After you create AWS accounts, you run Discovery to discover AWS accounts and
The discovery of Amazon Web Services cloud is based on account information rather
than an IP range. MID Servers are not used in this type of discovery. An AWS web service
account is a master account that has many subscriptions, where each subscription is a
set of login credentials. Each subscription has views into the resources available in
the master account to that subscription. To discover the entire web service account, you
must have the credentials for each subscription.
Role required: aws_admin or cloud_admin
Amazon Web Services account
The account used for the AWS discovery scan needs the
ReadOnlyAccess permissions policy applied to it.
A Discovery schedule
can discover one or more Amazon web service accounts.
To perform host-based discovery of the virtual hosts contained within an AWS Virtual
Private Cloud (VPC):
- A MID server must be installed and configured on a node within the VPC.
- Each VPC that is discovered must have a separate Discovery schedule for
the IP addresses in the VPC.
Navigate to the account to discover: Either:
Select the account to discover and click the Create Discovery
Schedule related link.
On the Discovery Schedule page, click the Discover now
The system performs the Discovery
lists the results in the Discovery Status
Discovered resources are listed on the Account page, grouped by type on separate