Issue
Overview
Google Cloud Platform (GCP) Discovery patters available at ServiceNow Store, installing/configuring the GCP Serverless Pattern: Google Cloud Platform discovery
- Below are the available patterns for Discovery.
- Google Cloud Platform (GCP) - Storage
- Google Cloud Platform (GCP) - Virtual Server
- Google Cloud Platform (GCP) - Disk Types
- Google Cloud Platform (GCP) - External IP Addresses
- Google Cloud Platform (GCP) - Load Balancer - HTTP
- Google Cloud Platform (GCP) - Load Balancer - TCP - UDP
- Google Cloud Platform (GCP) - Logical Datacenters
- Google Cloud Platform (GCP) - Networking
- Google Cloud Platform (GCP) - SSH Keys
- User/Admin can choose either all the above patterns or specific pattern to be active as per the requirement.
Issue / Error
- The GCP Discovery pattern fails with below error
2019-04-29 06:29:15: Exception occurred while executing operation Cloud REST Query. Custom operation Failed to run script due to the following error: JAVASCRIPT_CODE_FAILURE: com.snc.sw.exception.CommandFailureException:
Cloud request failed. URL: https://www.googleapis.com/compute/v1/projects/GCP/regions?maxResults=500 Status: 400 Response: HTTP/1.1 400 Bad Request [Vary: X-Origin, Content-Type: application/json; charset=UTF-8,
Release
- As per the Documentation, GCP discovery is supported from London P7 and Madrid P2
Environment
- Instance installed with the application "Discovery and Service Mapping Patterns"
Cause
- The pattern failure because of mismatch in the GCP Credentials.
Resolution
- Configuring GCP API Credentials needs below information.
"https://<Instancename>.service-now.com/gcp_credentials.do"
-
- Client_email = Email
- Secret_Key = Secret Key
- Above both of the details will be populated while creating the ServiceAccount in GCP and the output of JSON will be as below
{
"type": "service_account",
"project_id": "project-id",
"private_key_id": "some_number",
"private_key": "-----BEGIN PRIVATE KEY-----\n....
=\n-----END PRIVATE KEY-----\n",
"client_email": "<api-name>api@project-id.iam.gserviceaccount.com",
"client_id": "...",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/...<api-name>api%40project-id.iam.gserviceaccount.com"
}
- From the above output of JSON, we need "Private_Key" and "Client_Email"
- Configuring GCP ServiceAccount needs below information.
"https://<Instancename>.service-now.com/cmdb_ci_cloud_service_account.do"
-
- Account ID = Project name
- Credentials = Which we created as above (GCP API)
- Datacenter = Always "cmdb_ci_google_datacenter"
- The Account ID is the Project name, while creating a ServiceAccount for "Private_Key" and "Client_Email" it initially requests on which Project user wanted to create.
- The Credentials we must have created for the Project name since the reason the Project name will not be available in above JSON
- Admin need to validate the credentials with project name with project ID provided in the JSON
- Configuring GCP Patterns at Serverless discovery.
https://<instacnename>.service-now.com/discovery_schedule_list.do?sysparm_query=discover%3DHostless&sysparm_first_row=1&sysparm_view=
- Navigator >> Discovery Schedule >> GCP Serverless Schedule >> Serverless Execution Patterns
- Open any of the patterns as above, observe the fields to fill under "Discovery Pattern Launcher Parameters"
- Fill the Value for the Parameter accurately, please note the Values are case sensitive.
Additional Information
- Refer: Authenticating to a Cloud API Service
- Communicate with GCP admin to get all the required information