Azure Management Group Discovery

Satya5 · ‎03-19-2022

Hi Folks,

Greetings.

we are on a Journey of Implementing Cloud discovery in our Organisation.

I need clarity on the below queries

1.WE have a couple of Azure Management Groups which consists of 1000 of subscription, need advice on how to segregate and run discovery on this cloud sub-account will be much appreciated any automation can be used to track all account discovery status or please suggest the ways you have followed in your organization (We are not targeting ip based discovery at this moment).

2. We get a lead time of 24 hours in a week to run all our discoveries so we want to manage the discovery of all cloud resources in that time. server resources or of no concern we can build multiple mid server.

3.Is there a way to automatically update the changes in cloud data back to CMDB on-demand basis.

4. Any folks who have implemented the cloud discovery please provide your experiences, do's, do not's and lessons learned which will help us.

Thanks all for your support.

Regards

Satya

Ram Devanathan1 · ‎07-21-2022

you need to provide the IDs of the mgmt group from the azure side.

User271720 · ‎05-03-2023

Hi @Ram Devanathan1 ,

Thanks One question our Azure Tenant is setup in such a way that we have multiple Management Groups under Parent Tenant Group , when I try to discover the child management group I get the error

"<comments>Failed to execute API - Failed with status code and message: 400: {"error":{"code":"InvalidSubscriptionId","message":"The provided subscription identifier 'LandingZone' is malformed or invalid."}} (script_include:CloudRESTAPIInvoker; line 159)</comments>"

Should we select the Parent Tenant Mangement Group or is the Servicenow side accepting a ObjectID and we are providing a friendlyname not an ObjectID.

Ram Devanathan1 · ‎05-03-2023

@User271720 you can set child management groups always but do note then for each of the mgmt groups at that level, you will need to have separate schedules. instead you can have all under 1 schedule by choosing root management group. if you are giving the mgmt group ID it should work fine. if you are seeing issues, please raise a support case so our support team can guide you.

Nilanjan1 · ‎05-03-2023

I may be incorrect @Ram Devanathan1 but I think the object ID are something that the Azure Admin's set and since it is not a alphanumeric character it is giving an error. so may be @User271720 needs to check the configuration at the Azure end before he runs the schedules again. I have faced this issue and have to go back and re-rectify it to a correct subscription ID before I ran the schedules again.

Regards

Nilanjan

sourabh5190 · ‎08-07-2024

Hello @Nilanjan1 ,

As you mentioned that you also faced same issue, did you add the subscription ID or you got an alphanumeric value for management group. Even in our client's environment, we have name instead of alphanumeric value.

Thanks,

SB