Azure Diagrams

When you are working with any cloud computing virtual infrastructure, there are many benefits to creating and maintaining accurate Azure Architecture diagram sets.

You can immediately communicate the network design to both technical engineering staff and also management where necessary.  If you are onboarding new engineers, or engaging external consultants, you can bring them up to speed very quickly with a well laid out infrastructure diagram.

If you have spent too many hours manually creating Azure network diagrams to keep tabs on your network design, then you also appreciate how much time is saved and how many errors are eliminated when you fully automate the diagramming process.

Azure is one of many cloud platforms that are compatible with hava.io which will safely connect to your cloud console configuration via read only credentials to automate the production and updating of azure architecture diagrams like this:

Connecting your Microsoft Azure account to Hava so that your diagrams can be automatically generated is a relatively simple process.

To import your environment resources from Microsoft Azure, you will need to access your Azure Portal at https://portal.azure.com , create a new Service Principle and retrieve a set of credentials to connect to Hava.

To connect to Hava, open the Azure Portal and launch PowerShell from the top menu bar :

1. Launch Powershell

Open the Azure Portal and launch PowerShell from the top menu bar

 

2. Create Service Principal

You will need to create a new Service Principal from the command line and a display name. In the below code example, we’ve used HavaServicePrincipal you can edit and choose a name that suits you.

3. Assign Reader Role

Hava only requires read-only access so, you can assign the read-only permissions to the Service Principal account using the below command.

 

4. Create the Password

Once you’ve created the Service Principal and assigned it with a Reader Role, you need to create password credentials to attach to the Service Principal.

 

5. Obtaining the Credentials

The final step required is to retrieve the necessary credentials to input into Hava.

 

 

 

Once you have the required credentials, you can log in to Hava which will open up the environments screen.  You then select "Add Environments"

 

Click on the "Azure" Tab and enter the credentials you have just gathered from your Azure PowerShell.

Hava will import your Microsoft Azure Environment, layout the diagram and add the environment tile to the Hava dashboard. From this point Hava will periodically sync with your Azure configuration and log any discovered changes, so you always have an accurate visual representation of your Azure Environment on the interactive diagrams.

The Azure diagrams produced are laid out by resource group which might contain subnets running in virtual networks.  All of the resource metadata isn't placed on the diagram, but is displayed in a contextual attribute pane to the side of the diagram.

Connections and resource names can be toggled on or off depending on your preference.

This keeps the infrastructure diagram uncluttered, but allows you to select the interactive elements of the diagram, like a virtual network, subnet or individual resources like gateways, load balancers, virtual machines, virtual network peering connections and storage accounts. When you select a resource, all the metadata and settings are displayed alongside the diagram in the attribute pane and are contextual to the currently selected element.

With nothing selected on the diagram, the attribute pane displays information about the entire Azure environment including a usage cost estimate.

Versioning is one of the most powerful aspects of using Hava as part of your build pipeline or DevOps strategy. Hava keeps track of any changes detected in your Azure infrastructure via continuous automated polling of your infrastructure configuration.

Once a change is detected, a new diagram set is spawned and the superseded diagram set is placed in the version history.  You can select older versions to view and they remain fully interactive, not just a static diagram. You can click into resources, inspect attributes and settings just as you can on the live diagrams.

Selecting an older diagram set, you can pull up the older version in a separate browser and compare current diagrams side-by-side so you can visually detect the differences.

You can also export current and superseded diagrams in JSON format and Diff the files to surface all the changes .

All the interactive diagrams are exportable in a number of formats.

There is currently no way within Hava to draw diagrams from scratch or to add or remove elements.  This is because the diagrams are designed to always reflect the source of truth at any point in time.  You can alway be confident that what you are looking at on the Hava diagrams reflects reality. This is because there is no way to add or remove diagram elements and resources.

We do however appreciate that sometimes you would like to use a Hava diagram as a starting point for some redesign work, or you would like to annotate a diagram to explain elements of the diagram in management or sales presentations. To that end, Hava provides:

Azure Diagrams for Visio

The VSDX export option is the solution that enables you to export your Microsoft Azure infrastructure diagrams in Visio format.  You can then use Visio or a compatible application like draw.io to import the diagram for manipulation.

This provides editable diagrams while also maintaining the integrity of the diagrams and data held within the Hava ecosystem, so you have an unquestionable source of truth reference during a PCI compliance, Insurance or other types of audit.

Microsoft Azure Network Diagrams

On top of the standard infrastructure and 3D diagrams, there are two more diagrams for Azure that are produced automatically by Hava.

The extended infrastructure view is based on the infrastructure view, however it adds some more metadata to the diagram like full resource names, IP addresses  and resource sizes.

The final diagram is the "List View" . This diagram is more like a report and as the name suggests, is a list of all the resources discovered in your environment.

This includes elements that are not visualised on the diagrams.  Some resources may have dozens of reasonably unimportant instances like network interfaces or virtual machine extensions, which if visualised would make the diagrams difficult to read.

The list view is where you can find these resources.  The list can be filtered, sorted by name, type or price and exported to CSV for easy import into a spreadsheet for cost analysis. The list view also includes the resources that are visualized on the infrastructure view.

The visualised resources are detailed below. 

 

Hava.io provides a fast, efficient and accurate method of generating and maintaining your Microsoft Azure cloud network topology diagrams automatically, providing you better internal communications, the ability to surface resources you may not have known were running and to be able to respond to events and outages using a safe repository of network configuration history. Hava.io also polls your settings continuously and automatically updates your diagrams when changes are detected, providing always up to date hands-free Azure Infrastructure diagrams.

 

If you are not using Hava yet to document your Azure cloud environments, you are welcome to try a 14 day free trial, absolutely no obligation or pressure and no credit card required to sign up.