What's new in recent releases - Adaptive Applications - BlueCat Gateway - 23.1.1

Cloud Discovery & Visibility Administration Guide
Locale
English
Product name
BlueCat Gateway
Version
23.1.1

The following features were introduced in Cloud Discovery & Visibility v23.1:

(AWS and Azure) Support for scheduling Discovery jobs

Cloud Discovery & Visibility v23.1 introduces the ability to configure scheduled discovery jobs, ensuring that new resources are discovered at a regular cadence. You can configure the interval at which you would like to continuously monitor your cloud resources independent of visibility jobs.

For more information on configuring scheduled discovery jobs, see AWS Monitoring Options for AWS configuration and Azure Monitoring Options for Azure configuration.

Enhancements to API endpoint for calculating permission hashes

The POST /visibility/default-queue-names-generator API has been enhanced to support default queue name generation that includes the VM credentials and traditional credentials for Cloud Discovery & Visibility instances deployed to cloud environments. The API now includes a new is_running_on_native_cloud parameter to distinguish cloud-deployed CDV instances and ensuring that the instance has substantial cloud permissions.

For more details about using CDV's REST API endpoints, see REST API endpoints.

New API endpoint to create resources for Visibility

When configuring Cloud Discovery & Visibility, a subset of users may not have the required permissions to configure the queue permissions required by Cloud Discovery & Visibility for visibility tasks to retrieve information from your cloud environment. Cloud Discovery & Visibility v23.1 introduces a new API endpoint that enables users with the correct permissions to create the required queue permissions on the cloud environment. The API returns the queue names that were created in the cloud environment, and users without the required queue permissions can use the names to configure visibility in CDV.

The following new API has been added:
POST /visibility/system

You can run this endpoint directly from CDV's Swagger documentation page. Go to https://<URL or IP address>/cloud-discovery/api/v1/doc on your CDV instance, then change the provider in the list box at the top (from GENERAL to AWS, GCP, or AZURE).

You'll need to provide account information to the endpoint as a JSON fragment, depending on the platform:

Amazon Web Services (AWS):
{
  "authentication": {
    "region_name": "string",
    "aws_access_key": "string",
    "aws_secret_key": "string",
    "aws_role_arn": "string",
    "aws_mfa_arn": "string",
    "aws_mfa_code": "string",
    "is_running_on_native_cloud": false
  },
  "options": {
    "virtual_machines": false,
    "load_balancers": false,
    "k8s_service": false,
    "private_endpoints": false,
    "public_dns_zones": false,
    "private_dns_zones": false
  },
  "visibility": {
    "sns_topic_name": "string",
    "eventbridge_rule_name": "string",
    "sqs_name": "string"
  }
}
Microsoft Azure
{
  "authentication": {
    "azure_tenant_id": "string",
    "azure_client_id": "string",
    "azure_client_secret": "string",
    "is_running_on_native_cloud": false,
    "azure_subscription_id": "string",
    "azure_resource_group": "string"
  },
  "options": {
    "virtual_machines": false,
    "load_balancers": false,
    "public_dns_zones": false,
    "private_dns_zones": false,
    "private_endpoints": false,
    "k8s_service": false
  },
  "visibility": {
    "sb_namespace_name": "string",
    "sb_queue_name": "string",
    "eg_subscription_name": "string"
  }
}
Google Cloud Platform (GCP)
{
  "authentication": {
    "type": "string",
    "project_id": "string",
    "private_key_id": "string",
    "private_key": "string",
    "client_email": "string",
    "client_id": "string",
    "auth_uri": "string",
    "token_uri": "string",
    "auth_provider_x509_cert_url": "string",
    "client_x509_cert_url": "string",
    "is_running_on_native_cloud": false
  },
  "options": {
    "virtual_machines": false,
    "load_balancers": false,
    "k8s_service": false,
    "private_endpoints": false,
    "public_dns_zones": false,
    "private_dns_zones": false
  },
  "visibility": {
    "pubsub_topic_name": "string",
    "pubsub_subscriptions_name": "string",
    "logging_sink_name": "string"
  }
}

For more details about using CDV's REST API endpoints, see REST API endpoints.

(GCP) Support for IPv6 on GCP

Cloud Discovery & Visibility v23.1 introduces support for IPv6 network configurations for Cloud Discovery & Visibility virtual machines deployed on GCP.

Introduction of Creator UDF in Address Manager

Starting in Cloud Discovery & Visibility v23.1, when Cloud Discovery & Visibility adds cloud objects into Address Manager from discovered resources, a new Creator UDF appears on the object to indicate that the object is managed by Cloud Discovery and Visibility. The following Address Manager objects are now tagged with the Cloud Discovery and Visibility Creator UDF when imported into Address Manager:
  • Configurations
  • IPv4 blocks
  • IPv4 networks
  • IPv6 blocks
  • IPv6 networks
  • Devices
  • Device Types
  • Device Subtypes
  • Tag Groups
  • Tags
  • Views
  • Zones

Additionally, a new API has been added that allows you to update all previously discovered and imported cloud resources in Address Manager with the Creator UDF.

The following new API has been added:
PUT /update/resources

You can run this endpoint directly from CDV's Swagger documentation page. Go to https://<URL or IP address>/cloud-discovery/api/v1/doc on your CDV instance.

For more details about using CDV's REST API endpoints, see REST API endpoints.

(AWS) Support for configuring multiple AWS credentials for different regions on EC2 instances

When Cloud Discovery & Visibility is deployed on an EC2 instance, you can now import multiple ARN roles for use by CDV. Each set of ARN roles can be applied to a different region.

For more details about configuring multiple AWS credentials for different regions, see AWS Credentials: Basic tab.