Service Graph connector for AWS - FAQs - Product Knowledge

Service Graph connector for AWS - FAQs 1.How does server classification happen in SG-AWS?

Servers are classified as windows or linux in SG-AWS-Software-Inventory data source , by looking at the attribute 'PlatformType' that we received from the payload 2.What is the Deletion strategies in SG-AWS?

- There are two types of deletion strategies that are used in SG-AWS

When the property ' sn_aws_integ.enableOptimizedDeletion' is set to ' true ' , we always run a full load and we compare the current loaded data with the previously loaded data in last run and whatever are present in the last load but not in the current load are marked as 'retired' , We use the existing ' RecordRemoval ' framework of Integration Commons for this whole process. When the property ' sn_aws_integ.enableOptimizedDeletion' is set to ' false ' , The first run where the last run datetime of the data source is empty will be a full load and this load will not retire any resources , the sub sequent runs will be delta loads and in delta load we call the lisrDiscoveredResources API of AWS to figure out if any of the resources that are present in CMDB are deleted in AWS , if we get the response from the API and it contains 'resourceDeletionTime' for the resource then it is considered as 'Deleted' and we will mark it as 'retired' in CMDB. 3.Does AWS SGC gather information from AWS ECS-Fargate resource? Documentation below does not mention populating cmdb_ci_cloud_ecs_cluster?

As of now SG-AWS does not gather information from AWS ECS-Fargate OOB. If the customer wants get this resource then they can add a record with its resource type in ' sn_cmdb_int_util_service_graph_resource_inclusion_whitelist ' and also add vendor as 'AWS' and category as 'Generic' and then if they run the generic resources scheduled import this resource can be imported into 'Cloud Resources' table 4.Does SG-AWS-Software-Inventory pull and map "Cloud license type" OOTB?

No , SG-AWS does not pull cloud license type OOTB 5.Can we do Data filtering in Service Graph Connector for AWS?

Yes we can filter the data that we receive to some extent , We cannot filter data at resource level but we can filter data at account level by giving the aggregator details which can retrieve data only from desired accounts We can also filter data at data center level by populating the regions property in connections with desired regions 6.How does delta load work in SG-AWS?

After every run of every scheduled import in SG-AWS , we update the 'Last Run Datetime' field of the corresponding data source, In the next run we query the api to get us data which is later than the 'Last run datetime' of that data source If the 'Last Run Datetime' is empty , we will run a full load and fetch all the resources 7.Can we get Amazon FSx resource types into CMDB?

Same as question 3 8.How does model id and manufacturer populated in SG-AWS for server?

Model Id and Manufacturer fields of the server are populated by Deep discovery in SG-AWS via the data sources SG-AWS-SSM-SendCommand and SG-AWS-GetS3Object Both of these fields are reference fields , so after getting the values from the import set we call the MakeandModelJs to figure out if the model and manufacturer records already exists in cmdn_hardware_product_model and core_company respectively , if yes then these references are populated in the server record , if not then the MakeandModelJs will create new records and gives the new references and these are populated in the server table. 9.How does deep discovery works?

Please refer to KB2210328 for everything related to Deep Discovery in SG-AWS 10.Is there a way to get resources without giving role to accounts?

No, For the SG-AWS to work efficiently it is always recommended to follow all the setup instructions For more details KB1220597 11.For which resources we bring in tags?

Cloud service Account Cloud load Balancer Cloud data base Cloud Networks Cloud Subnets Storage Volumes Virtual machine instance Server Cloud Mgmt Network Interface Images Cloud Function DynamoDB Cloud Object Storage(S3) Cloud GateWay Kubernetes Cluster Security Group Generic Resources except for IAM user, Auto Scaling 12.Advise why s3:GetObject required for the ec2 instance profile while configuring SGC-AWS?

In SG-AWS-SSM-SendCommand After the commands on the instance we will store the data in the provided S3 bucket and the same output is retrieved in SG-AWS-GetS3Object data source , so to get this data we need the s3:GetObject permission in the ec2Instance Profile Please refer KB2210328 for more details 13.How to get data into New cloud hardware type?

if sn_itom_pattern.use a single hardware type for cloud data centers property is set to ' true ' then SG-AWS will insert the hardware type data into cloud hardware type table instead of cmdb_ci_compute_template, Before setting this property it is recommended to delete all the data from discovery source 'SG-AWS' from the cmdb_ci_compute_template table 14.How to filter data just for production data centers?

If the regions property is populated with comma separated regions ex : us-east-1,us-east-2 that customer wants the data to be populated from Then SG-AWS will only get data from those regions 15.What to do if the import got stuck?

If the SG-AWS Imports got stuck its probably because of a memory issue , Verify which is causing the memory issues. It could also be possible that they are too many partial payloads and that could also cause the memory issue. Verify why there are too many partial records and if possible delete all those partials and run the import again. 16.why is the status showing as pending in SG-AWS-SSM-SendCommand import set?

The SG-AWS-SSM-SendCommand data source will execute the commands in the EC2 instance and then stores the data in to the S3 bucket but it does not process the data and insert/update any CMDB tables that's why the import sets status will show as 'pending' , This import set data is used by SG-AWS-GetS3Object data source to fetch data from S3 Bucket and then insert/update date into CMDB Tables and after that the import sets of SG-AWS-SSM-SendCommand are set to 'Processed/Completed'. 17.How does the key rotation work?

For all the details regarding key rotation Please refer to KB2224401 18.How to kill a running import of SG-AWS?

Generally it is not recommended to kill a running import unless there is an issue with it To kill the import Go to ALL - > System Diagnostics - > Active Transactions (All Nodes) - Check the for the import set transformer jobs , select them and kill 19.How to get data into New cloud os Image?

if sn_cmdb_ci_class.use_single_cloud_os_image property is set to ' true ' then SG-AWS will insert the Images data into cloud os image type table instead of cmdb_ci_os_template, Before setting this property it is recommended to delete all the data from discovery source 'SG-AWS' from the cmdb_ci_os_template table