Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Azure Cloud Discovery

Go to solution
Nisha30
Kilo Sage

2 hours ago

Hi ITOM Experts,

 

For Azure cloud Discovery ? Is MID Server mandatory ??? what ports to be opened (default 443???)

 

Thanks

0 Helpfuls
  • 200 Views
1 ACCEPTED SOLUTION

Go to solution
MaxMixali
Tera Guru

2 hours ago

I hope that can help. 

 

No, MID Server is NOT mandatory for Azure cloud discovery. ServiceNow supports two methods:

  1. Direct API Connection (Agentless) - ServiceNow connects directly to Azure APIs via HTTPS without requiring a MID Server
  2. MID Server-based - Uses a MID Server if you have network restrictions or prefer routing through your infrastructure

Most organizations use the direct agentless approach as it's simpler and Azure APIs are publicly accessible.

Ports Required

For direct/agentless discovery:

  • Port 443 (HTTPS) - This is the default and primary port needed
  • Outbound connection from ServiceNow instance to Azure APIs:
    • management.azure.com (Azure Resource Manager)
    • login.microsoftonline.com (Azure AD authentication)

For MID Server-based discovery:

  • Port 443 - MID Server to Azure APIs
  • MID Server also needs standard connectivity back to your ServiceNow instance
  •  

View solution in original post

5 REPLIES 5

Go to solution
MaxMixali
Tera Guru

2 hours ago

I hope that can help. 

 

No, MID Server is NOT mandatory for Azure cloud discovery. ServiceNow supports two methods:

  1. Direct API Connection (Agentless) - ServiceNow connects directly to Azure APIs via HTTPS without requiring a MID Server
  2. MID Server-based - Uses a MID Server if you have network restrictions or prefer routing through your infrastructure

Most organizations use the direct agentless approach as it's simpler and Azure APIs are publicly accessible.

Ports Required

For direct/agentless discovery:

  • Port 443 (HTTPS) - This is the default and primary port needed
  • Outbound connection from ServiceNow instance to Azure APIs:
    • management.azure.com (Azure Resource Manager)
    • login.microsoftonline.com (Azure AD authentication)

For MID Server-based discovery:

  • Port 443 - MID Server to Azure APIs
  • MID Server also needs standard connectivity back to your ServiceNow instance
  •  

Go to solution
Nisha30
Kilo Sage
In response to MaxMixali

2 hours ago

Thanks @MaxMixali that was clear.

 

Just curious so what will be discovered via this Azure principal Account?

I was going through lot of threads and it mentions about IP based discovery and cloud discovery.

 

what is dicsovered by normal Azure service principal -account (which NOT uses Midserver) ??

and

what is discovered by IP based discovery ?

 

Thanks

0 Helpfuls

Go to solution
MaxMixali
Tera Guru
In response to Nisha30

2 hours ago

Hi, worked recently in a customer with this Hyperscaler and a big virtual data center to discover 
 
1) What Is Discovered Using an Azure Service Principal (WITHOUT MID Server)?
 
This is Cloud Resource Discovery, also known as Cloud Inventory Discovery.
 
--- Uses Azure APIs only
 
NO MID Server
NO IP scanning
NO credentials for VMs
NO SNMP
NO WMI
NO SSH
 
 2) What Is Discovered by IP-Based Discovery (WITH MID Server)?
 
IP-based Discovery = Classic Discovery
It requires:
•MID Server
•IP ranges
•Credentials (Windows, SSH, SNMP, DB, etc.)

Go to solution
Nisha30
Kilo Sage
In response to MaxMixali

2 hours ago

Thanks @MaxMixali 

any link or document which i can refer what table gets populated using 1st and what populated using IP based?

0 Helpfuls