Performing a cloud discovery run
Before you can perform a cloud discovery run, you must:
Create a credential or access key in the tool you use to access the cloud provider. For Amazon Web Services (AWS), this is the AWS Identity and Access Management (IAM) console.
- Create a cloud credential in BMC Discovery using the credential or access key you just created.
- Test the credential.
These steps are described in greater detail in Discovering-Amazon-Web-Services. The following procedure describes performing the cloud discovery run once you have configured and tested your credentials.
- On the Manage > Discovery page, click Add New Run.
- In the Timing field, select Snapshot.
In the Targeting field, select Cloud.
Enter the information for the snapshot cloud discovery run in the fields.
Field name
Details
Label
Enter a label for the discovery run. Where the discovery run is referred to in the UI, it is this label that is shown.
Timing
Select the run type, one of:
- Snapshot — The run is performed immediately.
- Scheduled — The run is performed according to the scheduling information you enter.
For this snapshot scan, select Snapshot.
Targeting
Select the target for the discovery run. This is one of:
- IP Address — Enter IP address information.
- Cloud — Enter cloud provider information.
- API — Enter API provider information.
For this cloud scan, select Cloud.
Provider
Select the type of cloud provider such as Amazon Web Services or Microsoft Azure. The dialog refreshes with fields appropriate to the provider selected.
Alibaba Cloud
Company
If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
Credential
Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
Regions
Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.
Session logging
Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs.
You need to capture session logs only when raising a case with Customer Support.For information on viewing session logs, see If-you-encounter-a-problem.
Amazon Web Services
Company
If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
Credential
Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
Regions
Select the region or regions to scan. Click List of regions to scan for full list and select regions from there. Amazon Web Services (AWS) also provides service and regulatory domain groups to scan, enabling you to select all regions in that service or domain.
Systems Manager Sessions
Select whether to enable use of the AWS Systems Manager for the scan.
Sessions Per Second
Select the number of AWS sessions permitted each second. The default value is three.
Active Sessions
Select the number of active AWS sessions permitted each second. The default value is five.
Session logging
Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs.
You need to capture session logs only when raising a case with Customer Support.For information on viewing session logs, see If-you-encounter-a-problem.
Google Cloud platform
Company
If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
Credential
Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
Regions
Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.
Identity-Aware Proxy Sessions
Select whether to enable use of the Google Cloud platform (GCP) Identity-Aware Proxy for the scan.
Active Sessions
Select the number of active GCP sessions permitted each second. The default value is 50.
Session logging
Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs.
You need to capture session logs only when raising a case with Customer Support.For information on viewing session logs, see If-you-encounter-a-problem.
IBM Cloud, Microsoft Azure, and OpenStack
Company
If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
Session logging
Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs.
You need to capture session logs only when raising a case with Customer Support.For information on viewing session logs, see If-you-encounter-a-problem.
Credential
Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
Regions
Google Cloud platform and IBM Cloud only
Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.Regulatory Domain
Microsoft Azure only
Select the Regulatory Domain to scan from the list.URL
OpenStack only
The URL for the Keystone ServiceOracle Cloud Infrastructure
Company
If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
Credential
Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
Regions
Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.
Where to go from here
Excluding-ranges-from-discovery