLondon P*, Madrid P* and Newyork P* Instructions 1 Types of Event/Alert mechanism available from AWS CloudWatch Events Amazon CloudWatch Events delivers a near real-time stream of system events that describe changes in Amazon Web Services (AWS) resources. Using simple rules that you can quickly set up, you can match events and route them to one or more target functions or streams. CloudWatch Events becomes aware of operational changes as they occur. CloudWatch Events responds to these operational changes and takes corrective action as necessary, by sending messages to respond to the environment, activating functions, making changes, and capturing state information. Simple Notification Service Amazon Simple Notification Service (SNS) is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications. Amazon SNS provides topics for high-throughput, push-based, many-to-many messaging. 2 What type of AWS Event/Alert mechanism ServiceNow CMP supports? AWS event integration with Servicenow CMP supports Simple Notification ServiceAmazon SNS FAQs 3 Servicenow CMP Pre-requisites for AWS Alert Management. Cloud Management Plugins must be activated. Plugin Name Status Plugin ID Cloud APIActivecom.snc.cloud.apiCloud Config ManagementActivecom.snc.config.mgmtCloud Management Activecom.snc.cloud.mgmtCloud Management CoreActivecom.snc.cloud.core AWS Service Account (AccountID & Credentials).The Service Account has all the AWS Logical Datacenters discovered successfully.The User from ServiceNow should have the Role "sn_cmp.cloud_event_integration" 4 Configuration requirement at AWS Configure SNS Topic and Subscription Make sure the Subscription endpoint status is "Confirmed"If the Subscription status is in "Pending Confirmation" mean there is an issue with the username/password or the instance name provided in the endpoint are incorrect.Once the status is Confirmed" verify the AWS settings for SNS, review AWS Config >> Settings Once the status is Confirmed" verify the AWS settings for SNS, review AWS Config >> Settings Make sure the Recording is ON Make sure required record types are selected (Example: Below screenshot have the configuration to capture events of all the resource types) Refer: Selecting Which Resources AWS Config Records Make sure the SNS Topic is the same as configured above and Status confirmed 5 The cloud event table at ServiceNow Instance. Once the above configuration is successful, the user can see the events populated to "sn_cmp_cloud_event_list" https://<InstanceName>.service-now.com/sn_cmp_cloud_event_list.do 6 Event properties and its Payload for IRE An example of an event and its propertiesImportant Properties to be noted Event Name: Event Notifications name from SNSConfiguration Item: The CI record on "cmdb_ci_vm_instance" table which is affectedPayload: Contains all the information about the event and its relation to passing the same to IRE for action. 7 Cloud Event Scheduler Once an event has been generated from AWS the "Cloud Event Scheduler" scheduled jobs execute in the background https://<instancename>.service-now.com/sysauto_script.do?sys_id=fb9dc69dd754320097eb6ccf6e6103b5&sysparm_record_rows=1&sysparm_record_scope=80d50579eb203200979aa5115206fedd&sysparm_record_target=sysauto&sysparm_record_list=nameCONTAINScloud+event%5EORDERBYname&sysparm_nostack=true&sysparm_record_row=1 The scheduled job "Cloud Event Scheduler" is designed to execute every 10 seconds by default User has the ability to change the Repeat interval from the default 10 seconds to the required interval level.The job responsibility is to pass the Event Payload to IRE and IRE then takes the necessary actions to modify the state of the resources as per the event Related LinksThe documentation "Configure the Amazon AWS Config service to auto-update the CMDB" in progress of modification.According to the above documentation, Point 4 and 5 are not available in the Admin Portal, kindly ignore, soon it will be modified.