How To

Automated GCP discovery to ServiceNow CMDB

Automated ServiceNow GCP discovery via Turbot Guardrails provides comprehensive coverage of your GCP resources with real-time accuracy.

Turbot Team
5 min. read - Mar 04, 2024
Automated ServiceNow GCP discovery via Turbot Guardrails provides comprehensive coverage of your GCP resources with real-time accuracy.

Turbot Guardrails just made it a lot easier to discover Google Cloud Platform (GCP) resources in ServiceNow's CMDB. The integration requires no additional ServiceNow modules or GCP services. Instead, Turbot Guardrails enables a direct, low-cost way to get real-time GCP cloud discovery into ServiceNow.

This automated discovery integration has two key benefits. First, it enhances the accuracy of your ServiceNow CMDB data by surfacing comprehensive and timely GCP resource insights. Second, it significantly reduces the cost and overhead compared to native ServiceNow cloud discovery capabilities. This makes Turbot Guardrails an ideal solution for those new to cloud discovery or looking to augment existing ServiceNow GCP integrations. Users can tap into broader coverage and more precise GCP CMDB data without added complexity.

Why an automated GCP discovery for ServiceNow?

Manual and scheduled discovery of GCP resources leads to inaccurate ServiceNow data. GCP resources change too quickly for legacy discovery methods to keep up. As a result, CMDBs end up with blindspots and incorrect configurations.

When you automate continuous GCP discovery, and integrate resources into ServiceNow, you:

  • Eliminate blindspots by covering more GCP services beyond the native integrations
  • Prevent missing and stale data with instant updates when resources change
  • Enable flexible control over which resource data syncs to which CMDB CI tables
  • Surface GCP tags and metadata to enrich CMDB context
  • Archive historical records of provisioned resources that get deleted

Augmenting native GCP discovery in ServiceNow

Native ServiceNow connectors and GCP integrations are available to enable discovery of core GCP services such as Compute, Storage, and Networking. But these have limitations including:

  • Extra licensing and services
  • Limited resource coverage
  • Reliance on scheduled batch jobs rather than real-time scans
  • Need for professional services and customization

The Turbot Guardrails GCP ServiceNow integration augments native capabilities by:

  • Point-and-click integration setup
  • Discovering IaaS & PaaS GCP resource types out of the box
  • Reducing licensing dependency and service overhead
  • Automatically updating CMDBs instantly when resources change
  • Providing flexible control to configure synced data as needed

By combining automated discovery from Turbot Guardrails with ServiceNow and GCP, you can accurately sync GCP configs into ServiceNow's CMDB in real-time without added cost and complexity.

Configuring automated GCP cloud discovery for ServiceNow CMDB

Each GCP resource type can be configured to sync to the ServiceNow CMDB. Most often you would set the scope of the policy across many GCP resources from all your GCP projects. In this example we will show how to enable syncing GCP Storage Buckets.

Set the Turbot Guardrails policy to “Enforce: Sync” and apply to all or specific GCP projects:

For the integration-enabled GCP project, the following GCP resources will be in scope for the GCP discovery:

Instantly the GCP resources will be added to the associated ServiceNow CMDB table:

As GCP resources are added, updated, or deleted, Guardrails handles the configuration drift and keeps the ServiceNow CMDB updated.

For example, when an GCP resource changes, Guardrails captures the configuration drift and updates the ServiceNow CMDB:

GCP resource deletion can be managed as a complete synchronization — where the record in ServiceNow is deleted as well — or archived to retain its record with an archive status.

Map GCP resource details to ServiceNow CMDB CI tables

Each cloud resource type can be mapped to new or existing ServiceNow CMDB CI tables. You can also extend existing tables. In this example, the GCP Storage Bucket resource type maps to a new cmdb_ci_gcp_storage_bucket.

name: cmdb_ci_gcp_storage_bucket
label: GCP > Storage > Bucket
extendsTable: cmdb_ci_cloud_storage_account

Mappings of which columns to create are simple to define in the Table Definition policy:

- name: bucket_name
label: Bucket Name
- name: project
type: string
label: Project
- name: region
label: Region
- name: tags
size: 1000
type: string
label: Cloud Tags

Any data from GCP can be added. To associate more fields, add more ServiceNow CMDB table columns:

- name: versioning_enabled
type: boolean
label: Versioning Enabled

Adding custom ServiceNow CMDB CI fields is common. In this case we want to add a CMDB CI column to capture the Application ID associated from ServiceNow to the GCP resource:

- name: app_id
size: 1000
type: string
label: Application ID

To populate the added ServiceNow CMDB CI columns dynamically, the Configuration Item policy can define where the data comes from. In this case, this information can be pulled from the GCP resource details such as the versioning.enabled and the app_id tag:

bucket_name: {{ $ }}
project: {{ $.resource.metadata.gcp.projectId }}
region: {{ $.resource.metadata.gcp.regionName }}
tags: {{ $.resource.turbot.tags }}
versioning_enabled: {{ $ }}
app_id: {{$.resource.turbot.tags.app_id }}

See Turbot Guardrails GCP discovery for ServiceNow in action

Modernize your ServiceNow CMDB with automated GCP discovery

Get started with a 14-day free trial of Turbot Guardrails to experience automated discovery and sync for GCP resources into your ServiceNow instance. Real-time, comprehensive visibility within minutes at just $0.05 per resource per month.