Performing a cloud discovery run

Before you can perform a cloud discovery run, you must:

1. Create a credential or access key in the tool you use to access the cloud provider. For Amazon Web Services (AWS), this is the AWS Identity and Access Management (IAM) console.

2. Create a cloud credential in BMC Discovery using the credential or access key you just created.
3. Test the credential.

These steps are described in greater detail in Discovering-Amazon-Web-Services. The following procedure describes performing the cloud discovery run once you have configured and tested your credentials.

1. On the Manage > Discovery page, click Add New Run.
2. In the Timing field, select Snapshot.

3. In the Targeting field, select Cloud.

   

4. Enter the information for the snapshot cloud discovery run in the fields.
   

   Field name	Details
   Label	Enter a label for the discovery run. Where the discovery run is referred to in the UI, it is this label that is shown.
   Timing	Select the run type, one of: Snapshot — The run is performed immediately. Scheduled — The run is performed according to the scheduling information you enter. For this snapshot scan, select Snapshot.
   Targeting	Select the target for the discovery run. This is one of: IP Address — Enter IP address information. Cloud — Enter cloud provider information. API — Enter API provider information. For this cloud scan, select Cloud.
   Provider	Select the type of cloud provider such as Amazon Web Services or Microsoft Azure. The dialog refreshes with fields appropriate to the provider selected.
   Alibaba Cloud
   Company	If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
   Credential	Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
   Regions	Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.
   Session logging	Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs. You need to capture session logs only when raising a case with Customer Support. For information on viewing session logs, see If-you-encounter-a-problem.
   Amazon Web Services
   Company	If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
   Credential	Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
   Regions	Select the region or regions to scan. Click List of regions to scan for full list and select regions from there. Amazon Web Services (AWS) also provides service and regulatory domain groups to scan, enabling you to select all regions in that service or domain.
   Systems Manager Sessions	Select whether to enable use of the AWS Systems Manager for the scan.
   Automatically scan Kubernetes clusters	Select whether to enable automatic scanning of Kubernetes clusters.  When enabled (the default setting), if BMC Discovery finds a Kubernetes cluster, it creates an automatic scan using a Kubernetes token obtained from the cloud provider. See Amazon-Elastic-Container-Service for more information.
   Sessions Per Second	Select the number of AWS sessions permitted each second. The default value is three.
   Active Sessions	Select the number of active AWS sessions permitted each second. The default value is five.
   Session logging	Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs. You need to capture session logs only when raising a case with Customer Support. For information on viewing session logs, see If-you-encounter-a-problem.
   Google Cloud platform
   Company	If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
   Credential	Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
   Regions	Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.
   Identity-Aware Proxy Sessions	Select whether to enable use of the Google Cloud platform (GCP) Identity-Aware Proxy for the scan.
   Automatically scan Kubernetes clusters	Select whether to enable automatic scanning of Kubernetes clusters.  When enabled (the default setting), if BMC Discovery finds a Kubernetes cluster, it creates an automatic scan using a Kubernetes token obtained from the cloud provider. See Google-Cloud-Kubernetes for more information.
   Active Sessions	Select the number of active GCP sessions permitted each second. The default value is 50.
   Session logging	Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs. You need to capture session logs only when raising a case with Customer Support. For information on viewing session logs, see If-you-encounter-a-problem.
   IBM Cloud, Microsoft Azure, and OpenStack
   Company	If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
   Session logging	Choose whether to enable session logging for this scan. Session logging captures raw discovery data that can be used to diagnose discovery and data quality issues. The default is not to capture session logs. You need to capture session logs only when raising a case with Customer Support. For information on viewing session logs, see If-you-encounter-a-problem.
   Credential	Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
   Regions	Google Cloud platform and IBM Cloud only Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.
   Regulatory Domain	Microsoft Azure only Select the Regulatory Domain to scan from the list.
   Automatically scan Kubernetes clusters	IBM Cloud and Microsoft Azure only Select whether to enable automatic scanning of Kubernetes clusters.  When enabled (the default setting), if BMC Discovery finds a Kubernetes cluster, it creates an automatic scan using a Kubernetes token obtained from the cloud provider. See IBM-Cloud-Kubernetes or Microsoft-Azure-Kubernetes for more information.
   URL	OpenStack only The URL for the Keystone Service
   Oracle Cloud Infrastructure
   Company	If you have CMDB synchronization configured with multi-tenancy, select the company to which to assign the discovery run.
   Credential	Select the credential to use for the discovery run. The list is populated with valid credentials for the selected provider.
   Regions	Select the region or regions to scan. Click List of regions to scan for full list and select regions from there.
   Automatically scan Kubernetes clusters	Select whether to enable automatic scanning of Kubernetes clusters.  When enabled (the default setting), if BMC Discovery finds a Kubernetes cluster, it creates an automatic scan using a Kubernetes token obtained from the cloud provider. See Oracle-Cloud-Infrastructure-Kubernetes for more information.

Where to go from here

Excluding-ranges-from-discovery