Increasing adoption of Infrastructure as a service (IaaS) by businesses large and small is a testament to the benefits of Cloud Computing.
Easily scalable infrastructure is one major reason modern IT teams choose cloud over traditional in house or data center hardware. Adding additional storage capacity, faster compute capability by way of processor or memory upgrades is infinitely easier within your cloud providers config console than it ever was rolling out physical hardware.
Conversely the ability to scale back hardware requirements when storage or compute demands drop was never an option. We're pretty sure nobody ever replaced their server storage disks with smaller ones because they weren't being utilised.
Not having to buy hardware, but effectively renting some cloud server space in most cases leads to lower operating costs. You stay in control of your costs and replace large up front capital expenditure with predictable controllable expenses, by only paying for what you use.
There is no longer a need to purchase large servers with the potential of under utilisation and with the scalable compute power, the need for high end workstations is also reduced, saving you money in multiple areas.
Taking advantage of IaaS also gives you the flexibility to innovate faster, duplicate production environments, scale up or down at will and take advantage of new technologies as they are released. It wasn't that long ago that "serverless" or "containers" had no context in cloud computing.
With great flexibility also comes a new set of challenges.
The ability to access your data and applications from anywhere is both a blessing and a challenge from a security perspective. With bank level encryption, advanced firewalls and security built in, you have a lot more tools to deploy to keep out hackers, disgruntled employees or internal users looking to access data they shouldn't. It's certainly a challenge to secure public cloud infrastructure, especially if you store data subject you PCI SSC or HIPPA audit scrutiny.
Backup and recovery is also a lot less complex in these days of seemingly infinite storage capacity. Gone are the days of lining up DAT tapes for weekly and incremental backups for offsite disaster recovery. It also helps if you have systems to capture changes in your cloud configuration so you know exactly what changes have happened and whether it can be manually fixed before resorting to recovery via restore.
So let's take a look at why you should be visualizing your cloud environments.
1. Security Visualization
As we were mentioning, moving your applications and data to public cloud means you need to pay particular attention to how traffic enters your network and where it is allowed to go.
Having the ability to visualize your AWS security groups for instance, immediately transforms complex console parameters with potentially hundreds or thousands of settings into an instantly understandable map of your network security.
Lay your open ports on top of that so you can see ingress points, IP addresses, TCP port numbers, egress ports and you can instantly see and show new team members exactly what is going on. It will also provide the evidence to auditors that your network conforms to HIPPA and PCI SSC standards, especially if you are storing sensitive financial data.
2. Visual Communications
Without question, visual aids improve communication. Could you imagine trying to describe your company and department hierarchy without using an org chart. It could take hours and completely confuse the person you are trying to convey the information to.
Even worse, imagine handing over all the company HR files and asking them to work it out. I mean, all the information is in there. It's all in the data. It shouldn't take more that a week or two to figure it out.
So why do we do that with cloud infrastructure?
Our team have a long history in cloud consulting and one of the first tasks when taking over a new client account is establishing what is running where and how it's configured. Rarely were there a set of up to date infrastructure diagrams explaining the status quo.
Having up to date network diagrams to easily communicate the big picture,
- what resources are in play?
- where's the data stored?
- what availability zones host the applications?
- what are the access points?
- is there any load balancing?
- is there redundancy built into the design should there be a zone outage?
All these questions and hundreds more are answered by a simple infrastructure diagram
When issues occur you need to find out fast what went wrong. Did your team push new infrastructure code that broke the network. Did another team on another project break yours. Has something that was there yesterday suddenly disappeared.
Having a current up to date infrastructure diagram, or list of resources that you can compare to a snapshot of your previous configurations gives you the perfect place to start troubleshooting.
If you have automated systems in place to capture config changes and store the previous pre-state change diagrams, you'll always have the luxury of visual comparisons at your disposal.
It's probably fair to say that the lag between intended network reconfiguration and updating of diagrams and documentation is almost always greater than anyone intended. That's of course if the documentation ever gets updated.
Automation is the only reliable course of action.
4. Faster onboarding of staff and contractors
Bringing new engineers or consultants onto your cloud based projects is difficult at the best of times. Now with management looking for cost savings or putting pressure on you to deliver outcomes faster, the sooner new staff can get up to speed the better.
We've already discussed the benefits of visual based communications. Onboarding new team members is no different. Seeing an infrastructure diagram immediately communicates exactly what is going on. Handing over console credentials and access to your documentation repo will also work...... eventually.
Having visualized environments is just quicker, smarter, more efficient and gets new team members up to speed at a fraction of the cost of doing it manually.
Which also applies to external consultants. If you bring in external cloud consultants to work on infrastructure redesign or security, there's a really obvious tangible cost associated with them getting up to speed with your project. Anything that can reduce the time that takes could potentially save your business money and allow them to move the project along faster.
Any documentation including Cloud Diagrams is useless if it is not accurate.
Even if manual documentation is created with precision, it will soon become out of date especially in today's dynamic environment.
It's extremely easy to miss resources you are not aware of, or include ones that have recently been modified or deleted especially with multiple teams working on different projects in the same cloud accounts.
Auto generating infrastructure diagrams removes the capacity for manual errors. What's on the diagram is what is running. This gives your team certainty. It allows your architects to review the build pipeline and ensure what was designed, is what was built. It also gives your devops and engineers the capacity to quickly review implementation strategies to ensure everything went according to plan.
6. highlight anomalies
When you visualize your cloud environments for the first time there is a good chance there will be resources or instances you weren't expecting.
Outliers that aren't connected to anything. Unused old test environments. Duplicated resources, or open ports used in the development stage that should have been locked down, but weren't.
These can be difficult to spot in management consoles, but are immediately obvious when visualized on an infrastructure or security diagram.
If you don't know something exists, it's a safe assumption that you won't go looking for it.
Automated diagrams will reveal all.
7. Reporting & Governance
Finally, visualizing your cloud infrastructure allows you to document the state of play in your build pipelines and internal document repositories. There's any number of advantages to extracting and storing accurate documentation.
It also allows you to include visual representations in management reports, audit responses and presentations to stakeholders at every step of the way.
Having a system in place that can extract fresh documentation in seconds so you can provide accurate governance reporting is a major benefit when you can visualize your cloud infrastructure.
How can you automate your cloud diagrams?
Cloud computing is now mainstream and accurate documentation and diagrams are key to well managed cloud infrastructure and projects.
Using a tool like hava.io delivers these 7 major benefits of visualizing your cloud environments. Just connect your AWS, Azure or GCP accounts to Hava and within a few minutes, you'll have a clean, logically laid out diagrams of your infrastructure.
You'll also have a detailed resource list which includes estimated monthly costs at a resource level which provides a solution to How to monitor your cloud spend and a unique AWS security diagram showing security groups, ports and traffic flows.
Once connected, Hava monitors your configs continuously and logs any changes. When change is detected, a new set of diagrams are automatically generated and the old version archived to Version History so you always have comparison data on hand.
Hava offers a free 14 day trial so you can see it in action using your cloud config data. You can also view demo data if you just want to explore.
(No Credit Card Required)