Introduction to cloud discovery
Using BMC Discovery, you can discover your cloud services in much the same way as you would discover your on-premises infrastructure. You add a suitable credential, perform a discovery run, which may be snapshot or scheduled, and view the results. In a consolidating system the results are consolidated, and if your system uses CMDB synchronization, they are synchronized accordingly.
A significant difference is that cloud discovery uses the cloud vendor's API to extract data on your cloud services, rather than the direct access used in scanning your on-premises infrastructure. However, you can obtain the richest data on your cloud services using both techniques, and BMC Discovery ties all of the data together to provide a broad, coherent view.
BMC Discovery supports multi-cloud applications and services; that is, if your applications or services span clouds from more than one provider, they are discovered and linked correctly.
The cloud scan is different from other scan types as it simply retrieves information from the cloud provider API. At the time of release of BMC Discovery 11.2, the supported cloud providers are Amazon Web Services (AWS) and Microsoft Azure. For information on the providers now supported, including those added in the TKU Product Content updates, see Cloud providers.
The following diagram illustrates the cloud discovery process:
The following topics are covered in this section:
Performing cloud discovery
Discovery combines data from the cloud API with host level discovery data to provide rich dependency mapping of your cloud services.
BMC Discovery version 11.2 provides cloud scanning capabilities to scan Amazon Web Services (AWS) and Microsoft Azure cloud services. A "cloud scan" is similar to a normal scan, but instead of scanning a list of IPs, it connects to the API of the cloud provider and collects information directly.
To discover your cloud services, you must:
- Create a credential in the vendor's cloud configuration tool. For example,
- AWS - the Amazon Identity and Access Management (IAM) console
- Azure - Microsoft Azure portal
- OpenStack - the OpenStack dashboard. (OpenStack was introduced in the November 2017 product content update.)
- Add the cloud credential to BMC Discovery. The parameters required depend on the cloud vendor that the credential is to be used to discover.
- Perform a cloud discovery run, snapshot or scheduled. The parameters required for the run depend on the cloud provider, but they are usually:
Provider – the cloud provider.
Credential – the cloud credential to use.
Region – the region to scan.
Perform a normal scan on the hosts running the VMs discovered in the cloud scan. Use the Unscanned Cloud Hosts report on the CloudDash to find the hosts.
Scanning the hosts assumes that the appliance or proxy has network access to hosts running in the cloud, for example, using a VPN.
Examine the results.
Before you proceed with the cloud scan, ensure that a cloud credential is configured on your appliance. Create a cloud provider user account and access key. For more information on supported cloud providers, the information that each requires for a credential, and general information on discovering services running in the individual providers, see Cloud providers. For more general information on credentials, see configuring credentials.
Cloud Overview dashboard
BMC Discovery also provides a Cloud Overview dashboard which gives an overview of the cloud providers, cloud regions, cloud services, administrative collections, and deployments discovered. It also displays a number of charts including public cloud usage, a breakdown of VM types (size) for each provider. It provides a report of unscanned cloud hosts which is useful for scanning the hosts running the VMs discovered in the cloud scan.
An example Cloud Overview dashboard is shown below: