AWS and Azure cloud discovery

Discovery collects information about cloud resources in AWS and Azure datacenters.

Credentials

Configure AWS and Azure credentials and to be used by the Service Account that you set up for cloud discovery.

Patterns

Discovery uses a combination of probes and sensors, the Cloud Management API and patterns to find cloud resources. These patterns are available by default:
Pattern Description
Amazon AWS Elastic Load Balancer Service Retrieves AWS load balancers and populates the Load Balancer Services [cmdb_ci_lb_service] table. Application load balancers, network load balancers, and classic load balancers are supported.
Amazon AWS Relational Database Service Retrieves RDS instances and populates the Cloud Database [cmdb_ci_cloud_database], create a relationship between cloud database and IP address [cmdb_ci_ip_address] tables.
Azure Database Retrieves Azure databases, including MSSQL, MySQL, Redis, and Documentom, and populates the [cmdb_ci_cloud_database] table.
Azure LoadBalancer TD Retrieves Azure load balancers and populates the Load Balancer Services [cmdb_ci_lb_service] table.
Azure WebSite Retrieves Azure web servers and populates the Cloud WebServers [cmdb_ci_cloud_webserver] and IP address [cmdb_ci_ip_address] tables.
Note: Amazon Route 53 is supported.

Data collected

The following data is collected on the AWS datacenter [cmdb_ci_aws_datacenter] and Azure datacenter [cmdb_ci_azure_datacenter] table.
Label Field Name
Name name
Region region
The following data is collected on the Availability Zones [cmdb_ci_availability_zone] table.
Label Field Name
Name name
The following data is collected on the Virtual Machines [cmdb_ci_vm_instance] table.
Label Field Name
Name name
State state
Object ID object_id
CPUs cpus
Disks disks
Memory memory
Network adapters nics
The following data is collected on the Compute Security Groups [cmdb_ci_compute_security_group] table.
Label Field Name
Name name
Object ID object_id
State state
The following data is collected on the Images [cmdb_ci_os_template] table.
Label Field Name
Name name
Object ID object_id
Guest OS guest_os
Root device type root_device_type
Image source image_source
Image type image_type
The following data is collected on the Hardware types [cmdb_ci_compute_template] table.
Label Field Name
Name name
vCPUs vcpus
Memory MB memory_mb
Local Storage GB local_storage_gb
The following data is collected on the Storage volumes [cmdb_ci_storage_volume] table.
Label Field Name
Name name
State state
Object ID object_id
Storage type storage_type
Size size
The following data is collected on the Cloud Networks [cmdb_ci_network] and VMware vCenter Network [cmdb_ci_vcenter_network] tables.
Label Field Name
Name name
State* state
CIDR* cidr
*Not found on VMware vCenter networks.
The following data is collected on the Cloud Subnets [cmdb_ci_cloud_subnet] table.
Label Field Name
Name name
Status status
CIDR cidr
The following data is collected on the Cloud Management Network Interfaces [cmdb_ci_nic] table.
Label Field Name
Name name
Netmask netmask
MAC Address mac_address
MAC Manufacturer mac_manufacturer
Status install_status
The following data is collected on the Cloud Load Balancers [cmdb_ci_cloud_load_balancer] table.
Label Field Name
Name name
Object ID object_id
State state
The following data is collected on the Azure Deployments [cmdb_ci_azure_deployment] table.
Label Field Name
Name name
Provisioning state provisioning_state
The following data is collected on the Resource Groups [cmdb_ci_resource_group] table.
Label Field Name
Name name
Object ID object_id
The following data is collected on the Public IP Addresses [cmdb_ci_cloud_public_ipaddress] table.
Label Field Name
Name name
Object ID object_id
Public IP address public_ip_address
Public DNS public_dns
The following data is collected on the Storage Accounts [cmdb_ci_cloud_storage_account] table.
Label Field Name
Name name
Object ID object_id
SKu Name sku_name
State state
The following data is collected on the Azure Deployments [cmdb_ci_azure_deployment] table.
Label Field Name
Name name
Provisioning State provisioning_state
The following data is collected on the Cloud Databases [cmdb_ci_cloud_database] table.
Table 1.
Label Field Name
Name name
Region region
Object ID object_id
Type Type
FQDN fqdn
State state

Relationships between virtual machines, datacenters, and other CIs

Table 2.
Class Relationship Class
Virtual Machine Instance [cmdb_ci_vm_instance] Hosted on

AWS Datacenter [cmdb_ci_aws_datacenter]

Azure Datacenter [cmdb_ci_azure_datacenter]

Azure Datacenter [cmdb_ci_azure_datacenter]

Openstack Datacenter []

vCenter Datacenter []

Note: These tables extend Logical Datacenter [cmdb_ci_logical_datacenter]. The relationship between the VM and the specific type of datacenter is through the Logical Datacenter table.
Virtualizes Computer [cmdb_ci_computer]
Note: This is a virtual machine. The Is virtual field is true.

Logical Datacenter [cmdb_ci_logical_datacenter]

Contains Resource Group [cmdb_ci_resource_group]
Hosts Public IP Address [cmdb_ci_cloud_public_ip_address]
Hosted on Service Account [cmdb_ci_cloud_service_account]
Hosts Storage Account [cmdb_ci_cloud_storage_account]
Contains Availability Zone [cmdb_ci_availability_zone]
Contains Host Cluster [cmdb_ci_host_cluster]
Hosts OS Template [cmdb_ci_os_template]
Hosts Compute Template [cmdb_ci_compute_template]
Hosted on Cloud Management Network Interfaces [cmdb_ci_nic]

Azure Datacenter [cmdb_ci_azure_datacenter]

Contains Availability Set [cmdb_ci_availability_set]

AWS Config and Azure Alerts

If you configured AWS Config or Azure alert service, the instance can receive notifications when changes to cloud resources occur. Discovery can then take action and make updates.

AWS config
The instance can detect an AWS config notification with message type ConfigurationItemChangeNotification for these resource types:
  • AWS::EC2::Instance
  • AWS::EC2::VPC
  • AWS::EC2::Subnet
  • AWS::EC2::Volume

Discovery can then make updates to records in the Response Mappings [sn_cmp_response_mapping] table that have Cloud Event in the Datasource field.

Azure alerts
The instance can detect alerts for the following resource types:
  • Microsoft.Compute/virtualMachines
  • Microsoft.Network/networkSecurityGroups
  • Microsoft.Resources/deployments
  • Microsoft.Storage/storageAccountsMicrosoft.Compute/availabilitySets
  • Microsoft.Network/networkInterfaces
  • Microsoft.Network/publicIPAddresses
  • Microsoft.Network/loadBalancers
  • Microsoft.Network/virtualNetworks

Discovery can then run on the specific cloud resource to retentive the changes and update the CMDB.