AWS Discovery Options - Adaptive Applications - BlueCat Gateway - 23.3.2

Cloud Discovery & Visibility Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
23.3.2

The Discovery Options section of the Amazon Web Services (AWS) Setup page lets you configure the information imported from the AWS infrastructure.

Attention:
  • If you update the name of a Configuration or View in Address Manager after you enable Discovery and Visibility, Cloud Discovery & Visibility AWS will no longer import AWS infrastructure changes into Address Manager.

  • When configuring Cloud Discovery & Visibility AWS to discover resources in an AWS GovCloud environment, note that AWS GovCloud does not use external Route 53 zones. To include Route 53 zones as part of a Discovery job, you must first link them to a non-AWS GovCloud account that points to those Route 53 zones. For more information, see https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/setting-up-route53.html.

In the Discovery Options page, configure the discovered information that you want to import and how you wanted it imported.
  • If you enter the name of an existing Address Manager configuration in the BlueCat Configuration field of the Configuration Options section, CDV automatically populates all views within the Discovery Options section with appropriate values.

  • When configuring new view names in the relevant view fields, click Create <view name> from the dropdown menu, or press Enter to confirm your selection.

Discover AWS resources options

Field/Option Description
AWS Private VPC/Subnet Select this checkbox to import all AWS VPC and Subnet network information. Within Address Manager, private VPCs/Subnets are converted into IPv4 and IPv6 blocks and networks.
AWS Public IP Ranges
Select this checkbox to imports the AWS public address space information of virtual machines and load balancers within the region. Within Address Manager, public VPCs are converted into IPv4 and IPv6 blocks and networks.
Note: When this option is unchecked, the virtual machine and load balancer information is still imported into Address Manager; however, the IP ADDRESSES of Public virtual machine and load balancer devices within Address Manager will be blank.
AWS VPC Endpoints

Endpoint View

Select this checkbox to import VPC endpoint information. In Address Manager, the VPC endpoints are converted into the VPC endpoint device type.

Also, in Endpoint View, enter the name of the view that will be created in Address Manager or select an existing view in Address Manager that will contain the DNS records from the VPC endpoint.
  • The default view name created in Address Manager is AWS VPC Endpoint View.
  • If you enter a configuration name in the BlueCat Target Zone field that already exists in Address Manager, all views are imported into the existing configuration.
AWS Elastic Kubernetes Service

Select this checkbox to import AWS Elastic Kubernetes Service (EKS) resources, including cluster and node groups. Within Address Manager, clusters are converted into devices and node groups are converted into tags.

AWS EC2 Instances

Select this checkbox to import all EC2 instance information. In Address Manager, the EC2 instances are converted into devices.

AWS DNS Hostnames - Internal

DNS Hostname Internal View

Select this checkbox to import internal DNS record information. The internal DNS records are converted into internal DNS records on Address Manager with the prefix defined in the BlueCat Target Zone field.

Also, in DNS Hostname Internal View, enter the name of the view that will be created in Address Manager, or select an existing view in Address Manager that will contain the internal AWS provided name resolution information.
  • The default view name created in Address Manager is AWS Name Resolution Internal.
  • If you enter a configuration name in BlueCat Target Zone that already exists in Address Manager, all views are imported into the existing configuration.
AWS ELBv2 Load Balancers

Select this checkbox to import all ELBv2 load balancer information. In Address Manager, this is converted into the ELBv2 device type.

AWS DNS Hostnames - External

DNS Hostname External View

Select this checkbox to import external DNS record information. The external DNS records are converted into external DNS records on Address Manager with the prefix defined in the BlueCat Target Zone field.
Also, in DNS Hostname External View, enter the name of the view that will be created in Address Manager or select an existing view in Address Manager that will contain the external AWS provided name resolution information.
  • The default view name created in Address Manager is AWS Name Resolution Internal.
  • If you enter a configuration name in the BlueCat Target Zone field that already exists in Address Manager, all views are imported into the existing configuration.
AWS Route 53 DNS - Private

DNS Resource Record Private View

Select this checkbox to import all private AWS Route 53 DNS zone record information. Within Address Manager, the DNS zone records are converted into private DNS records.

Also, in DNS Resource Record Private View, enter the name of the view that will be created in Address Manager, or select an existing view in Address Manager that will contain the internal AWS provided name resolution information.

  • The default view name created in Address Manager is Route53 Private Hosted Zones.
AWS Route 53 DNS - Public

DNS Resource Record Public View

Select this checkbox to import all public AWS Route 53 DNS zone record information. The DNS zone records are converted into public DNS records on Address Manager.

In DNS Resource Record Public View, enter the name of the view that will be created in Address Manager or select an existing view in Address Manager that will contain the external AWS provided name resolution information.

  • The default view name created in Address Manager is Route53 Public Hosted Zones.
Dynamic Update of DNS Resource Records

This option is available only when connecting to Address Manager v9.4.0 or later.

Select this checkbox to update the DNS records in Address Manager and automatically deploy the changes to the primary BDDS of that zone using selective deployment. This checkbox is disabled by default and only available if you select the Enable Visibility after Discovery checkbox.

Attention: You must perform a full DNS deployment to the managed BDDS before any subsequent selective deployments can be performed.

If you are configuring the managed BDDS to exclusively manage the cloud infrastructure, you can run a Discovery job to import the cloud infrastructure into your Address Manager. After the view and zone information are successfully imported into Address Manager, you can configure primary and secondary DNS roles for the selected managed BDDS and perform a full DNS deployment. Then, after DNS data is deployed to the managed BDDS, you can enable the Visibility job to continuously monitor changes to your cloud DNS infrastructure and selectively deploy those changes to the managed BDDS.

AWS Elastic Network Interface Allocations

Select this checkbox to import all Elastic Network Interface (ENI) information in the region during discovery jobs. CDV converts ENIs to IPv4 and IPv6 addresses when importing them into Address Manager.

BlueCat Target Zone options

Field/Option Description
BlueCat Target Zone Enter the name of the DNS zone on Address Manager that will contain EC2 instance DNS records.
Auto Create Zones

Select this checkbox to embed AWS availability zones for EC2 Instances and AWS region names for ELBv2 into the Provided Name Resolution.

Other options

Field/Option Description
Remove Deleted Resources (Tag Deleted Views/Zones during Rediscovery)

Select this checkbox to automatically delete resources (except for DNS Views and Zones) that currently exist in Address Manager, but were not found upon rediscovery. Missing View and Zone resources will be tagged for manual inspection and removal.

For more details on viewing and manually deleting these tagged resources, see Deleting resources flagged as missing during rediscovery.

Dynamic Update of DNS Resource Records

This option is available only when connecting to Address Manager v9.4.0 or later.

Select this checkbox to update the DNS records in Address Manager and automatically deploy the changes to the primary BDDS of that zone using selective deployment. This checkbox is disabled by default and only available if you select the Enable Visibility after Discovery checkbox.

Attention: You must perform a full DNS deployment to the managed BDDS before any subsequent selective deployments can be performed.

If you are configuring the managed BDDS to exclusively manage the cloud infrastructure, you can run a Discovery job to import the cloud infrastructure into your Address Manager. After the view and zone information are successfully imported into Address Manager, you can configure primary and secondary DNS roles for the selected managed BDDS and perform a full DNS deployment. Then, after DNS data is deployed to the managed BDDS, you can enable the Visibility job to continuously monitor changes to your cloud DNS infrastructure and selectively deploy those changes to the managed BDDS.