Cloud discovery Cloud discovery finds resources in AWS and Azure clouds, and then populates the CMDB with the relevant CIs and relationships. Cloud discovery also supports changes to your CIs based on AWS and Azure events. How Cloud Discovery works Types of cloud Discovery Service account cloud discovery Service account cloud discovery finds all resources in an AWS or Azure service account, including all datacenters in the account. The discovery process launches the necessary patterns to find all resources in a service account. You launch this type of cloud discovery from the Service Account form and track the discovery in the Cloud API Trail and Cloud Orchestration Trail. Cloud application discovery Cloud application discovery finds only the cloud resources in a service account for a pattern that you specify. You launch this type of cloud discovery from a Discovery schedule and track the discovery in the Discovery Status. This process is the same when discovering configuration items, IP addresses, or networks. Tracking the results of a Cloud Discovery Typically, you track a discovery through the ECC queue and the discovery status, which shows you see all records for a particular discovery. For Service account cloud discovery, check the Cloud API Trail and Cloud Orchestration Trail. Records in these trails show you the same information in the ECC queue, including which MID Server processed and the log entries created for the discovery. AWS Config and Azure alerts Your instance can detect notifications and alerts from AWS and Azure clouds. Discovery can then make the necessary updates. Note: You do not need the Cloud Management application to use cloud discovery. The Discovery plugin includes the necessary components from Cloud Management to perform cloud discovery. Service account cloud discovery process Add the Cloud Management capability to the MID Servers that you want to use for Cloud Discovery. Set up credentials for either AWS or Azure: For AWS: Create AWS credentials. Set up AWS Identity Access Management (IAM) users. For Azure: Collect the Azure Client ID and Tenant ID. Create Azure credentials (service principals) for Cloud Management. Create a service account for cloud discovery. Run discovery three times: Discover the logical datacenters in the service account, and then discover the resources in them. Run discovery again on specific VMs to get data about them. Note: Open the Cloud API Trail and the Orchestration Trail if you encounter any issues with the discovery. Check the CMDB to see the discovered CIs specific to AWS and Azure clouds. Configure AWS config or Azure alert services so that you know when changes to your cloud resources occur. What to do (Cloud application discovery) Before you run cloud application discovery, you should have an understanding of how patterns work. See Pattern customization for more information. See Run cloud application discovery for directions. Cloud resources and the CMDB Cloud resources are managed in the CMDB just like any other CIs. To see a summary of the necessary credentials for cloud discovery, the patterns used for discovery, and a list of tables and fields that the discovery process populates, see Data collected for AWS and Azure discovery Using a MID Server through a proxy If your MID Server must go through an unauthenticated proxy server to access cloud resources, you must modify the agent\conf\wrapper-override.conf file. wrapper.java.additional.1=-Dhttp.proxySet=true wrapper.java.additional.2=-Dhttp.proxyHost=<proxyHost> wrapper.java.additional.3=-Dhttp.proxyPort=<proxyPort> wrapper.java.additional.4=-DuseProxy=true As with any changes to the MID Server files, restart the MID Server and then test discovery.