AWS IAM Spoke
-
- UpdatedAug 1, 2024
- 4 minutes to read
- Xanadu
- Now Platform Capabilities
Integrate ServiceNow instance with AWS IAM to manage access to AWS services and resources securely. Manage groups, policies, and roles in AWS IAM from your ServiceNow instance.
Request apps on the Store
Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
Integration Hub subscription
This spoke requires an Integration Hub subscription. For more information, see Legal schedules - IntegrationHub overview.
Spoke version
AWS IAM spoke v1.1.0 is the latest version.
Supported version
Spoke requirements
- User with full access to IAM.
- Access Key ID and Secret Access Key of the user. Record these values for later use.
Spoke subflows
| Subflow | Description |
|---|---|
| Delete Group | Deletes the specified AWS IAM group. |
| Delete User | Deletes the specified AWS IAM user. |
| Delete Policy | Deletes the specified policy from the AWS IAM account. |
Spoke actions
| Category | Action | Description |
|---|---|---|
| Group Management | Add User to Group | Adds user to a group in AWS IAM. |
| Create Group | Creates a group in AWS IAM. | |
| Delete Group | Deletes a group in AWS IAM. | |
| Look up Group | Searches for the required group in AWS IAM. | |
| Look up Group Users | Lists all the users in the required group. | |
| Remove User from Group | Removes a user from a group in AWS IAM. | |
| Group Policy Management | Attach Inline Policy in Group | Adds or updates an inline policy document embedded in the specified IAM group. |
| Attach Policy to Group | Attaches the specified managed policy to the required IAM group. | |
| Detach Inline Policy from Group | Deletes the specified inline policy from the specified AWS IAM group | |
| Detach Policy from Group | Detaches the specified managed policy from the required IAM group. | |
| Look up Attached Group Policies | Retrieves the list of all policies attached to the IAM group. | |
| Look up Group Policies | Retrieves all the inline policies of the specified group. If none exists, the operation returns an empty list | |
| Policy Management | Create Policy | Creates managed policy in the specified IAM group. |
| Delete Policy | Deletes specified Policy from AWS IAM. |
|
| Detach Policy from Roles | Detaches the specified managed policy from the specified IAM Role. | |
| Look up Entities for Policy | Lists all entities (Users, Group, and Roles) attached to this policy. | |
| User Management | Create User | Creates a user in AWS IAM. |
| Deactivate MFA Device | Deactivates the required MFA device attached to a user. | |
| Delete Access Key for User | Deletes the access key of the AWS IAM user. | |
| Delete Login Profile | Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console. | |
| Delete Service Specific Credential | Deletes the required service-specific credential. | |
| Delete Signing Certificate | Deletes a signing certificate associated with the specified IAM user. | |
| Delete SSH Public Key | Deletes the specified SSH public key. | |
| Delete User | Deletes the required IAM User. | |
| Delete Virtual MFA Device by User | Deletes the specified Virtual MFA device. | |
| Detach Policy from User | Detaches the specified managed policy from the specified IAM role. | |
| Look up User | Searches for the required user in the AWS IAM. | |
| Look up Access Keys by User | Lists the access key of the AWS IAM user. | |
| Look up Groups for User | Retrieves the list of all the groups, a particular user belongs to. | |
| Look up Inline User Policies | Retrieves all the inline policies of the specified IAM user. If none exists, the operation returns an empty list. | |
| Look up MFA Devices by User | Retrieves information about the MFA services associated with the specified IAM user. If none exists, the operation returns an empty list. | |
| Look up Service Specific Credentials | Retrieves information about the service-specific credentials associated with the specified IAM user. | |
| Look up Signing Certificates by User | Retrieves information about the signing certificates associated with the specified IAM user. If none exists, the operation returns an empty list. | |
| Look up SSH Public Keys by User | Retrieves information about the SSH public keys associated with the specified IAM user. If none exists, the operation returns an empty list. | |
| User Policy Management | Attach Policy to User | Attaches the specified managed policy to the specified user. |
| Delete Inline User Policy | Deletes an inline policy attached to the user. | |
| Look up Attached User Policies | Retrieves all the attached policies of the user. | |
| Role Management | Look up Roles | Retrieves list of all roles. |
Connection and credential alias requirements
Integration Hub uses aliases to manage connection and credential information, and OAuth credentials. Using an alias eliminates the need to configure multiple credentials and connection information profiles when using multiple environments. If the connection or credential information changes, you don't need to update any actions that use the connection.
For information about setting up the spoke, see Set up the AWS IAM spoke.