Hi @Keerthy S 

If you are able to discover 5% of the servers that means the credentials are able to connect with your project and are able to discover. Ideally, you won't be able to the second screen on your discovery schedule if the credentials are incorrect which shows the data centers, hence that prove that your credentials are able to connect. 

Now to the problem where 95% are missing - are you looking at the VM instances (cmdb_ci_vm_instance) or actual windows servers records (cmdb_ci_win_server)? If VM instances are missing only issue I can think of is the credentials do not have the right permission to discover all the servers, confirm with your AWS team if the service account has all the required API access and to all accounts where these Servers are hosted. If its the windows servers, then you might be missing the local admin credentials to those machines. If you have the credentials, make sure you have created them in the credentials table then only servers will be discovered. 

To answer your queries

1. How to Validate the AWS Credentials? (i.e I'm trying to validating the credentials again)

Answer - If the credentials are incorrect, you will straight away see an error logged on the discovery schedule and the discovery will not execute.

2. For your point 2, the answer is in the error logs itself - ' (ii) Adding target to blacklist, no valid credential found for type[Window] ' this means that the windows credentials you have are not valid to log into the VMs to create the windows server records. 

3. For your point 3, the discovery will run at the scheduled time and if the VM is available at that time it will be picked up and created in ServiceNow as a CI. Now you need to make sure to discover the Windows server you already have/create local admin credentials which are the same as you have in your credentials table so it can be used to login into these VMs to perform server-level discovery 

4. What level of access, does our AWS Service account ID should have. ? i.e Local admins rights.. etc..  ? 

Answer - The AWS Service account only discovers your cloud layer which will populate the VM Instance table and you will need to create a Master account with the default ‘OrganizationAccountAccessRole’ role for that. But to discover the server layer (windows server) in your case, you need windows local admin credentials for all the servers. It could be the same credentials or you need to create multiple credentials for each server if all the servers have a different 

5. To get successful AWS discovery, can you please list out the items to be configured. I have listed out few as per my knowledge. Please help me to fill if i missed any. 

Answer -       

1. AWS Service Account 

2. AWS Account ID

3. Windows MID Server reachable to ServiceNow and your AWS Org

4. Ports required for specific type of CIs- 

5.  Does AWS Credentials will automatically will discover all the CIs in AWS Cloud. Or like On-Prem discover, do we need our service account to be installed in each CIs. ?   

Answer - No, AWS Credentials cannot automatically discover all Server layer details, you still need local credentials for each server to run a discovery. 

Please go through the product documentation as this will help you a lot with all the above queries - https://docs.servicenow.com/en-US/bundle/tokyo-it-operations-management/page/product/discovery/conce...

Thanks
-Harneet Sital
Request you to please mark my answer as HELPFUL or CORRECT based on the impact
Find all my ServiceNow articles here