Configure Amazon CloudWatch integration

Integrate Amazon CloudWatch with Event Management to process alarms as events.

Before you begin

Role required: evt_mgmt_integration

About this task

To process CloudWatch alarms as events, configure both Amazon CloudWatch and Event Management event rules.

When a CloudWatch alarm arrives, Event Management:
  • Extracts information from the original CloudWatch alarm to populate required event fields.
  • Uses the AWS resource ID, for example VolumeReadOps, to map the generated the alert with the CIs and get the event type.
  • Captures the content in the additional_info field.
You can use an event rule transform to parse the content depending on your business needs. The ServiceNow base system can also perform test case analysis on the events from CloudWatch.


  1. On the AWS console, select SNS and create a new SNS topic if one does not already exist.
  2. Under the topic, create a new subscription.
    1. Take the Topic ARN from the topic that you created.
      The Amazon Resource Name (ARN) is necessary for binding an Event Management alert to a CI.
    2. Set the Protocol to https.
    3. Set the Endpoint to: https://<user>:<password>@<instance>/
  3. Wait until the subscription goes from Pending to Confirmed and the subscription ARN is populated.
  4. Create alarms in CloudWatch to send to Event Management. Link them to the SNS topic that you just created.
  5. In your ServiceNow instance, navigate to Event Management > Rules > Event Rules.
  6. Click the link for events or grouped events that are not mapped to rules.
  7. Select a CloudWatch event that you want to use for creating the rule.
  8. In the simple view, create a rule to manage the following incoming values from CloudWatch:
    Data from AWS event Use this field in the Event Field Rules section
    node node
    type type
    description description
    alarm body additional_info
    AWS CloudWatch source source
    Original source instance and SNS topic event_class