13 min read

Cloud Deployment Diagrams

By Alan Blackmore on May 24, 2024 1:37:55 PM


For any team building cloud infrastructure, maintaining up-to-date diagrams can be a daunting task.

Seeing what has been deployed in your cloud accounts serves a number of purposes :

  • You can ensure what you planned to deploy actually got deployed
  • You can pick up a new environment and see what is running at a glance
  • Your engineers, architects and Ops team are all instantly on the same page

The problem is cloud deployment diagrams take forever to draw, and even more effort to keep current and accurate.

However, with Hava.io you can automate your cloud infrastructure diagrams, ensuring you always have the most current view of your cloud environment.

While Hava.io out of the box maps out all your cloud environments, you can use the built in customer search to fine tune the diagrams to show you exactly what you are interested in.

Custom search is more than just a feature; it's a solution to the common problem of managing large and complex cloud environments. With Hava.io, you can build custom diagrams and quickly locate resources from hundreds of cloud accounts. This tool is especially useful when you need to find an individual resource, an IP address, or a VPC running in your managed environments.

One of the key benefits of Hava.io's custom search is its ability to create custom diagrams that self-update. This means you always have the most current view of your cloud infrastructure. Additionally, you can set up alerts for changes in your custom diagrams, keeping you informed and proactive.

But the power of custom search doesn't stop there. With Hava.io, you can also perform deep searches that not only bring back the resources that match your search but also anything connected to those resources. This is particularly useful when you want to see all the resources connected to a particular instance in your VPC or virtual network.

In essence, Hava.io's custom search is a powerful tool that can transform your cloud management experience. It's about turning a sprawling cloud landscape into a navigable map, tailored to your needs. With Hava.io, you can harness the full potential of custom search, taking control of your cloud infrastructure like never before.

Ready to automate your cloud infrastructure diagrams? Dive into our detailed blog post to learn more about this game-changing custom diagram and multi cloud single point search tool.

AWS ARCHITECTURE DIAGRAMS

There are a number of Hava diagrams that can prove useful to your engineering and DevOps team. These include an AWS Infrastructure diagram like this:

The above diagram example logically lays out all the resources discovered when an AWS account is connected to Hava's AWS Network Diagram Generator. The main VPC denoted by the green border, is surrounded by associated resources like internet and VPN gateways, S3 Buckets, VPC endpoints, VPC peering connections, Elastic Beanstalk environments and so forth.

Within the VPC, the configured availability zones (AZs) are set out in columns that contain the individual subnets set up in those AZs.  All the resource instances contained in each subnet are visualized, as are any load balancers routing traffic to the various subnets.

When you have a diagram automatically created from configuration data, now you can interrogate of each of the resources to see the settings and associations related to it. By clicking on any of the individual instance icons, the attribute pane on the right then displays all the known details related to the resource.  Something that simply isn't possible with manually created drag-and-drop diagrams.

Automating the diagram build using an AWS Network Diagram Generator can also reveal resources you are paying for, but may not be aware of.  Long forgotten database instances and sometimes entire dev or test environments are regularly discovered by this automation process. One of our clients discovered a database instance that was unused and costing close to $3k per month, and had been for over 3 years!

CUSTOM AWS NETWORK TOPOLOGY DIAGRAM

There is always somewhat of a compromise when it comes to automatically generated documentation. The way that Hava discovers and builds diagrams is based at a VPC level. If more than one VPC is detected in your AWS cloud account, then one diagram set per VPC is created.

You may however want to combine two or more VPCs onto a single diagram, for instance if they both relate to the same project or application.  This can be achieved using the custom query search function built into hava.io.

AWS NETWORK TOPOLOGY DIAGRAM GENERATOR

This custom query would create a new 'on-the-fly' custom diagram containing the two nominated AWS VPCs specified in the search.  You would then have the ability to save this diagram so it is retained in your dashboard until you choose to delete it.  As with all other diagrams generated by Hava, your custom AWS infrastructure diagram would keep itself up to date and retain a version history every time a resource change is detected.

RUNNING Cloud COMPONENTS DIAGRAM

Typically it is just not practical to include every single component onto an AWS network diagram. Take for instance network interfaces, volumes or WAF Rules. In a large network with hundreds or maybe thousands of these non essential components, trying to map out every single component would most likely make the diagram unreadable, or certainly too rammed full of unimportant resources to easily recognise the core components.

However, that's not to say you don't need to know about them.

Hava solves this issue by providing detailed components list that lists out every single resource detected.

This comprehensive list of resources can also be sorted and exported along with estimated monthly costs so you can see at a glance what resources are costing you the most money. This detailed view is also interactive. Selecting a resource on the diagram will reveal all the known settings and associations that resource has.

AWS SECURITY GROUP DIAGRAMS

Another benefit of automating the discovery of your AWS environment diagrams with Hava is the ability to capture and visualize security group, traffic and open port details.

AWS SECURITY ARCHITECTURE DIAGRAM

With the Hava security group diagram you can view all of your configured security groups with the open ports overlaid to enable an instant visual snapshot of the traffic flow, ingress and egress points. The security group diagram being interactive ensures you can select a particular security group on the diagram and view important information relating to the group, like the connected resources, ingress and egress ports, IP addresses and associated tags.

Cloud ARCHITECTURE DIAGRAM VERSION COMPARISON

Hava continuously scans your cloud architecture and when changes are detected a new diagram set is automatically generated. The superseded diagrams are not discarded or overwritten. Instead they are moved into version history. Still fully interactive.

What this means is you can view your cloud architecture at any point in time and also leverage Hava's revision comparison (Diff Diagrams) to quickly identify what has been added or removed between the two diagram dates.

 

So you can easily identify all the changes made since your last compliance audit, or see what changed yesterday that is causing unexpected network or application errors.

Cloud ARCHITECTURE MONITORING

While diff diagrams are super helpful in diagnosing changes after the fact, you may want to keep on top of changes as they happen.

Hava's architecture monitoring alerts will let you know the minute a change is detected. You simply nominate the environment you wish to monitor and add a group of recipients to receive the alerts. When a change is detected like the addition or removal of a resource, Hava will send each recipient a diff diagram showing the changes.

Now you and your security team can be across every change as it happens so you can assess and take action if required.

 

ENVIRONMENT DIAGRAM NOTES

For every architecture diagram generated you have the ability to add text comments. This serves as a rolling dialogue your team can contribute to that may better explain elements of the diagram or bigger picture concepts related to the diagram.

Notes are accessed from the accordion menu within the attribute pane.

New notes are added to the top of the list so they are stored in chronological order.

AUTOMATED cloud DIAGRAM UPDATES

Finally, your documentation is only useful if it is accurate. It is quite possible to spend weeks manually constructing network topology documentation only to have it rendered useless by a minor change to your network configuration.

In the middle of an outage or network incident that has taken down your application, being able to quickly establish what should be running is crucial.

Built into Hava is an auto-sync function that polls connected data sources and automatically updates diagram sets when changes are detected.  This means your diagrams are always current and up to date. The superseded diagram sets aren't discarded however. They are placed into a version history that enables you to pull up older diagrams in the same fully interactive format.

This allows you to quickly and visually identify changes to your cloud network topology, so you can easily compare a previously working set of network resources with the current configuration to see what's missing .

It also allows you to demonstrate the status of your network at any point in history. This can be invaluable during a pci compliance audit or insurance claim should your network design ever be called into question.  

EXPORTING GENERATED AWS  DIAGRAMS

Native AWS architecture diagrams created by Hava are the nearest we've seen to the examples and recommendations provided by AWS.  These are great to view and interrogate via the interactive dashboard, however sometimes you'll need to pull a set of diagrams for audit purposes or for management or sales presentations.

Hava's built-in export function allows you to do this in a number of formats.

CSV, VSDX, JSON, PDF and PNG

EDITING AWS NETWORK DIAGRAMS

Should you want to manipulate or embellish your Hava generated diagrams, exporting to VSDX format and using Visio, draw.io or any VSDX compatible drawing package will allow you to edit your diagrams as required.  

Should you not have access to Visio but would like to try this out, try opening one of your exported VSDX files in draw.io

Getting Hava to do the bulk of the heavy lifting by initially generating accurate diagrams based on what is actually configured and running in your cloud environment enables you to access a base diagram ready to edit which will save you hours or possibly days preparing management reports or upgrade plans.

Topics: aws cloud search
2 min read

Unleashing the Full Potential of Custom Search in Hava

By Team Hava on Dec 6, 2023 1:31:00 PM


Navigating through complex cloud infrastructures can be challenging. However, Hava.io, a cloud diagramming automation tool, simplifies this process. This post will guide you on how to fully utilize the custom search feature in Hava.io.

Hava.io's custom search is a powerful feature that enables you to create custom diagrams based on specific criteria. This is particularly useful when you need to locate a specific resource, resource type, IP address, or VPC among numerous environments. The search box in Hava's main top menu allows you to input criteria, constructing a diagram from any resources that match the search term.

For example, if you need to isolate a single app's resources in a large VPC running multiple applications, this can be achieved if your resources contain a tag pair identifying the application. By inputting this tag pair into the custom search box, Hava.io will generate a diagram of all resources with that tag pair. You can also combine all search criteria to further refine the resources diagrammed.

Once a diagram is created, it can be saved for future reference. These custom diagrams are self-updating as part of Hava's regular sync process. You can also establish alerts for a custom saved diagram, ensuring you're notified via email when any changes occur on the diagram.

In conclusion, Hava.io's custom search feature offers a powerful and efficient method for managing your cloud resources. Whether you're overseeing resources across multiple cloud vendors or pinpointing specific resources within a large environment, Hava.io can help streamline your cloud management tasks.

Topics: aws diagrams hybrid
2 min read

How to Isolate App Resources in a Large VPC Using Hava

By Team Hava on Nov 14, 2023 1:23:00 PM


In the world of large and complex cloud infrastructures, isolating specific resources or segments can be a daunting task. However, with Hava.io, a tool that automates cloud diagramming, you can easily zero in on the resources you need. This blog post will guide you on how to use Hava.io to isolate app resources in a large Virtual Private Cloud (VPC) or Virtual Network.

Hava.io's custom search feature is a powerful tool that allows you to build custom diagrams on-the-fly based on specific criteria. This feature is especially useful when you need to find an individual resource, resource type, IP address, or VPC among the many environments you're managing. The search box in the main Hava top menu lets you specify criteria to construct a diagram out of any resources that match the entered search term.

For instance, if you want to isolate a single app's resources in a large VPC running multiple applications, you can do so if your resources contain a tag pair identifying the application. By typing the tag pair into the custom search box, Hava.io will build a diagram of all the resources with that tag pair. You can also combine all of the search criteria to narrow down diagrammed resources further.

Once a diagram is generated, you can save it for future reference. These custom diagrams self-update as part of the normal Hava sync process. You can also set up alerts for a custom saved diagram, so when anything changes on the diagram, you'll receive an email alert.

In summary, Hava.io's custom search feature provides a powerful and efficient way to isolate app resources in a large VPC. Whether you're managing resources across multiple cloud vendors or trying to zero in on specific resources in a large environment, Hava.io can help streamline your cloud management tasks.

Topics: aws azure gcp diagrams hybrid
2 min read

The Future of Cloud Security: Exploring Hava’s Cutting Edge Traffic Flow Visualization and Security Group Control

By Team Hava on Nov 7, 2023 4:07:00 PM


As cloud environments continue to evolve, so do the challenges in securing them. The future of cloud security demands tools that can keep pace with the complexities and provide clarity and control. Hava, with its cutting-edge features for traffic flow visualization and security group control, is at the forefront of this future.

Hava is a cloud infrastructure diagramming tool, but its capabilities extend far beyond just creating diagrams. It specializes in providing visualizations that are not only informative but also actionable. One of Hava’s most impressive features is its Security View, which offers a comprehensive visualization of security groups within AWS or Azure Virtual Private Clouds (VPCs).

What sets Hava apart is its ability to map out traffic flow within the VPC. It uses arrows to indicate how traffic can enter and exit security groups, showing what ports are open and where the traffic is routed. This visualization is crucial for understanding potential vulnerabilities and ensuring that only necessary ports are open.

In addition to traffic flow visualization, Hava provides detailed control over security groups. By clicking on a security group in the Security View, you can see detailed information, including ingress and egress rules. This allows for a quick assessment of whether a security group is configured correctly or if it’s accepting traffic that it shouldn’t be.

But Hava doesn’t stop there. Its diagrams are interactive, allowing you not only to view information but also to take action. For instance, if you identify a misconfigured security group, you can quickly navigate to the relevant configuration in the AWS or Azure console and make necessary adjustments.

Another forward-looking feature of Hava is its ability to retain historical data. This is invaluable for tracking changes over time and understanding how your cloud environment has evolved. It can also be critical for compliance and auditing purposes.

Hava is paving the way for the future of cloud security with its cutting-edge features for traffic flow visualization and security group control visualization. Its interactive diagrams provide the clarity and control needed to secure complex cloud environments effectively. As cloud security continues to be a moving target, tools like Hava will be indispensable in staying ahead of the curve.

Topics: aws security azure DevSecOps
3 min read

The Evolution of Cloud Diagramming | Past, Present, and Future

By Team Hava on Nov 6, 2023 2:44:00 PM

Cloud computing has undeniably transformed the technological landscape, ushering in an era of unprecedented scalability, flexibility, and innovation. As cloud environments grew in complexity, the need for clear visualization became paramount. Cloud diagramming, once a rudimentary process, has evolved into a sophisticated discipline, with tools like Hava.io leading the charge. Let's embark on a journey through time, tracing the evolution of cloud diagramming from its nascent stages to its promising future.

Topics: aws azure gcp
2 min read

Enhancing Cloud Security Posture with Hava's IT Audit Tools

By Team Hava on Nov 3, 2023 3:00:14 PM

For seasoned CTOs, security is a paramount concern that requires constant vigilance and a proactive approach. IT audit tools are not just facilitators but crucial enablers in strengthening an organization's security posture. Among these tools, Hava.io stands out with its ability to create dynamic, detailed security diagrams for AWS and Azure that offer more than just a snapshot of the current state of cloud infrastructure.

Topics: aws security azure gcp audit
2 min read

The Role of Versioning and Historical Data in Cloud Infrastructure Troubleshooting

By Team Hava on Oct 27, 2023 1:17:00 PM

 

Topics: aws azure gcp
2 min read

Creating Hybrid Cloud Diagrams with Hava.io's Custom Search Function

By Team Hava on Oct 26, 2023 1:07:00 PM

When it comes to cloud infrastructure, managing resources across multiple cloud providers can be a challenging task. However, with Hava.io's custom search, you can create hybrid cloud diagrams that simplify this process, making it easier to manage your resources efficiently.

Custom search is more than just a feature; it's a solution to the common problem of managing large and complex cloud environments. With Hava.io, you can build custom diagrams and quickly locate resources from hundreds of cloud accounts. This tool is especially useful when you need to find an individual resource, an IP address, or a VPC running in your managed environments.

One of the key benefits of Hava.io's custom search is its ability to create custom diagrams that self-update. This means you always have the most current view of your cloud infrastructure. Additionally, you can set up alerts for changes in your custom diagrams, keeping you informed and proactive.

But the power of custom search doesn't stop there. With Hava.io, you can also perform deep searches that not only bring back the resources that match your search but also anything connected to those resources. This is particularly useful when you want to see all the resources connected to a particular instance in your VPC.

In essence, Hava.io's custom search is a powerful tool that can transform your cloud management experience. It's about turning a sprawling cloud landscape into a navigable map, tailored to your needs. With Hava.io, you can harness the full potential of custom search, taking control of your cloud infrastructure like never before.

Ready to create hybrid cloud diagrams? Dive into our detailed blog post to learn more about this game-changing tool. [Read the full hybrid diagram post here]

 



Or grab a free trial & get 14 days to try out Hava - no credit card required.

Topics: aws azure gcp diagrams hybrid
3 min read

Deep Dive into AWS Architecture Diagramming with Hava

By Team Hava on Oct 13, 2023 10:58:22 AM

Amazon Web Services (AWS) has revolutionized the cloud computing landscape, offering a plethora of services and solutions that cater to diverse business needs. From startups to Fortune 500 companies, AWS has become the go-to platform for deploying, managing, and scaling applications in the cloud. However, as organizations expand their AWS footprint, the complexity of their cloud environments grows. This is where the importance of effective AWS architecture diagramming comes into play, and Hava.io emerges as a game-changer.

Topics: aws azure gcp cloud computing
2 min read

How to Evaluate Cloud Scalability and Performance During Acquisitions

By Team Hava on Oct 9, 2023 7:30:00 AM

During mergers and acquisitions, understanding the cloud infrastructure of a target company is extremely important. As businesses increasingly rely on cloud solutions, the scalability and performance of these systems become important factors in the acquisition process. Hava, a leading tool in cloud visualization, offers automated architecture diagrams that can greatly assist in this evaluation. Here's how:

Topics: aws azure gcp due diligence m&a

Featured