Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Amazon Web Services

Reply

Vdiscovery in AWS Multi Account Environment

[ Edited ]
New Member
Posts: 2
5841     1

I have Installed Infoblox Vnios in our AWS infrastructure with the purpose of having an easy solution for IPAM in the cloud. (No DNS or DHCP needed.) When Configuring Vdiscovery Job is works as expected and Infoblox Discovers the VPC CIDR range, all subnets and all Instances of that individual account. 

1 - Our current question is, for an AWS Organizations environment with hundreds of accounts like ours, do we have to configure individual Vdiscovery jobs pointing to every individual account?  Or is there a better way to achieve a single Vdiscovery job that will collect information about multiple accounts? 
We have tried configuring a Vdiscovery job agaisnt an account that has permissions to see EC2 information on all other accounts, but that did not help. 

2 - Also not sure this will be relevant but the option to use Instance profile for Credentials of the Vdiscovery job is greyed out (can't select it), even tho the EC2 instace has a IAM Role attached as per the instructions.  - Deployment Guide: Deploy Infoblox vNIOS Instances for AWS - Draft
instance profile greyed out.pngInstance Profile Instructions.pngEC2 isntance role assigned.pngSingle Account Vdiscovery OK.png




Re: Vdiscovery in AWS Multi Account Environment

Superuser
Posts: 65
5841     1

For question 1, for now setting up a vDiscovery job for each account is the only way to collect data accross all of them.

 

On question 2, did you add the IAM role after deploying the instance or during deployment? I have seen it fail to recognize there is a role assigned if added after deployment, not sure on a workaround for this. You may need to open a support case to investigate.

Re: Vdiscovery in AWS Multi Account Environment

New Member
Posts: 2
5842     1

Thanks for the answer, it's a shame about  issue 1)

For issue 2) we will try to see if adding role during deployment will have an impact, thanks for the info 

Re: Vdiscovery in AWS Multi Account Environment

New Member
Posts: 1
5842     1

Any update since 2021?

 

Can it discovery multiple accounts now?

Re: Vdiscovery in AWS Multi Account Environment

New Member
Posts: 1
5842     1

Hello, I have the same problem. We have our Infoblox IPAM in our On-Premise CPD, and we want to discover with vDiscovery the networks, vpc, ec2 instances, but we have multiple accounts in AWS. Still not eligible for an AWS role from vDiscovery?


Today, what solution exists for our case of having multiple accounts in AWS?

Do we have to configure a vDiscovery for each AWS account?

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You