AWS Cloud Operations Blog

How Organon used AWS Service Management Connector to provision AWS resources from Service Now across multiple AWS accounts.

Organon has been exploring Amazon Web Services (AWS) to provide a simple, efficient way to their end users to easily provision cloud infrastructure across multiple accounts and regions. Additionally, they needed to ensure security, management, governance and compliance on the AWS services to follow GxP regulations.

Organon uses ServiceNow as the enterprise IT Service Management platform for end-user provisioning and they wanted to have capabilities for its users to provision AWS resources from ServiceNow  Service Catalog. They also want to extend the provisioning capabilities for other AWS services that are in scope.

How Organon made it work–Solution Overview

Organon engaged AWS Professional Services to build AWS Service Catalog products and portfolios that can create, organize, and govern a curated catalog of AWS services. With different permissions levels separated from requestors, we can share the product catalog with end users to quickly provision pre-approved resources without needing direct access to the underlying AWS services. AWS Service Catalog can further integrate with AWS Service Management Connector that enables end users to provision AWS resources from ServiceNow. The plugin is available at no charge in the ServiceNow store and the integration is available in all AWS regions where AWS Service Catalog is available.

Figure 1. Architecture Diagram for AWS Service Catalog implementation with AWS Service Management Connector

Organon’s cloud management team identified the most frequently used AWS services by its end users for their application management. AWS Professional Services is tasked to build in Golden templates for the identified AWS services.

We built golden templates using AWS CloudFormation for services in scope and include specific security and regulatory compliance requirements. AWS Service Catalog Framework Factory converts each golden template to products in AWS Service Catalog. AWS Service Catalog Framework Puppet then shares the products from the central account to multiple accounts/regions. We also built AWS Config & RAPIDQ custom solution for monitoring and alerting security findings. This implementation approach for AWS Service Catalog enables Organon to scale and centrally manage catalog of AWS services.

As a result, the AWS Service Management Connector powered by AWS Service Catalog is now configured in Organon’s ServiceNow instance. It periodically synchronizes available AWS Service Catalog products in AWS accounts to ServiceNow Service Catalog.

ServiceNow administrators then provide secured and governed AWS Service Catalog products and portfolios to applicable end users. AWS Service Management Connector provides Organon’s end users self-service mechanisms to browse and request vetted AWS services that can track the lifecycle of provisioned resources from their familiar ITSM platform ServiceNow. It also enables them to take post provisioning actions that can update or terminate the provisioned products.

Summary

Organon now offers an automated self-service solution to end users to provision pre-approved products in authorized accounts from ServiceNow, while maintaining the products configuration templates in central account. It also enhances security and creates a repeatable foundation in the future using AWS Service Catalog and AWS Service Management Connector.

Centralized cloud management teams can use this approach to curate the battle-tested, repeatable, predictable and best-practices based software-infrastructure blueprints, and offer those enterprise-wide for easy, self-service adoption as Service Catalog products.

We have built this in collaboration with Organon team, as they design and build AWS solutions in their cloud adoption journey.

About the authors:

Shylu D

Shylu is an AWS Professional Services DevOps Consultant from Connecticut. She enjoys to explore and handle challenging solutions. Continuous learner and believe in “Never stop learning, as life never stops teaching” – Buddha.
Outside of office work, she likes to workout, dance, and enjoys driving with family.

Chandra Chappa

Chandra Chappa is a Denver based Sr. Service Management Specialist with AWS Service Management Connector. Chandra enjoys helping customers enable end-to-end IT lifecycle management to AWS Field, Customers, and Solutions Architect Partners. In his free time, he likes playing local club cricket and enjoys spending time with family and friends.