Overview
The first step in integrating the ServiceNow connector includes installing an application in the ServiceNow environment.
There are two necessary actions for the installation that are outlined in this documentation. They include the following:
Adding the ZenGRC Request Table to the ServiceNow Database.
Configuring the ZenGRC Request Application in ServiceNow.
- Configuring a service-level API account for ZenGRC to access ServiceNow
Adding the ZenGRC Request Table to the ServiceNow Database
Add a new table, called ZenGRC Request, to the ServiceNow database by completing the following steps.
- Log into ServiceNow.
In the left-hand menu, click Scripts - Background. It may be easier to find by using the Filter navigator as shown below:
Copy and paste the following script into the Run Script (Javascript executed on server) field in ServiceNow and click Run Script.
// Version 0.4 // Copy and paste into ServiceNow var table_name = 'zengrc_requests', extends_table = 'task', auditId = 'audit_id', auditTitle = 'audit_title'; var attrs = new Packages.java.util.HashMap(); // Audit ID var ai = new GlideColumnAttributes(auditId); ai.setType("string"); ai.setUsePrefix(false); attrs.put(auditId, ai); // Audit Title var at = new GlideColumnAttributes(auditTitle); at.setType("string"); at.setUsePrefix(false); attrs.put(auditTitle, at); var tc = new GlideTableCreator(table_name , table_name); tc.setColumnAttributes(attrs); if(typeof extends_table != 'undefined') tc.setExtends(extends_table); tc.update(); // Create Customs ZenGRC states var newCh = new GlideRecord('sys_choice'); newCh.newRecord(); newCh.name = 'zengrc_requests'; newCh.element = 'state'; newCh.label = 'Pending'; newCh.value = 10; newCh.insert(); newCh.label = 'Work in Progress'; newCh.value = 20; newCh.insert(); newCh.label = 'Closed Complete'; newCh.value = 30; newCh.insert();
Configuring the ZenGRC Application in ServiceNow
Next, tailor the look-and-feel of the ZenGRC application in ServiceNow (e.g. the task card view, the left-hand-side link, the unique numbering schema, etc.) by adding configuration elements as follows:
- Download this XML for ServiceNow and place it in a memorable place on your computer.
In ServiceNow, click Update Sets to Commit in the left-hand menu.
Click Import Update Set from XML.
- In Step 1, click Choose File and select the XML file you saved in the first step of these instructions.
- In Step 2, click Upload. A new row, called ZenGRC, is added for the update set.
- Click the ZenGRC link in the Name column.
- Click Preview Update Set.
- When the update is complete, click Close to close the dialog box.
- Click Commit Update Set.
Configuring a Service-Level API Access in ServiceNow
Application Permissions
The ZenGRC application, whether authenticated via a ServiceNow user account or via 0auth2, requires the following minimum permissions:
| Object / Table | Permission | Reason |
|---|---|---|
| /table/zengrc_requests | READ/WRITE | Access to where the requests will be stored |
| /table/sys_user | READ | |
| /table/vtb_board | READ/WRITE | To create the board |
| /table/vtb_lane | READ | |
| /table/vtb_card | READ | |
| /attachment/ID/file | READ | To get attachments |
| /table/sys_journal_field | READ/WRITE | Comments and work notes |
Username/Password Option
Create a service-level account user in ServiceNow and note the username/password so that it can be entered into the ServiceNow connection settings screen in ZenGRC.
0auth2 Option
To utilize the OAuth2 option, a ServiceNow administrator needs to create an OAuth application endpoint for external client applications to access the ServiceNow instance. Please read the ServiceNow documentation Create an endpoint for clients to access the instance and note the generated token/secret for entry into the ZenGRC connection settings screen.
NOTE
Continue to Configuring ZenGRC with ServiceNow.