Servicenow Discovery - Multicloud

Go to solution
ChaitanyaG26248
Tera Contributor

3 weeks ago

Team,
We have a multi cloud environment. (AWS / Azure & GCP) & we want to perform discovery across all clouds.
As per the environment, cloud team is saying that they can provide connectivity from AWS to Azure & GCP.
It is a best practice? Can we Perform this type of Discovery?

0 Helpfuls
  • 492 Views
1 ACCEPTED SOLUTION

Go to solution
shubhamseth
Giga Sage
In response to shubhamseth

2 weeks ago

@ChaitanyaG26248  Wanted to check whether did you get chance to review this? 

 

Issue resolved? → Mark as Correct


Found value? → Mark as Helpful


View solution in original post

3 REPLIES 3

Go to solution
shubhamseth
Giga Sage

3 weeks ago

@ChaitanyaG26248 

 

Yes, technically this type of setup can work, but from an enterprise architecture and ServiceNow best practice perspective, it is usually NOT the recommended approach for large-scale multi-cloud discovery.

 

Recommended Best Practice

For multi-cloud environments (AWS, Azure, GCP), the preferred approach is:

 

  • Deploy MID Servers close to each cloud environment
  • Keep discovery traffic local to that cloud/network
  • Use cloud-native APIs wherever possible
  • Avoid routing all discovery traffic through one cloud unnecessarily

Example:

  • AWS MID → AWS resources
  • Azure MID → Azure resources
  • GCP MID → GCP resources

This provides:

  • Better scalability
  • Lower latency
  • Better security segmentation
  • Reduced firewall complexity
  • Improved troubleshooting
  • Better resiliency

 

Can Discovery Work Across Clouds?

Yes, if:

  • Proper routing exists
  • Firewall ports are open
  • DNS resolution works
  • SSH/WMI/SNMP/API access is allowed
  • Latency is acceptable

Then a MID Server hosted in AWS can technically discover Azure/GCP resources.

 

Important Considerations

1. Network Latency

Cross-cloud discovery may increase:

  • SSH/WMI timeout issues
  • Slower pattern execution
  • ECC queue delays

 

2. Security Concerns

Security teams may not prefer:

  • East-west cloud connectivity
  • Broad firewall openings between clouds

 

3. Scalability

One centralized MID handling all clouds may become:

  • overloaded
  • harder to troubleshoot
  • a bottleneck

 

4. Cloud Discovery vs Traditional Discovery

For cloud resources, prefer:

  • AWS Cloud Discovery
  • Azure Cloud Discovery
  • GCP Cloud Discovery

using cloud APIs instead of only traditional IP-based discovery.

This is more reliable and cloud-native.

 

Recommended Enterprise Architecture

Most enterprise customers use:

  • Separate MID clusters per cloud/region
  • Dedicated cloud service accounts
  • API-based cloud discovery
  • Local network discovery within each cloud

rather than routing all discovery traffic from one cloud to another.

Final Recommendation

  • Possible? → Yes
  • Supported? → Yes
  • Recommended for enterprise scale? → Usually No

Best practice is distributed MID architecture aligned with each cloud environment.

 

 

Issue resolved? → Mark as Correct


Found value? → Mark as Helpful


0 Helpfuls

Go to solution
shubhamseth
Giga Sage
In response to shubhamseth

2 weeks ago

@ChaitanyaG26248  Wanted to check whether did you get chance to review this? 

 

Issue resolved? → Mark as Correct


Found value? → Mark as Helpful


Go to solution
Harish Bainsla
Kilo Patron

2 weeks ago

Hi @ChaitanyaG26248 

Best Practise 

Instead of routing everything through AWS, you should deploy local resources in each cloud:

  • Deploy Local MID Servers: Place dedicated MID Server clusters inside each cloud environment (e.g., an AWS MID cluster for AWS, an Azure MID cluster for Azure, and a GCP MID cluster for GCP). Keep the heavy discovery traffic local to that specific cloud's network.

and @shubhamseth  already mentioned  point like network letancy , Schedule may fail,Security Concerns etc

So to avoid that Issue use seprate mid for seprate cloud 

If my answer helps please mark helpful and accept solution