AWS Discovery difference: Service graph connector vs Credential-less discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2025 10:11 PM
Hi all,
Can someone please clarify the differences between implementing AWS Discovery via the Graph Connector and the credential less method regarding data completeness, real-time data capabilities etc.
Setup is different altogether, but is there any advantage of choosing one method over another.
Thank you,
Arpan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2025 10:24 PM
Hi @Arpan1 ,
Credential less discovery works on NMAP, It will bring very basic details which will be not sufficient for completeness rule where as Service Graph brings all the required data from AWS including cloud resources, relationships, and state in real time. this will do Deep discovery of applications for ITAM or SAM outcomes.
So recommendation would be go for ServiceGraph over credential less but if you are using cloud discovery then that is the best choice.
-------------------------------------------------------------------------
If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.
Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay
-------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2025 10:42 PM
We can see relationships in credential less setup also.
Main issue is -
Need to create 'n' discovery schedules depending upon number of member accounts (count is large) and need to run it daily which becomes a load.
What do you mean by real time data? Will it fetch resources as frequently it is getting created in AWS console, or once we do the import on scheduled basis (possibly like SCCM)