ServiceNow

Overview

IT Service Management (ITSM) is an important area of focus for many organizations. Organizations invested in ServiceNow as an ITSM provider will find that Morpheus integrates tightly with some of the most-used features. After integrating ServiceNow with Morpheus, both environments can be used interchangeably and the results are synced to both places. This guide walks administrators through the process of integrating ServiceNow with Morpheus and how Morpheus can be used to effectively leverage the best of ServiceNow.

Tip

The ServiceNow integration guide is also available as a PDF download, which includes additional example use cases and screenshots.

Add ServiceNow Integration

  1. Navigate to Administration > Integrations

  2. Select + NEW INTEGRATION

  3. Select “ServiceNow” from the dropdown list

  4. Add the following:

    NAME

    A friendly name to describe the ServiceNow integration in Morpheus.

    ENABLED

    Check “Enabled” to allow consumption of this ServiceNow integration in Morpheus.

    SERVICENOW HOST

    URL of the ServiceNow instance (ex: https://your.instance.service-now.com), keep in mind you can create multiple ServiceNow integrations in Morpheus if needed.

    USER/PASSWORD

    A user in ServiceNow that is able to access the REST interface and create/update/delete incidents, requests, requested items, item options, catalog items, workflows, etc. The list of necessary roles includes x_moda_morpheus_ca.integration (available if the Morpheus ServiceNow plugin is installed from the ServiceNow Store), catalog_admin, itil, rest_service, and import_transformer.

    CMDB CUSTOM MAPPING

    If needed, administrators can opt to populate a specific field in the ServiceNow table and such mapping is identified here with a JSON code snippet. Below is an example that populates the object_id field in the CM database with the Morpheus instance name and two other field examples:

    {
    "object_id":"<%=instance.name%>",
    "SN_field_id2":"<%=morph.varname2%>",
    "SN_field_id3":"<%=morph.varname3%>"
    }
    
    CMDB CLASS MAPPING

    Define the mapping between Morpheus server types and ServiceNow CI classes. Select a Morpheus server type from the dropdown menu and a new field will appear in the list. Enter a ServiceNow CI class into the text field to create the association

    CMDB BUSINESS OBJECT

    Allows the user to define the table CMDB records are written to if they prefer this over Morpheus default. By default, Morpheus writes to the cmdb_ci_vm_instance table.

  5. Save Changes

Important

Morpheus supports integration with single-domain and multi-domain ServiceNow appliances. In multi-domain installations, a selected ServiceNow company can be mapped to a selected Morpheus Tenant for purposes of exposing Morpheus Library items only to users within a certain company. In this configuration, ServiceNow integrations should be added in each relevant Morpheus Tenant. Further setup steps for exposing Morpheus library items to ServiceNow are included in a later section below.

ServiceNow Configuration Management Database (CMDB)

ServiceNow CMDB is central to maintaining a complete record of IT infrastructure at many organizations. The Morpheus ServiceNow integration can create and update configuration item (CIs) records as new services are provisioned or existing services are reconfigured. Once a ServiceNow integration is set as the CMDB for a Cloud or Group, CI records are created and managed by Morpheus.

Setting a CMDB on a Group

When adding or editing a Morpheus Group, any active ServiceNow integration can be set as the CMDB.

  1. Navigate to Infrastructure > Groups

  2. Select an existing Group name from the list

  3. Click EDIT

  4. Under “Advanced Options”, select an active ServiceNow integration from the CMDB dropdown menu

  5. If desired, select “CMDB DISCOVERY” to create CMDB CI records for discovered (unmanaged) servers that Morpheus automatically onboards to this Group

This setting is also available when creating a Group. Rather than selecting an existing Group in step two above, click + CREATE to make a new Group.

Setting a CMDB on a Cloud

When adding or editing a Morpheus Cloud, any active ServiceNow integration can be set as the CMDB.

  1. Navigate to Infrastructure > Clouds

  2. Select an existing Cloud name from the list

  3. Click EDIT

  4. Under “Advanced Options”, select an active ServiceNow integration from the CMDB dropdown menu

  5. If desired, select “CMDB DISCOVERY” to create CMDB CI records for discovered (unmanaged) servers that Morpheus automatically onboards to this Cloud

This setting is also available when creating a Cloud. Rather than selecting an existing Cloud in step two above, click + ADD to make a new Cloud.

Provisioning and CI Records

With a ServiceNow instance integrated with Morpheus and the instance set as the CMDB for a Morpheus Group or Cloud, we will see CI records created as new resources are provisioned to the Cloud or Group in Morpheus. After the provisioning process has completed, a CI record should exist with a name value equal to the Instance name in Morpheus.

Provisioned and active Instances in Morpheus will have CI records with an “On” state in ServiceNow. After they are deleted in Morpheus, the state value will be rolled to “Terminated” in ServiceNow as expected.

Morpheus will also populate a number of additional fields in ServiceNow including IP address, FQDN and more. Custom views can be created in ServiceNow to expose these fields.

ServiceNow Approval Policies

Morpheus offers its own approval engine out of the box, but some organizations prefer ServiceNow to be their final approval authority. With a ServiceNow instance integrated with Morpheus, administrators can create provision approval policies and tie them to an active ServiceNow integration. With the policy in place, any new provisioning within the policy scope (Global, Group, Cloud, User, or Role) is sent to ServiceNow for approval before provisioning will go ahead in Morpheus. Approvals are synced between the two applications every minute.

Add ServiceNow Provision Approval Policy to a Cloud

Note

Any Instance provisioned into a Cloud with an approval policy enabled will not proceed without the required approval.

To add a ServiceNow Approval policy to a Cloud:

  1. Navigate to Infrastructure > Clouds

  2. Select a Cloud by clicking on the desired Cloud name link

  3. Select the POLICIES tab

  4. Click + ADD POLICY

  5. Select Provision Approval from the type dropdown

  6. Optionally enter a description for the Policy

  7. Configure the following:

    APPROVAL INTEGRATION

    Select the ServiceNow Integration already configured in Administration > Integrations to use for the approval policy.

    WORKFLOW

    Select the ServiceNow workflow for the approval in ServiceNow (if desired). These workflows are configured and synced in from the ServiceNow Integration.

    TENANTS (if applicable)

    Only required for multi-tenant permission scoping. For the policy to apply to a Subtenant, type the name of the tenant(s) and select the Tenant(s) from the typeahead list.

  8. Save Changes

Add ServiceNow Provision Approval Policy to a Group

Note

Any Instance provisioned into a Group with an approval policy enabled will not proceed without the required approval.

To add a ServiceNow Approval policy to a Group:

  1. Navigate to Infrastructure > Groups

  2. Select a Group by clicking on the Group name

  3. Select the POLICIES tab

  4. Click + ADD POLICY

  5. Select Provision Approval

  6. Optionally enter a description for the Policy

  7. Configure the following:

    APPROVAL INTEGRATION

    Select the ServiceNow Integration already configured in Administration > Integrations to use for the approval policy.

    WORKFLOW

    Select the ServiceNow workflow for the approval in ServiceNow (if desired). These workflows are configured and synced in from the ServiceNow Integration.

    TENANTS (if applicable)

    Only required for multi-tenant permission scoping. For the policy to apply to a Subtenant, type the name of the tenant(s) and select the Tenant(s) from the typeahead list.

  8. Save Changes

Using ServiceNow Approval Policies

Any Instance provisioned into a Cloud or Group with an approval policy enabled will be in a PENDING state until the request is approved.

Instances pending a ServiceNow approval will show “Waiting for Approval” with the Requested Item number and Request number, ex: Waiting for Approval [RITM0010002 - REQ0010002].

ServiceNow approval requests are displayed in Operations > Approvals. Instances pending a ServiceNow approval must be approved in ServiceNow for provisioning to initiate. Approval requests from a ServiceNow approval policy cannot be approved in Morpheus, only approvals originating from Morpheus.

ServiceNow approval requests are displayed in Morpheus under Operations > Approvals. Pending ServiceNow approval requests can be cancelled in Morpheus by selecting the request and then selecting ACTIONS > Cancel.

Once a pending ServiceNow approval request is approved in ServiceNow, the Instance(s) will begin to provision in Morpheus within one minute of being approved in ServiceNow.

ServiceNow Monitoring Integration Settings

Note

A ServiceNow integration must be already configured in Administration > Integrations to enable ServiceNow monitoring.

The ServiceNow monitoring integration is enabled and configured in Administration > Settings > Monitoring. As long as the “Enabled” switch is activated, Morpheus will report monitoring data to ServiceNow. Configuration selections are described below:

Enabled

Enables the ServiceNow monitoring integration

Integration

Select from an existing ServiceNow integration in |AdmInt|

New Incident Action

The ServiceNow action to take when a Morpheus incident is created

Close Incident Action

The Service Now action to take when a Morpheus incident is closed

Incident Severity Mapping

Morpheus Severity

ServiceNow Impact

Info

Low/Medium/High

Warning

Low/Medium/High

Critical

Low/Medium/High

Once finished working with configuration, click APPLY

../../_images/3monitoringConfig.png

ServiceNow Service Catalog Integration

In addition to integrating with key ServiceNow features, Morpheus offers a free plugin directly from the ServiceNow Store. Once the plugin is installed, Morpheus Instance Types, Blueprints, and Self-Service Catalog Items can be presented as provisioning options in the ServiceNow catalog for ordering.

The Morpheus plugin supports integration with ServiceNow whether it’s configured for a single tenant or for multiple domains. When both Morpheus and ServiceNow are configured for multiple Tenants, we can create ServiceNow integrations in any relevant Morpheus Tenant and map those to specific companies in ServiceNow. Any exposed library items would only be shared with users in the relevant ServiceNow company. The Morpheus plugin will automatically detect whether the ServiceNow Domain Support–Domain Extensions Installer plugin has been installed and respond accordingly. Additionally, the User Criteria Scoped API plugin must also be enabled on the ServiceNow instance for multi-tenant use.

Depending on the scenario, setup steps for the Morpheus plugin will be slightly different. Setup steps for both single and domain-separated ServiceNow environments are included below.

Important

A valid SSL Certificate is required on the Morpheus Appliance for the ServiceNow plugin to be able to communicate with the appliance.

Single-Domain ServiceNow Configuration

  1. Install the Morpheus plugin from the ServiceNow store.

  2. Navigate to Morpheus Catalog > Properties

  3. Set the following properties:

    MID Server

    If desired, specify the name of an existing MID server

    Morpheus Appliance Endpoint

    The full URL to your Morpheus appliance

    Username

    Morpheus user that the plugin will connect as to the Morpheus API

    Password

    Password to the above Morpheus account

Important

The Morpheus service account integrated with the plugin interacts with the Morpheus appliance through Morpheus API and must have the appropriate Role permissions to complete all provisioning requests from the ServiceNow plugin. Often it’s easiest to make a service account with full administrator rights to avoid failed provisioning. If you’d prefer to create a minimal service account for security reasons, ensure the Role for the service account User has the following permissions:

  • Personas: Standard: Full

  • Personas: Service Catalog: Full

  • Features: Provisioning: Instances: Full

  • Features: Provisioning: Apps: Full

  • Groups: Full rights to all Groups containing Clouds you will expose to ServiceNow

  • Instance Types: Full rights to all Instance Types you will expose to ServiceNow

  • Blueprints: Full rights to all Blueprints you will expose to ServiceNow

  • Catalog Item Types: Full rights to all Catalog Item Types you will expose to ServiceNow

Users created from SAML Identity Sources cannot authenticate with the Morpheus API and cannot be used for the ServiceNow plugin.

../../_images/4servicenowProperties.png

Multi-Domain ServiceNow Configuration

  1. Install the Morpheus plugin from the ServiceNow store.

  2. Navigate to Morpheus Catalog > Multi-Tenant Credentials

  3. Set the following properties:

    Morpheus Appliance Endpoint

    The full URL to your Morpheus appliance

    Morpheus Tenant ID

    The integer database ID for the selected Tenant

    Username

    Morpheus user that the plugin will connect as to the Morpheus API. This user must exist within the Morpheus Tenant being linked to the chosen ServiceNow company

    Password

    The password for the above user

    ServiceNow Company

    Select a company from the list to link with the Tenant whose ID was entered above

    MID Server

    If desired, specify the name of an existing MID server

Important

The Morpheus service account integrated with the plugin interacts with the Morpheus appliance through Morpheus API and must have the appropriate Role permissions to complete all provisioning requests from the ServiceNow plugin. Often it’s easiest to make a service account with full administrator rights to avoid failed provisioning. If you’d prefer to create a minimal service account for security reasons, ensure the Role for the service account User has the following permissions:

  • Personas: Standard: Full

  • Personas: Service Catalog: Full

  • Features: Provisioning: Instances: Full

  • Features: Provisioning: Apps: Full

  • Groups: Full rights to all Groups containing Clouds you will expose to ServiceNow

  • Instance Types: Full rights to all Instance Types you will expose to ServiceNow

  • Blueprints: Full rights to all Blueprints you will expose to ServiceNow

  • Catalog Item Types: Full rights to all Catalog Item Types you will expose to ServiceNow

Users created from SAML Identity Sources cannot authenticate with the Morpheus API and cannot be used for the ServiceNow plugin.

Adding to ServiceNow Catalog

Once the ServiceNow plugin is installed and configured, items can be added to the ServiceNow catalog from back in Morpheus. Follow the guide below to expose Morpheus Clouds, Library Items, and Blueprints to users in the ServiceNow catalog.

  1. Navigate to |AdmInt|

  2. Select the relevant ServiceNow integration

  3. From the Instances tab we can + ADD CLOUD or + ADD LIBRARY ITEM

  4. From the Blueprints tab we can + ADD BLUEPRINT

  5. From the Catalog Items tab, we can + ADD CATALOG ITEM

  6. Back in ServiceNow, access the Morpheus plugin from the Service Catalog

  7. Exposed Morpheus Library Items, Catalog Items, and Blueprints are visible here for ServiceNow users with sufficient role permissions

../../_images/5addCatalogItem.png