You can choose from two monitoring modes.
Scheduled Discovery
When you select the Scheduled Discovery radio button, Cloud Discovery & Visibility creates a scheduled discovery of AWS resources based on the configuration settings in the Discovery Options section. Cloud Discovery & Visibility will periodically monitor changes made to AWS resources based on the configured interval.
Scheduled monitoring is available only for VPC/Subnets, VM instances, load balancers, Cloud DS, private service connect, and Kubernetes Engine.
You can configure the following options:
Schedule options
Field/Option | Description |
---|---|
Run Once | Cloud Discovery & Visibility runs discovery on AWS resources a single time, based on the configuration settings in the Discovery Options section. Tip: To instead run this discovery configuration
multiple times at regular intervals, simply uncheck this
checkbox and enter the desired interval in the
Interval field.
|
Interval | The interval time between discovery jobs. The interval indicates the amount of time, in seconds, that Cloud Discovery & Visibility waits after the previous discovery job finishes before starting the next discovery job. Note: The scheduled discovery task only supports the discovery of
VPC/Subnet, EC2 Instances, Load Balancers, Route 53, VPC
Endpoints, and Kubernetes Services.
To run the discovery only once, select the Run Once checkbox. |
Address Manager User options
Field/Option | Description |
---|---|
Address Manager Username Address Manager Password |
The Address Manager Username field is
populated with the current user that is logged into Gateway.
If required, you can update the username to another Address
Manager user.
Note: This user should be an Address Manager
administrative API user with full permissions.
In
the Address Manager Password field,
enter the password for the Address Manager user. |
Visibility
When you select the Visibility radio button, Cloud Discovery & Visibility creates a visibility task to retrieve AWS resources based on the configuration settings in the Discovery Options section.
You can configure the following options:
Address Manager User options
Field/Option | Description |
---|---|
Address Manager Username Address Manager Password |
The Address Manager Username field is
populated with the current user that is logged into Gateway. If
required, you can update the username to another Address Manager
user.
Note: This user should be an Address Manager
administrative API user with full permissions.
In the
Address Manager Password field, enter
the password for the Address Manager user. |
AWS Service Account options
Field/Option | Description |
---|---|
Service Account Key |
Enter the AWS access key ID for the account used in the AWS Credentials page. |
Service Account Secret | Enter the AWS secret access key for the account used in the AWS Credentials page. |
Advanced AWS Parameters options
Field/Option | Description |
---|---|
Enable AWS Role Assumption | Select this checkbox to use AssumeRole security credentials
within your account to gain visibility into your AWS environment.
Attention: If you deployed Cloud Discovery &
Visibility on an AWS EC2 Instance, the following fields do not
appear if you also selected the Get Credentials from
environment checkbox within the AWS
Credentials page.
|
AWS Role ARN |
Note: This field is not available if you're automatically
acquiring Cloud Discovery & Visibility credentials from
an EC2 Instance. (That is, if CDV is deployed on an AWS EC2
Instance and you selected the Get Credentials
from environment checkbox within the
AWS Credentials
page.)
Enter the AWS role assumption ARN. The AWS role ARN
must be in the following format:
For example,
|
Override Queue and Notification Default Names |
Select the Override Queue and Notification Default Names checkbox to specify custom queue and notification names to be created in the cloud where you have specific naming requirements for those resources, instead of using the default generated names. Selecting this checkbox displays the following fields:
If you enter a name that already exists in the resource group, you'll be asked if you want to reuse the same name. Click Cancel (and choose a different name) if you think your Visibility jobs will affect other Visibility jobs using the same name. Click Reuse to confirm use of the same name (that is, if you're sure that your jobs will not impact other Visibility jobs with the same name). Attention:
When overriding queue and notification default names:
|