This documentation supports the 20.08 version of BMC Discovery.

To view an earlier version of the product, select the version from the Product version menu.

Performing a cloud discovery run

Before you can perform a cloud discovery run, you must:

  1. Create a credential or access key in the tool you use to access the cloud provider. For Amazon Web Services (AWS), this is the AWS Identity and Access Management  (IAM) console.
  2. Create a cloud credential in BMC Discovery using the credential or access key you just created.
  3. Test the credential.

These steps are described in greater detail in Discovering Amazon Web Services. The following procedure describes performing the cloud discovery run once you have configured and tested your credentials.

Run a cloud scan

To perform cloud discovery, from the Discovery Status page, use the Add New Run control:

  1. Click Add New Run.
    The Add a New Run dialog is displayed.

  2. Update the fields as described in the following table:

    Field nameDetails
    LabelEnter a label for the discovery run. Where the discovery run is referred to in the UI, it is this label that is shown.
    TimingSelect Snapshot to run an immediate cloud scan, or select Scheduled and fill in the scheduling information to run a scheduled cloud run.
    TargetingSelect the target for the discovery run. In this case, select Cloud.
    ProviderSpecify the type of cloud provider. In this case, select Amazon Web Services. The dialog refreshes with fields appropriate to the provider selected.
    Company(Optional) If you have CMDB synchronization configured with multi-tenancy, select the Company to which to assign the discovery run.
    CredentialSelect the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
    RegionsClick List of regions to scan for a full list and select regions to scan. AWS also provides service and regulatory domain groups to scan, enabling you to select all regions in that service or domain.
    System Manager SessionsSelect whether to enable use of the AWS Systems Manager for the scan.
    Sessions Per SecondSelect the number of AWS sessions permitted each second. The default value is three.
    Active SessionsSelect the number of active AWS sessions permitted each second. The default value is five.
    Session LoggingChoose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs.
    You need to capture session logs only when raising a case with Customer Support.
     This option is not available for Scheduled runs. For information on viewing session logs, see If you encounter a problem.
  3. Click OK to save the cloud scan settings and close the dialog.
    If you have configured a snapshot run, you can see it running immediately in the Currently Processing Runs tab. If you have configured a scheduled run, it is listed in the Scheduled Runs tab.

Examining results

Once you have scanned, you can examine the results. The screen below shows a discovered VM running in AWS.

Scanning the hosts

Perform a normal scan on the hosts running the VMs discovered in the cloud scan. Use the Unscanned Cloud Hosts report on the Cloud Overview dashboard to find these.

Scanning the hosts assumes that the appliance or proxy has network access to hosts running in the cloud, for example, using a VPN.


Public IP addresses do not respond to ICMP pings. You must disable "Ping before scanning", otherwise all scans are dropped reporting no response.

Was this page helpful? Yes No Submitting... Thank you