Service accounts for Discovery and Service Mapping

Service accounts save information about your AWS and Azure accounts, including the credentials necessary to access the account. Create a service account and run discovery on it to populate the CMDB with your cloud resources.

Note: VMware discovery does not require a service account. To discover VMware resources, configure a standard discovery schedule that is configured to run on the IP address of the vCenter server. See VMware virtual machines for more information.

Logical datacenters

Each AWS and Azure service account includes logical datacenters, which are region-specific containers for virtual resources. When you run Discovery on a service account, the data centers and the resources in them are both populated.

Create a service account for cloud discovery

After you configure AWS or Azure, create a service account.

Before you begin

  • Role required: discovery_admin, sm_admin
  • Credentials required: AWS or Azure credentials

Procedure

  1. Navigate to Cloud Management > Cloud Infrastructure > Service Accounts.
  2. Click New.
  3. Fill out the form fields (see table):
    Figure 1. The Service Account form
    The Service Account form
    Field Description
    Name Enter a descriptive name for the account.
    Account ID Enter the account ID to which this credential belongs.
    • An AWS account ID is a 12-digit number.
    • For Azure, the account ID is the subscription ID.
    • For VMWare: the account ID is the instance UUID.
    Discovery credentials Create the credentials required to manage this account.
    Datacenter URL Enter the URL for the datacenter. This is mandatory for VMware vCenter datacenters.

    The URL must be the full URL, for example: https://<IP-of-vCenter/sdk>

    Datacenter type Select the table from the CMDB that represents the type of datacenter.
    Datacenter discovery status The last execution of datacenter discovery.
  4. Click Submit.
    Your new account is created, and the list of all cloud service accounts is displayed.

What to do next

Discover AWS and Azure logical datacenters from a service account to find logical datacenters.

Discover AWS and Azure logical datacenters from a service account

After you set up service accounts, you can run manual discovery or set up a discovery schedule to find the datacenters already in your AWS and Azure clouds.

Before you begin

  • Roles required: discovery_admin, sm_admin
  • Accounts required: a service account for AWS or Azure
  • Credentials required: AWS or Azure credentials

About this task

These instructions apply to service account cloud discovery, not to cloud application discovery. See Cloud discovery for descriptions of each.
Note: VMware discovery does not require a service account. To discover VMware resources, configure a standard discovery schedule that is configured to run on the IP address of the vCenter server. See VMware virtual machines for more information.

Procedure

  1. Navigate to Cloud Management > Cloud Infrastructure > Service Accounts.
  2. Click the name of a service account.
  3. Click Discover Datacenters under Related links.
  4. Wait for the Datacenter discovery status field to show a status of complete. You should see this message if the discovery was successful: YYYY-MM-DD HH:MM:SS: Completed....Reload this form to see an updated datacenter list.
  5. Reload the form.

Result

The discovered datacenters appear in the Logical Datacenters Related list.
Note: Check the Cloud API Trail and the Orchestration Trail if you encountered any issues with the discovery.

Discover cloud resources in a service account

After you discover datacenters in a service account, run Discover Now or set up a discovery schedule to populate cloud resources in the CMDB.

Before you begin

  • Role required: discovery_admin, sm_admin
  • Accounts required: a service account for AWS or Azure
  • Credentials required: AWS or Azure credentials
  • You must discover datacenters in a service account before you can discover cloud resources.

About this task

These instructions apply to service account cloud discovery, not to cloud application discovery. See Cloud discovery for descriptions of each.

Procedure

  1. Navigate to Cloud Management > Cloud Infrastructure > Service Accounts.
  2. Click the name of a service account.
  3. Click Create Discovery Schedule.
  4. Configure the schedule. See Schedule a Discovery for details on all the fields.
    Keep the Discover field Cloud Resources.
  5. Click Discover now or wait for the scheduled discovery to run.
    If you ran Discover now, the discovery status record for that discovery is created immediately. If you scheduled a discovery, it appears when the discovery is initiated.
  6. Open the discovery status record to see the results of the discovery.
    Figure 2. Example list of logical datacenters in Devices list
    Example list of logical datacenters in Devices list
  7. The Devices related list on the discovery status datacenter shows you the same datacenters that are available on the service account.
  8. Navigate back to the service account and open a datacenter from the Logical Datacenters related list. The same list of datacenters appears as in the Devices related list on the discovery status.
    Figure 3. Example list of logical datacenters
    Example list of logical datacenters
  9. Open a datacenter.

    The related lists, such as Virtual Machines, Images, Storage volumes, show you the discovered resources in the datacenter. The related lists differ depending on what Discovery found.

    Figure 4. Example discovered resources
    Example discovered resources

What to do next

Run Discovery on virtual machines in your cloud to build relationships between virtual machines.
Note:

Check the Cloud API Trail and the Orchestration Trail if you encountered any issues with the discovery.

Run Discovery on virtual machines in your cloud

After you run Discovery on a service account, run discovery again on the known IP addresses of your virtual machines in the cloud. This builds relationships between virtual machine CIs.

Before you begin

  • Role required: discovery_admin, sm_admin
  • Credentials required: a service account with appropriate AWS or Azure credentials, and appropriate virtual machine credentials, such as Windows or Linux.

About this task

These instructions apply to service account cloud discovery, not to cloud application discovery. See Cloud discovery for descriptions of each.

Procedure

  1. Navigate to Discovery > Discovery Schedules.
  2. Configure a discovery schedule by adding the specific IP addresses of the virtual machines to the Discovery IP Ranges related list. See Schedule a Discovery for more information on configuring a schedule.
  3. Run Discover Now, or wait for the scheduled discovery to run.
    The virtual machines are populated in the relevant table, such as Linux Server [cmdb_ci_linux_server], and so on.
  4. After discovery completes, click the Discovery Status related list on the discovery schedule and open the status record.
  5. On the Devices related list, sort the results by the desired column, such as the CMDB CI that was created or updated.
    Figure 5. Example discovered virtual machines
    Example discovered virtual machines
  6. On the Devices related list, click the link for the discovered machine in the CMDB CI column.
  7. At the bottom of the form, view the relationships to this virtual machine under Related Items.
    Figure 6. Example relationships of a virtual machine in an AWS cloud
    Example relationships

What to do next

Check the Cloud API Trail and the Orchestration Trail if you encountered any issues with the discovery.

Check the CMDB to see the discovered CIs.

Run cloud application discovery

Cloud application discovery discovers only the cloud resources in a service account for a single pattern that you specify.

Before you begin

  • Roles required: discovery_admin, sm_admin
  • Accounts required: a service account for AWS or Azure
  • Credentials required: AWS or Azure credentials

About this task

These instructions apply to cloud application discovery, not to service account discovery. See Cloud discovery for descriptions of each.

Procedure

  1. Navigate to Discovery > Discovery Schedules.
  2. Click New.
  3. Select the Cloud application in the Discovery field. See Schedule a Discovery for explanation of other fields.
  4. Right-click the form header and select Save.
  5. In the Cloud Execution Pattern related list, click New.
  6. Fill out the form fields (see table):
    Field Description
    Name Provide a descriptive name.
    Pattern Select the pattern you want to use for cloud discovery. See AWS and Azure cloud discovery for a list of out-of-box patterns.
    Service account Enter the AWS or Azure service account that contains the cloud resources.
    Active Keep this check box selected to use the pattern execution definition.
  7. Click Submit.
  8. Execute discovery by clicking Discover Now or wait until the schedule triggers the discovery.

Result

Check the Discovery status to see the Discovery log, the devices list, which holds the discovered CIs, and the ECC queue records. Note that the Shazzam probe did not launch and Discovery did not trigger any classification probes.