This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cloud Discovery: Frequently Asked Questions

sophie
Lansweeper Employee
Lansweeper Employee

on ‎11-19-2024 04:05 PM - edited on ‎12-10-2024 12:18 PM by Lansweeper Tech Support

TL;DR-Sweepy-Icon (1).png
This page covers some frequently asked questions regarding Lansweeper's Cloud Discovery.

Lansweeper’s Cloud Discovery identifies and catalogs all assets within your cloud infrastructure, including virtual machines, storage buckets, databases, and more.

Frequently asked questions (FAQ)

I configured my AWS, Azure or GCP discovery action and assets are not ending up in my Lansweeper Site: Inventory > Cloud assets.

  • Ensure you set up the right access from Lansweeper Site to your public cloud environment. See Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).
  • If you encounter the following error while creating the discovery action:
    "The application does not have the required permission to access the key vault. Ensure the application has ‘GET secret’ and ‘LIST secret’ permissions."
    It indicates that the app registration does not have access to the secrets of the key vault. While it can access the key vault itself, it cannot read the secrets.
    To resolve this issue, you need to add an Access Policy to the key vault and grant the application the required permissions.

    • In the Access policies section of the key vault, you need to define the access of your Application (App registration) to the secrets (Get and List access). You must also add your own user account access on the secrets. This will allow you to edit the secrets.

      Cloud Discovery FAQ 1.png

    • When receiving this message while configuring AWS: “Missing role permissions or the Site ID is missing from the policy configuration”, ensure you set your Lansweeper Site ID (in https://app.lansweeper.com > Configuration > Site settings) in the permissions of the policy aws:PrincipalTage/siteID with a value similar as “3805ffa8-c8ca-4276-cb34-331ab64b3784“ (not your AWS account number).

    • This is also described in this Medium article: Accessing Azure Key Vault Secrets with Azure Functions.
  • If you can’t find the audience field for Azure federated credentials:
    In the German version of Azure, this appears to be the Benutzergruppe field. For your convenience, we have included a screenshot of the English version below so you can follow the steps in the KB article.

    credential.png

  • Ensure there are no hidden trailing space characters in the secret value of the key vault.
  • Ensure the Lansweeper Site ID saved in the secret is indeed the ID of the Lansweeper Site you are creating the Cloud Discovery action in (see Configuration > Site settings > Site ID).
  • When you create the Cloud Discovery action, set a trigger to occur 5 minutes in the future (for testing purposes) and wait 10-15 minutes before checking the inventory.
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now
Version history
Last update:
‎12-10-2024 12:18 PM
Updated by:
Lansweeper Tech Support