AWS permissions

While configuring ServiceNow to connect to Amazon, you can supply credentials for a user. The user permissions in AWS determine which AWS tasks the user can perform in the ServiceNow instance.

The Administrator role provides all privileges available in AWS. This includes access to every operation that ServiceNow supports plus all of the features that ServiceNow does not use. Using the Administrator role is a simple way to grant a ServiceNow instance full power.

It is possible to define permissions for a user that provide the ServiceNow instance enough access to perform Discovery or Cloud Management operations without granting full Administrator privileges.

Discovery operations
AutoScaling DescribeAutoScalingGroups
DescribeLaunchConfigurations
CloudFormation DescribeStacks
GetTemplate
ListStackResources
ListStacks
EC2 DescribeAccountAttributes
DescribeAvailabilityZones
DescribeImages
DescribeInstanceStatus
DescribeInstances
DescribeKeyPairs
DescribeRegions
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeVolumes
DescribeVpcs
Elastic Load Balancing DescribeLoadBalancers
Cloud Management operations
CloudFormation

(When using templates, include permissions for the operations required within the templates for the specific resources and services contained.)

CreateStack
DeleteStack
DescribeStacks
GetTemplate
ListStackResources
ListStacks
UpdateStack
ValidateTemplate
CloudWatch GetMetricStatistics
EC2 AttachVolume
CreateKeyPair
CreateSnapshot
CreateTags
DeleteSnapshot
DeleteTags
DescribeImages
DescribeInstanceStatus
DescribeInstances
DescribeKeyPairs
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeTags
DescribeVolumeStatus
DescribeVolumes
DescribeVpcs
DetachVolume
RebootInstances
RunInstances
StartInstances
StopInstances
TerminateInstances
S3 DeleteObject
GetObject
ListBucket
PutObject
GetBucketLocation
Elastic Load Balancing DescribeLoadBalancers
SNS ConfirmSubscription
CreateTopic
Subscribe
STS GetFederationToken