How do I see the Service Account a cloud tag is associated with

Report Inappropriate Content · ‎03-25-2022

Cloud tags show up in the cmdb_key_value table with a reference field for the Configuration Item, but I am having a hard time writing a CMDB query or report that will show the Service Account associated with that Tag. We have over 100 AWS accounts and knowing which service account is having tags being used out of compliance is critical for our review process.

How do I relate records in cmdb_key_value table to cloud service accounts?

Report Inappropriate Content · ‎03-31-2022

I was able to resolve this issue through building a Database View that tied the cmdb_key_value (key value) table up to the Cloud Service Account table via the Configuration Item that is in the cmdb_key_value table.

rel1 Where Clause: keyvalue.configuration_item = rel1.parent and rel1.type = "5f985e0ec0a8010e00a9714f2a172815"

rel2 Where Clause: rel1.child = rel2.parent and rel1.type = "5f985e0ec0a8010e00a9714f2a172815"

ci Where Clause: rel2.child = ci.sys_id

And on the entry for cmdb_ci_cloud_service_account I included the fields for Account ID and Name.

this built a view that showed me all the pieces I need across all the tags discovered.

Key, Value, CI, Service Account Name, Service Account ID

View solution in original post

Shreya Jain1 · ‎09-15-2022

Did you do any customization to get tags for Cloud Service Accounts or is it supported OOB??

Regards,

Shreya

Hail · ‎09-18-2022

Hi

No, it should be part of latest pattern store App.

in cloud discovery definition, when retrieve all sub accounts, it gets also tags for them.

if not working using OOTB, need to open case to support to investigate and assign task to dev.

Hail