Amazon AWS Cloud Discovery

Watch

Save as PDF

Share this page

Feedback

IT Operations Management

HomeWashington DC IT Operations ManagementIT Operations ManagementITOM VisibilityDiscoveryExploring Cloud DiscoveryAmazon AWS Cloud Discovery

Table of Contents

Amazon AWS Cloud Discovery

Release version:
Washington DC
Yokohama
Xanadu
Vancouver
Utah
UpdatedMar 5, 2024
4 minutes to read

Washington DC
Discovery

Use Cloud Discovery to discover virtual resources in your AWS organizations: management and member accounts.

Make sure that you set up Cloud Discovery and provide all the necessary permissions and credentials for discovering AWS resources. For more information, see Set up AWS service accounts.

Discovered relationships between virtual machines, datacenters, and other CIs


Class	Relationship	Class
Virtual Machine Instance [cmdb_ci_vm_instance]	Hosted on	AWS Datacenter [cmdb_ci_aws_datacenter] vCenter Datacenter [cmdb_ci_vcenter_datacenter] Note: These tables extend Logical Datacenter [cmdb_ci_logical_datacenter]. The relationship between the VM and the specific type of datacenter is through the Logical Datacenter table.
Virtual Machine Instance [cmdb_ci_vm_instance]	Virtualizes	Computer [cmdb_ci_computer] Note: This is a virtual machine. The Is virtual field value is true.
Logical Datacenter [cmdb_ci_logical_datacenter]	Contains	Resource Group [cmdb_ci_resource_group]
	Hosts	Public IP Address [cmdb_ci_cloud_public_ip_address]
	Hosted on	Cloud Service Account [cmdb_ci_cloud_service_account]
	Hosts	Storage Account [cmdb_ci_cloud_storage_account]
	Contains	Availability Zone [cmdb_ci_availability_zone]
	Contains	Host Cluster [cmdb_ci_host_cluster]
	Hosts	OS Template [cmdb_ci_os_template]
	Hosts	Compute Template [cmdb_ci_compute_template]
	Hosted on	Cloud Management Network Interfaces [cmdb_ci_nic]
Cloud DataBase [cmdb_ci_cloud_database]	Owns	IP Address [cmdb_ci_ip_address]
	Hosted on	AWS Datacenter [cmdb_ci_aws_datacenter]
	Hosted on	Cloud Service Account [cmdb_ci_cloud_service_account]

Data collected by Service Mapping during top-down discovery

To include discovered components into application services, enable CI relationships used in tag-based discovery by Service Mapping. These CI relationships are available from the 1.0.68 release on the ServiceNow Store. For operational steps, see Tag-based discovery configuration.

Service Mapping uses tag-based discovery to create application service maps including the Cloud components. The Service Mapping application comes with the following preconfigured CI relationships used for tag-based discovery. These CI relationships are available from the 1.0.68 release on the ServiceNow Store.


CI	Relationship	CI
Configuration Item [cmdb_ci]	Hosted on::Hosts	Logical Datacenter [cmdb_ci_logical_datacenter]
Logical Datacenter [cmdb_ci_logical_datacenter]	Hosted on::Hosts	Cloud Service Account [cmdb_ci_cloud_service_account]

AWS Config service

If you configured the configure AWS Config service, the instance can receive notifications when changes to cloud resources occur. Discovery can then take action and make updates.

The instance can detect an AWS config notification with message type ConfigurationItemChangeNotification for these resource types:

AWS::DynamoDB::Table
AWS::EC2::Instance
AWS::EC2::SecurityGroup
AWS::EC2::Subnet
AWS::EC2::Volume
AWS::EC2::VPC
AWS::ElasticLoadBalancing::LoadBalancer
AWS::ElasticLoadBalancingV2::LoadBalancer
AWS::RDS::DBInstance
AWS::S3::Bucket

Discovery can then make updates to records in the Response Mappings [sn_cmp_response_mapping] tables that have Cloud Event in the Datasource field.

Amazon Connect Discovery API list

Table 1. AWS Datacenter (cmdb_ci_aws_datacenter)
CI Attributes	AWS Attributes
object_id	DescribeRegionsResponse.regionInfo.item.regionName
name	DescribeRegionsResponse.regionInfo.item.regionName
region	DescribeRegionsResponse.regionInfo.item.regionName
status	Installed/Retired

Table 2. Availability Zone (cmdb_ci_availability_zone)
CI Attributes	AWS Attributes
object_id	DescribeAvailabilityZonesResponse.availabilityZoneInfo.item.zoneName
name	DescribeAvailabilityZonesResponse.availabilityZoneInfo.item.zoneName
state	DescribeAvailabilityZonesResponse.availabilityZoneInfo.item.zoneState
status	Installed/Retired

Table 3. Public IP Address (cmdb_ci_cloud_public_ipaddress)
CI Attributes	AWS Attributes
object_id	DescribeAddressesResponse.addressesSet.item.allocationid
name	DescribeAddressesResponse.addressesSet.item.elastic_name
public_ip_address	DescribeAddressesResponse.addressesSet.item.eip
region	DescribeAddressesResponse.addressesSet.item.region
domain	DescribeAddressesResponse.addressesSet.item.domain
status	Installed/Retired

Table 4. Virtual Server (cmdb_ci_vm_instance)
CI Attributes	AWS Attributes
memory	DescribeInstancesResponse.reservationSet.item.instancesSet.item.instanceType - Call Hardware Types
state	DescribeInstancesResponse.reservationSet.item.instancesSet.item.instanceState.name
object_id	DescribeInstancesResponse.reservationSet.item.instancesSet.item.instanceId
cpus	DescribeInstancesResponse.reservationSet.item.instancesSet.item.instanceType - Call Hardware Types
disks	DescribeVolumesResponse.volumeSet.item.attachmentSet.item.blockDeviceMapping[].size
nics	DescribeInstancesResponse.reservationSet.item.instancesSet.item.networkInterfaceSet[].size
vm_inst_id	DescribeInstancesResponse.reservationSet.item.instancesSet.item.instanceId
name	"DescribeInstancesResponse.reservationSet.item.instancesSet.item.tagSet.item.value==Name OR DescribeInstancesResponse.reservationSet.item.instancesSet.item.instanceId"
status	Installed/Retired

Table 5. Storage Volume (cmdb_ci_storage_volume)
CI Attributes	AWS Attributes
state	DescribeVolumesResponse.volumeSet.item.status
storage_type	block
volume_id	DescribeVolumesResponse.volumeSet.item.volumeId
name	"DescribeVolumesResponse.volumeSet.item.volumeId OR DescribeVolumesResponse.volumeSet.item.tagSet.value==Name"
size_bytes	DescribeVolumesResponse.volumeSet.item.size * 1024 * 1024 * 1024
object_id	DescribeVolumesResponse.volumeSet.item.volumeId
size	DescribeVolumesResponse.volumeSet.item.size + "GB"
status	Installed/Retired

Table 6. Image (cmdb_ci_os_template)
CI Attributes	AWS Attributes
name	DescribeImagesResponseimagesSet.item.name
object_id	DescribeImagesResponseimagesSet.item.imageId
guest_os	DescribeImagesResponseimagesSet.item.platform
image_type	DescribeImagesResponseimagesSet.item.imageType
root_device_type	DescribeImagesResponseimagesSet.item.rootDeviceType
image_source	DescribeImagesResponseimagesSet.item.imageLocation
status	Installed/Retired

Table 7. Network (cmdb_ci_network)
CI Attributes	AWS Attributes
is_shared	FALSE
object_id	DescribeVpcsResponse.vpcSet.item.vpcId
state	DescribeVpcsResponse.vpcSet.item.state
netmask	Not applicable
name	"DescribeVpcsResponse.vpcSet.item.tagSet.item.value <key=""name""> OR DescribeVpcsResponse.vpcSet.item.cidrBlock+ ""[""+DescribeVpcsResponse.vpcSet.item.tagSet.item.vpcId+""]"""
is_external	FALSE
cidr	DescribeVpcsResponse.vpcSet.item.cidrBlock + DescribeVpcsResponse.vpcSet.item.cidrBlockAssociationSet.item.ipv6CidrBlock
default_gateway	DescribeInternetGatewaysResponse.internetGatewaySet.item.internetGatewayId
status	Installed/Retired

Table 8. Cloud Key Pair (cmdb_ci_cloud_key_pair)
CI Attributes	AWS Attributes
name	aws-service_account_name + region_name + DescribeKeyPairsResponse.keySet.item.keyName
finger_print	DescribeKeyPairsResponse.keySet.item.keyFingerprint
object_id	DescribeKeyPairsResponse.keySet.item.keyName
status	Installed/Retired

Table 9. Cloud Load Balancer (cmdb_ci_cloud_load_balancer)
CI Attributes	AWS Attributes
object_id	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancerDescriptions.member.LoadBalancerName
name	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancerDescriptions.member.LoadBalancerName
state	Available/ Terminated
dns_name	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancerDescriptions.member.DNSName
fqdn	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancerDescriptions.member.DNSName
canonical_hosted_zone_name	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancerDescriptions.member.CanonicalHostedZoneName
canonical_hosted_zone_id	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancerDescriptions.member.CanonicalHostedZoneNameID
status	Installed/Retired

Table 10. AWS RDS (cmdb_ci_cloud_database)
CI Attributes	AWS Attributes
category – DB class (‘templates’ for CPU and memory)	https://rds.us-east-1.amazonaws.com/?Action=DescribeDBInstances
object_id – DB name (unique for each LDC)	https://rds.us-east-1.amazonaws.com/?Action=DescribeDBInstances&DBInstanceIdentifier=<input_object_id>
fqdn – DB endpoint address (DNS name)	https://tagging.us-east-1.amazonaws.com/ (tags discovery)
tcp_port – DB endpoint port	DescribeDBInstancesResponse.DescribeDBInstancesResult.DBInstances.Endpoint.Port Or DescribeDBClustersResponse.DescribeDBClustersResult.DBClusters.Port
name – DB name	DescribeDBInstancesResponse.DescribeDBInstancesResult.DBInstances.DBName Or DescribeDBClustersResponse.DescribeDBClustersResult.DBClusters.DBClusterIdentifier
version – DB version	DescribeDBInstancesResponse.DescribeDBInstancesResult.DBInstances.EngineVersion Or DescribeDBClustersResponse.DescribeDBClustersResult.DBClusters.EngineVersion
type – Database type (Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle Database, and SQL Server)	DescribeDBInstancesResponse.DescribeDBInstancesResult.DBInstances.Engine Or DescribeDBClustersResponse.DescribeDBClustersResult.DBClusters.Engine
operational_status – The status of the database	Operational/Non-Operational/Retired
ip_address – IP address of the FQDN	com.snc.sw.util.DNSUtils.resolveHostName( DescribeDBInstancesResponse.DescribeDBInstancesResult.DBInstances.Endpoint.AddressOrDescribeDBClustersResponse.DescribeDBClustersResult.DBClusters.Endpoint)
vendor – “Amazon”	Amazon
fqdn – DB endpoint address (DNS name)	DescribeDBInstancesResponse.DescribeDBInstancesResult.DBInstances.Endpoint.Address Or DescribeDBClustersResponse.DescribeDBClustersResult.DBClusters.Endpoint

Table 11. Cloud subnet (cmdb_ci_cloud_subnet)
CI Attributes	AWS Attributes
name	"DescribeSubnetsResponse.subnetSet.item.cidrBlock OR DescribeSubnetsResponse.subnetSet.item.tagSet.item.value <key=""name"">"
object_id	DescribeSubnetsResponse.subnetSet.item.subnetId
cidr	DescribeSubnetsResponse/subnetSet/item/cidrBlock + /DescribeSubnetsResponse/subnetSet/item/ipv6CidrBlockAssociationSet/item/ipv6CidrBlock/
status	Installed/Retired
state	DescribeSubnetsResponse.subnetSet.item.state
available_ip_count	DescribeSubnetsResponse.subnetSet.item.availableIpAddressCount

Table 12. Cloud Network (Interfaces cmdb_ci_nic)
CI Attributes	AWS Attributes
name	DescribeNetworkInterfacesResponse.networkInterfaceSet.item.networkInterfaceId
private_ip	DescribeNetworkInterfacesResponse.networkInterfaceSet.item.privateIpAddress
object_id	DescribeNetworkInterfacesResponse.networkInterfaceSet.item.networkInterfaceId
public_ip	DescribeNetworkInterfacesResponse.networkInterfaceSet.item.asscoiation.publicIp
gateway	Not applicable
private_dns	DescribeNetworkInterfacesResponse.networkInterfaceSet.item.privateDnsName
state	In Use/Terminated
owner	Not applicable
netmask	255.255.255.0
is_source_dest_check	DescribeNetworkInterfacesResponse.networkInterfaceSet.item.sourceDestCheck
public_dns	DescribeNetworkInterfacesResponse.networkInterfaceSet.item.asscoiation.publicDnsName
status	Installed/Retired

Table 13. Storage Mapping (cmdb_ci_storage_mapping)
CI Attributes	AWS Attributes
name	DescribeVolumesResponse.volumeSet.item.attachmentSet.item.blockDeviceMapping.ebs.volumeId
object_id	DescribeVolumesResponse.volumeSet.item.attachmentSet.item.blockDeviceMapping.ebs.volumeId
mapping_type	DescribeVolumesResponse.volumeSet.item.attachmentSet.item.blockDeviceMapping.rootDeviceType
host	DescribeVolumesResponse.volumeSet.item.attachmentSet.item.blockDeviceMapping.publicIPAddress
mount_point	DescribeVolumesResponse.volumeSet.item.attachmentSet.item.blockDeviceMapping.rootDeviceName

Table 14. Security Groups (cmdb_ci_compute_security_group)
CI Attributes	AWS Attributes
object_id	DescribeSecurityGroupsResponse.securityGroupInfo.item.groupId
name	DescribeSecurityGroupsResponse.securityGroupInfo.item.groupName
state	Available/Terminated
status	Installed/Retired

Table 15. Hardware Types (cmdb_ci_compute_template)
CI Attributes	AWS Attributes
object_id	No AWS Response
name	DescribeInstanceTypesResponse.instanceTypeSet.item.instanceType
vcpus	DescribeInstanceTypesResponse.instanceTypeSet.item.vCpuInfo.defaultVCpus
memory_mb	DescribeInstanceTypesResponse.instanceTypeSet.item.memoryInfo.sizeInMiB
local_storage_gb	DescribeInstanceTypesResponse.instanceTypeSet.item.instanceStorageInfo.totalSizeInGB
cores	DescribeInstanceTypesResponse.instanceTypeSet.item.vCpuInfo.defaultCores
status	Installed/Retired

Table 16. Cloud Public IP Address (cmdb_ci_cloud_lb_ipaddress)
CI Attributes	AWS Attributes
object_id	<resolved dns name>
name	<resolved dns name>
ipaddress_type	<is not populated by CMP>
status	Installed/Retired

Table 17. Cloud Load Balancer Service (cmdb_ci_lb_service)
CI Attributes	AWS Attributes
name	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancers.DNSName:DescribeListenersResponse.DescribeListenersResult.Listeners.Port
object_id	DescribeLoadBalancersResponse.DescribeLoadBalancersResult.LoadBalancers.DNSName:DescribeListenersResponse.DescribeListenersResult.Listeners.Port
port	DescribeListenersResponse.DescribeListenersResult.Listeners.Port
server_port	DescribeListenersResponse.DescribeListenersResult.Listeners.Port
server_protocol	DescribeListenersResponse.DescribeListenersResult.Listeners.Protocol
listener_protocol	DescribeListenersResponse.DescribeListenersResult.Listeners.Protocol
status	Installed/Retired
ssl_certificate_id	Not applicable

Washington DC IT Operations Management

Filters

Versions

Products