When you are working with Microsoft Azure, there are many advantages when you create and maintain accurate Microsoft azure diagrams online.
With accurate up to date diagrams on hand, you can effectively communicate your Azure network design to both technical engineering staff and also management where necessary. If you are onboarding new engineers, or engaging external consultants, you can bring them up to speed very quickly with a well laid out Azure network topology diagram.
The problem with diagrams is the time it takes to create them. If you are using manual drag and drop diagram software or drawing packages like visio the process can take forever which is why up to date Azure diagrams are rarely on hand. Nobody has the time or motivation to sit down and create diagrams. You usually have far more important or pressing issues to sort out.
This is where creating Azure Diagrams Online using Hava comes into play.
If you are taking on a new client or development project, having access to infrastructure documentation is a massive advantage when trying to understand exactly what is running on your network.
Back in the dim dark past of our cloud consulting days, diagramming a new client's infrastructure was always the first job in the process. It was always time consuming, laborious but necessary in establishing exactly what was going on prior to starting work on improving or redesigning infrastructure.
If you have spent way too many hours manually creating Azure network diagrams to keep control of your production and development environments, then you can also appreciate how much time is saved and how many errors are eliminated when you fully automate the diagramming process.
Automated Microsoft Azure Diagrams Online
Azure is one of many cloud platforms that are compatible with hava.io which will safely connect to your cloud console configuration via read only credentials to automate the production and updating of azure infrastructure diagrams like this:
Connecting Hava to your Microsoft Azure account so that your network topology diagrams can be automatically generated is a relatively simple process using the SaaS interface.
To import your environment resources from Microsoft Azure, you will need to access your Azure Portal at https://portal.azure.com
You then create a new Service Principle and retrieve a set of credentials to connect to Hava.
To do this, open the Azure Portal and launch PowerShell from the top menu bar :
1. Launch Powershell
Open the Azure Portal and launch PowerShell from the top menu bar
2. Create Service Principal
You will need to create a new Service Principal from the command line and a display name. In the below code example, we’ve used HavaServicePrincipal you can edit and choose a name that suits you.
3. Assign Reader Role
Hava only requires read-only access so, you can assign the read-only permissions to the Service Principal account using the below command.
4. Create the Password
Once you’ve created the Service Principal and assigned it with a Reader Role, you need to create password credentials to attach to the Service Principal.
5. Obtaining the Credentials
The final step required is to retrieve the necessary credentials to input into Hava.
Once you have the required credentials, you can log in to Hava which will open up the environments screen. You then select "Add Environments"
Click on the "Azure" Tab and enter the credentials you have just gathered from your Azure PowerShell.
You may at this point optionally name the connection. Hava will import your Microsoft Azure environment, layout the diagram and add the environment tile to the Hava dashboard.
From this point Hava will continuously sync with your Azure configuration console and detect any discovered changes. When changes are detected a new Azure diagram is created and the superseded diagram is placed into a fully interactive version history, so you always have an accurate visual representation of your Azure Environment from any point in time, whenever required.
The Microsoft Azure diagrams produced are laid out by resource group which typically contain subnets running in virtual networks. All of the resource metadata isn't placed on the diagram, but is displayed in a contextual attribute pane to the right hand side of the diagram.
Resource names and connection lines can be toggled on or off depending on your preference. The resource names appear under the diagram icons when enabled.
This keeps your Azure network topology diagram clean. The diagram allows you to select the interactive elements of the diagram, like a virtual network, subnet or individual resources like load balancers, gateways, virtual machines, peering connections and storage accounts. When you select an item on the diagram, all the metadata and settings are displayed to the right hand side of the diagram in the attribute pane. The metadata and settings are contextual to the currently selected element, as you select different resources, the attribute pane data changes.
With nothing selected on the diagram, the attribute pane displays information about the entire Azure environment including a usage cost estimate.
Microsoft Azure Diagram Versioning
Versioning is one of the most powerful aspects of using Hava as part of your build pipeline or cloud toolkit. Hava keeps track of the changes detected in your Microsoft Azure infrastructure via continuous automated polling of your Azure configuration.
Once a change is detected in your Azure configuration, a new diagram is created and the superseded diagram is placed in the Hava version history. At any time, you can select an older version to view and inspect what the network looked like at that point in time. The versions remain fully interactive, not just a static diagram. You can click into resources, inspect attributes and settings and view in extended infrastructure and 3D just as you can on the live diagrams.
If you need to diagnose a network error or change that has caused your applications to fail or has degraded your application's performance, by selecting an older diagram set, you can pull up the older version in a separate browser and compare current diagrams side-by-side so you can visually compare the differences.
If your environments are large or complex, you can also export current and superseded diagrams in JSON format and Diff the files to surface all the changed resources and settings .
All the interactive Hava diagrams are exportable in a number of formats.
Can you edit Hava Azure Diagrams Online?
There is no way within Hava to draw diagrams from scratch or to add or remove elements. This is because native Hava diagrams are designed to always reflect the source of truth at any point in time. You can alway be confident that what you are looking at on the Hava diagrams accurately reflects reality. This is because there is no way to add or remove diagram elements, resources and metadata that could lead to confusion or mis-represent the state of the network during a security or compliance audit for instance.
We do however appreciate that sometimes you would like to use your Hava Azure network diagrams as a starting point for some redesign work, or you would like to annotate a diagram to explain elements of the diagram in management or sales presentations.
To facilitate that scenario, Hava provides:
Azure Diagram VDSX Export
The VSDX export option is the solution that enables you to export your Microsoft Azure infrastructure diagrams in Visio format. You can then use Visio or a compatible application like draw.io (diagrams.net) to import the diagram for manipulation.
This provides exported editable diagrams while also maintaining the integrity of the diagrams and data held within the Hava ecosystem, so you have an unquestionable source of truth reference retained within your Hava account for use during a PCI compliance, Insurance, security or other type of audit.
Additional Azure Network Diagrams
On top of the standard infrastructure and 3D diagrams discussed above, there are two more diagrams for Azure that are automatically produced by simply connecting your Azure account to Hava.
The extended infrastructure view is in the same format as the infrastructure view, however it adds some additional information to the diagram like full resource names, IP addresses and resource sizes.
The final Azure diagram is the "List View" . This diagram is more like a report and as the name suggests, provides a list which contains of all the resources discovered in your environment.
This includes elements discovered in your data source that are not visualised on the diagrams. Some environments may have dozens of unimportant instances like network interfaces or virtual machine extensions, which add very little to the understanding of how the network is constructed and which if visualised could make the diagrams messy and difficult to read.
The list view is where you can find these resources. The list can be filtered, sorted by name, type or price and exported to CSV for easy import into a spreadsheet that can be used for cost analysis.
The visualised Microsoft Azure Diagram resources are detailed below.
|
|
Visualised |
Not Visualised |
|
Application Gateway |
✓ |
|
|
Availability Set |
|
✓ |
|
Express Route |
✓ |
|
|
Load Balancer |
✓ |
|
|
Local Network Gateway |
✓ |
|
|
Network Interface |
|
✓ |
|
Network Security Group |
|
✓ |
|
Public IP |
|
✓ |
|
Redis Cache |
✓ |
|
|
Resource Group |
✓ |
|
|
Route Table |
✓ |
|
|
SQL Server |
✓ |
|
|
Storage Account |
✓ |
|
|
Subnet |
✓ |
|
|
Virtual Machine |
✓ |
|
|
Virtual Machine Extension |
|
✓ |
|
Virtual Machine Scale Set |
|
✓ |
|
Virtual Network |
✓ |
|
|
Virtual Network Gateway |
✓ |
|
|
Virtual Network Peering |
✓ |
|
