Retrieve newer accounts/sub-accounts automatically via Cloud Discovery

srikanthnelapud · ‎01-28-2021

This article is the result of the recent asks from the customer(s) regarding the possibility of discovering the sub-accounts automatically in a Cloud i.e., I have a master account and few member accounts as well so if tomorrow a new member account is added then can I get it seamlessly and if so, how do I.

In PARIS, we released the feature called - "Auto-Refresh of Sub-Accounts and Datacenters"

This feature is controlled by?

A system property – “glide.discovery.cdu.auto_refresh_sub_accounts_and_ldcs”
Values – True/False.

This feature is applicable for?

All Cloud Discovery schedules i.e., Discovery type is ”Cloud Resources”

Working of the Feature?

Every Discovery Run kicked off automatically i.e., as per schedule goes through the script include – “Discovery”
The API – “_syncAndUpdateLDCsAndSubAccountsForSchedule” in it is responsible for fetching all the data
API triggers the patterns configured in the “Cloud topology discovery pattern” (sa_cloud_topology_discovery_pattern) table
Fetching sub Accounts and datacenters is dependent on the Cloud Schedule configuration

System Property is set to "FALSE"

Deletes the invalid configuration of the Discovery Schedule in the table “cmp_discovery_ldc_config” table
No refresh of accounts and datacenter is triggered.

System Property is set to "TRUE"

Refreshes the LDCs for existing member accounts (related projects (GCP) as well) so that missing or deleted LDCs are restored back in the system.
If the user has selected “all accounts for master” (Toggled the slider to select all members in the Discovery Schedule- CDU UI/Cloud Wizard UI) then it means if any new sub-account is discovered then we create an LDC config for it also. Thereby syncing the new accounts automatically for the current discovery schedule.
Deletes the invalid configuration of the Discovery Schedule in the table “cmp_discovery_ldc_config” table

Type of Cloud Schedules supported?

AWS Master and Member account(s)
Azure Management Group and Subscription(s)
GCP Folder and Project(s)
GCP Organization and Related Project(s)

Shreya Jain1 · ‎07-12-2022

Hi Srikanth,

What does it mean as invalid configuration in point 3. If Service Account is not discovered, and is marked as Absent, will it delete that accounts entry from “cmp_discovery_ldc_config” table?

System Property is set to "TRUE"
1. Refreshes the LDCs for existing member accounts (related projects (GCP) as well) so that missing or deleted LDCs are restored back in the system.
2. If the user has selected “all accounts for master” (Toggled the slider to select all members in the Discovery Schedule- CDU UI/Cloud Wizard UI) then it means if any new sub-account is discovered then we create an LDC config for it also. Thereby syncing the new accounts automatically for the current discovery schedule.
3. Deletes the invalid configuration of the Discovery Schedule in the table “cmp_discovery_ldc_config” table

Regards,

Shreya

DaveB_74 · ‎02-02-2023

This appears to only work if there is a Discovery schedule for the main (root) account and not if it is kicked off by existing sub-accounts. Is there a way for this to trigger the "Refresh Sub Accounts" when triggered by a sub account?

Saurav · ‎02-09-2024

Hi @DaveB_74

I have similar question did you get an answer / solution for this ...
As we use both Sub Account and Mgmt Account , so what will happen to the Sub Account based Discoveries if we enable the property.

Arun96 · ‎03-11-2024

Hi @srikanthnelapud ,

I checked the KB article

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0961449

It is almost same as your article. I couldn't find the field mentioned in the KB article 'all accounts for management'.

I looked for this field while creating a discovery schedule (The UI action available on Cloud Service Account form).

Am I looking for this field in the wrong form? It would be great if you can provide any input.

Thanks,

Arun