AWS and Azure cloud discovery

Discovery collects information about cloud resources in AWS and Azure datacenters.

Credentials

Configure AWS and Azure credentials and to be used by the Service Account that you set up for cloud discovery.

Patterns

Discovery uses a combination of probes and sensors, the Cloud Management API and patterns to find cloud resources. These patterns are available by default:
Pattern Description
Amazon AWS Elastic Load Balancer Service Retrieves AWS load balancers and populates the Load Balancer Services [cmdb_ci_lb_service] table. Application load balancers, network load balancers, and classic load balancers are supported.
Amazon AWS Relational Database Service Retrieves RDS instances and populates the Cloud Database [cmdb_ci_cloud_database], create a relationship between cloud database and IP address [cmdb_ci_ip_address] tables.
Amazon AWS Route53 HD Resolves DNS names and aliases for the AWS cloud.
Azure Database Retrieves Azure databases, including MSSQL, MySQL, Redis, and Documentom, and populates the [cmdb_ci_cloud_database] table.
Azure LoadBalancer TD Retrieves Azure load balancers and populates the Load Balancer Services [cmdb_ci_lb_service] table. This pattern is only used by Service Mapping for top-down discovery, not by the Discovery application for horizontal discovery.
Note: When using Service Mapping to find AWS cloud resources, this pattern is not used.
Azure WebSite Retrieves Azure web servers and populates the Cloud WebServers [cmdb_ci_cloud_webserver] and IP address [cmdb_ci_ip_address] tables.
Note: Amazon Route 53 is supported.

Data collected

The following data is collected on the AWS datacenter [cmdb_ci_aws_datacenter] and Azure datacenter [cmdb_ci_azure_datacenter] table.
Label Field Name
Name name
Region region

The following data is collected on the Availability Zones [cmdb_ci_availability_zone] table.
Label Field Name
Name name

The following data is collected on the Virtual Machines [cmdb_ci_vm_instance] table.
Label Field Name
Name name
State state
Object ID object_id
CPUs cpus
Disks disks
Memory memory
Network adapters nics

The following data is collected on the Compute Security Groups [cmdb_ci_compute_security_group] table.
Label Field Name
Name name
Object ID object_id
State state

The following data is collected on the Images [cmdb_ci_os_template] table.
Label Field Name
Name name
Object ID object_id
Guest OS guest_os
Root device type root_device_type
Image source image_source
Image type image_type

The following data is collected on the Hardware types [cmdb_ci_compute_template] table.
Label Field Name
Name name
vCPUs vcpus
Memory MB memory_mb
Local Storage GB local_storage_gb

The following data is collected on the Storage volumes [cmdb_ci_storage_volume] table.
Label Field Name
Name name
State state
Object ID object_id
Storage type storage_type
Size size

The following data is collected on the Cloud Networks [cmdb_ci_network] and VMware vCenter Network [cmdb_ci_vcenter_network] tables.
Label Field Name
Name name
State* state
CIDR* cidr
*Not found on VMware vCenter networks.

The following data is collected on the Cloud Subnets [cmdb_ci_cloud_subnet] table.
Label Field Name
Name name
Status status
CIDR cidr

The following data is collected on the Cloud Management Network Interfaces [cmdb_ci_nic] table.
Label Field Name
Name name
Netmask netmask
MAC Address mac_address
MAC Manufacturer mac_manufacturer
Status install_status

The following data is collected on the Cloud Load Balancers [cmdb_ci_cloud_load_balancer] table.
Label Field Name
Name name
Object ID object_id
State state

The following data is collected on the Azure Deployments [cmdb_ci_azure_deployment] table.
Label Field Name
Name name
Provisioning state provisioning_state

The following data is collected on the Resource Groups [cmdb_ci_resource_group] table.
Label Field Name
Name name
Object ID object_id

The following data is collected on the Public IP Addresses [cmdb_ci_cloud_public_ipaddress] table.
Label Field Name
Name name
Object ID object_id
Public IP address public_ip_address
Public DNS public_dns

The following data is collected on the Storage Accounts [cmdb_ci_cloud_storage_account] table.
Label Field Name
Name name
Object ID object_id
SKu Name sku_name
State state
The following data is collected on the DNS name [cmdb_ci_dns_name] and DNS Alias [cmdb_ci_dns_alias] tables.
Label Field name
DNS Alias [cmdb_ci_dns_alias]
Name name
Category category
Status status
DNS name [cmdb_ci_dns_name]
Name name
IP address ip_address

The following data is collected on the Azure Deployments [cmdb_ci_azure_deployment] table.
Label Field Name
Name name
Provisioning State provisioning_state

The following data is collected on the Cloud Databases [cmdb_ci_cloud_database] table.
Label Field Name Description
Name name The name of the database that you created in AWS or Azure.
Object ID object_id This is also the name of the database.
Type Type The type of database you created.
Fully qualified domain name fqdn The FQDN that AWS or Azure assigned to your database. An example format for AWS is as follows:

database-name.{random-number}.{datacenter}.rds.amazonaws.com

State state The state of the database: whether it is Available or Terminated.
TCP port(s) tcp_port The TCP port that the database communicates through.
Category category The instance class of the database, for example: db.t2.micro.

Relationships between virtual machines, datacenters, and other CIs

Table 1.
Class Relationship Class
Virtual Machine Instance [cmdb_ci_vm_instance] Hosted on

AWS Datacenter [cmdb_ci_aws_datacenter]

Azure Datacenter [cmdb_ci_azure_datacenter]

Azure Datacenter [cmdb_ci_azure_datacenter]

Openstack Datacenter [cmdb_ci_openstack_datacenter]

vCenter Datacenter [cmdb_ci_vcenter_datacenter]

Note: These tables extend Logical Datacenter [cmdb_ci_logical_datacenter]. The relationship between the VM and the specific type of datacenter is through the Logical Datacenter table.
Virtualizes Computer [cmdb_ci_computer]
Note: This is a virtual machine. The Is virtual field is true.

Logical Datacenter [cmdb_ci_logical_datacenter]

Contains Resource Group [cmdb_ci_resource_group]
Hosts Public IP Address [cmdb_ci_cloud_public_ip_address]
Hosted on Service Account [cmdb_ci_cloud_service_account]
Hosts Storage Account [cmdb_ci_cloud_storage_account]
Contains Availability Zone [cmdb_ci_availability_zone]
Contains Host Cluster [cmdb_ci_host_cluster]
Hosts OS Template [cmdb_ci_os_template]
Hosts Compute Template [cmdb_ci_compute_template]
Hosted on Cloud Management Network Interfaces [cmdb_ci_nic]

Azure Datacenter [cmdb_ci_azure_datacenter]

Contains Availability Set [cmdb_ci_availability_set]

AWS Config and Azure Alerts

If you configured AWS Config or Azure alert service, the instance can receive notifications when changes to cloud resources occur. Discovery can then take action and make updates.

AWS config
The instance can detect an AWS config notification with message type ConfigurationItemChangeNotification for these resource types:
  • AWS::EC2::Instance
  • AWS::EC2::VPC
  • AWS::EC2::Subnet
  • AWS::EC2::Volume

Discovery can then make updates to records in the Response Mappings [sn_cmp_response_mapping] table that have Cloud Event in the Datasource field.

Azure alerts
The instance can detect alerts for the following resource types:
  • Microsoft.Compute/virtualMachines
  • Microsoft.Network/networkSecurityGroups
  • Microsoft.Resources/deployments
  • Microsoft.Storage/storageAccountsMicrosoft.Compute/availabilitySets
  • Microsoft.Network/networkInterfaces
  • Microsoft.Network/publicIPAddresses
  • Microsoft.Network/loadBalancers
  • Microsoft.Network/virtualNetworks

Discovery can then run on the specific cloud resource to retentive the changes and update the CMDB.