User Guide

Segment Types Reference

A Segment defines a portion of your network and the discovery method AlloyScan uses for it. AlloyScan supports seven segment types.

Types

Type Discovery target Required credential type Status
Address list IP ranges, subnets, DNS names, NetBIOS names Windows, Linux and macOS, Hypervisor, or SNMP - depending on target Available
Domain Active Directory domain members Windows Available
AWS AWS cloud resources (EC2 instances, AMIs, Subnets, Zones, Database instance, Key pairs, Network interfaces, Load balancers, S3 buckets, Virtual private clouds, Security groups) AWS Preview
Azure Azure cloud resources (Virtual machine instances, Application gateways, Load balancers, Network interfaces, Public IPs, Resource groups, Security groups, Subscriptions, Virtual networks, Volumes) Azure Preview
Google Cloud Platform Google Cloud Platform resources (Virtual machine instances, Big table, Images, Load balancers, Public IPs, Security groups, Subnets, Virtual private clouds, Volumes) Google Cloud Platform Preview
Google Directory ChromeOS and Chromebook devices managed through Google Admin Directory Google Directory Preview
Jamf macOS computers, iPhone / iPad devices, and other Apple mobile devices managed through Jamf Pro Jamf Preview

When to use each type

Type Best fit
Address list You know the network addresses or hostnames to scan.
Domain You want to enumerate Active Directory computers from a domain context.
AWS You want cloud-resource Inventory from AWS accounts or regions.
Azure You want cloud-resource Inventory from Azure subscriptions or resource scopes.
Google Cloud Platform You want cloud-resource Inventory from Google Cloud Platform projects.
Google Directory You want Chromebook Inventory from Google Admin Directory.
Jamf You want Apple device Inventory from Jamf Pro.

Common Segment fields

Field Type Description
Name string Free-text segment name.
Type enum (1 of 7) Fixed at creation.
Audit service reference The Audit Service that performs scan and audit. A segment without an assigned service can show prior scan results but cannot run new scans.
Address list / Domain / Cloud scope type-specific The actual scan scope.
Audit credentials reference Credential records the segment uses to authenticate.
Scan schedule reference Optional recurring scan cadence.
Automatically audit discovered devices boolean When ON, newly discovered devices are audited automatically on the next cycle.
Auto tag reference Optional tag applied to every device discovered by this segment.

Constraints

  • A segment has exactly one of the seven types; the type is fixed at creation.
  • A segment without an assigned Audit Service can show devices found by previous scans but cannot run new scans or audits.
  • Cloud segments (AWS, Azure, Google Cloud Platform) are Preview features and may change between releases.
  • Google Directory Chromebook audits are Preview features and may change between releases.
  • Jamf Apple-device audits are Preview features and may change between releases.