This documentation supports the 11.3 version of BMC Discovery.

To view an earlier version of the product, select the version from the Product version menu.

Introduction to cloud discovery

This topic was edited by a BMC Contributor and has not been approved.  More information.

Using BMC Discovery, you can discover your cloud services in much the same way as you would discover your on-premises infrastructure. You add a suitable credential, perform a discovery run, which may be snapshot or scheduled, and view the results. In a consolidating system the results are consolidated, and if your system uses CMDB synchronization, they are synchronized accordingly.

A significant difference is that cloud discovery uses the cloud vendor's API to extract data on your cloud services, rather than the direct access used in scanning your on-premises infrastructure. For example, an AWS scan will return information about EC2 Instances as VirtualMachine nodes but it will not be able to collect information about what is running on those EC2 Instances, as that information is not reported by the AWS API. To obtain details of what is running on those EC2 instances, you should also perform a "Host scan" of them. BMC Discovery ties all of the data together to provide a broad, coherent view. 

BMC Discovery supports multi-cloud applications and services; that is, if your applications or services span clouds from more than one provider, they are discovered and linked correctly.

The cloud scan is different from other scan types as it simply retrieves information from the cloud provider API.

Currently, BMC Discovery supports a number of cloud providers and discovering them is described in the following topics:


The following diagram illustrates the cloud discovery process:


Performing cloud discovery

BMC Discovery combines data from the cloud API with host level discovery data to provide rich dependency mapping of your cloud services.  

"cloud scan" is similar to a normal scan, but instead of scanning a list of IPs, it connects to the API of the cloud provider and collects information directly.

To discover your cloud services, you must:

  1. Create a credential in the vendor's cloud configuration tool. For example,
    1. AWS - the Amazon Identity and Access Management (IAM) console
    2. Azure - Microsoft Azure portal
    3. OpenStack - the OpenStack dashboard.
  2. Add the cloud credential to BMC Discovery. The parameters required depend on the cloud vendor that the credential is to be used to discover.
  3. Perform a cloud discovery run, snapshot or scheduled. The parameters required for the run depend on the cloud provider, but they are usually: 
    1. Provider – the cloud provider.

    2. Credential – the cloud credential to use.

    3. Region – the region to scan. 

  4. Perform a normal scan on the hosts running the VMs discovered in the cloud scan. Use the Unscanned Cloud Hosts report on the Cloud dashboard to find the hosts.
    Scanning the hosts assumes that the appliance or proxy has network access to hosts running in the cloud, for example, using a VPN.

  5. Examine the results.

For more information on adding cloud scan, see Performing a discovery run.

See this video (5:07) for understanding the discovery of cloud services and performing cloud runs by BMC Discovery.

https://youtu.be/B-8eSv7MQIQ

Cloud Credentials

Before you proceed with the cloud scan, ensure that a cloud credential is configured on your appliance. Create a cloud provider user account and access key. For more general information on credentials, see configuring credentials.

Cloud Overview dashboard

BMC Discovery also provides a Cloud Overview dashboard which gives an overview of the cloud providers, cloud regions, cloud services, administrative collections, and deployments discovered. It also displays a number of charts including public cloud usage, a breakdown of VM types (size) for each provider. It provides a report of unscanned cloud hosts which is useful for scanning the hosts running the VMs discovered in the cloud scan.

An example Cloud Overview dashboard is shown below:


Cloud reports

The reporting section of the cloud dashboard shows the cloud-related reports that are available:

  • Unscanned Cloud Hosts
    Show Virtual Machines where the associated Host has not been scanned

  • Summary of user defined cloud tags
    Lists the discovered cloud tags and how many nodes that have them. Useful starting point for other, tag specific reports.
  • Cloud elements with a particular user defined tag
    Shows cloud hosted elements that are tagged with a particular user defined tag. Can return multiple node kinds, click through to see the node and the value of the chosen tag.
  • Cloud elements missing a particular user defined tag
    Shows cloud hosted elements that are missing a particular user defined tag. Can return multiple node kinds, click through to to see the nodes and the tags that are set.
  • Cloud elements without any user defined tags
    Shows cloud hosted elements that do not have any user defined tags. Can return multiple node kinds.



Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Rayemond Newman

    Can we get this page updated please as Google Cloud is now supported according to othe cloud referenced pages. Thanks Raye

    Mar 25, 2019 11:20
  2. Allen Morgan

    Hello,

    How do Cloud objects discovered via cloud API scans age out when they are no longer seen on API scans?

    Thanks Allen Morgan NASDAQ

    May 14, 2020 03:25
    1. Duncan Tweed

      Hi Allen,

      The cloud objects (Cloud Provider, Cloud Region, and Cloud Service) do not automatically age out. They are only removed when you delete them. Naturally, if you delete a Cloud Provider, its regions and services are cascade deleted too. The virtual hosts inside the Cloud Service VMs though are aged out according to the normal rules for a (virtual) host.

      The Node Lifecycle section has information on aging. The pages that are likely to be most useful are CloudProvider nodeVirtualMachine node, and Host node

      For completeness, the CloudRegion nodeCloudRegion node describe those parts of the model, but for your question on deletion don't add a great deal. 

      I hope this helps.

      Thanks, Duncan.

      May 21, 2020 12:31