0

Is there a way to show which resources are connected to what other resources in AWS? Basically the kind of information that would allow one to understand/view the current architecture.

There are CLI tools like list-application-dependencies and describe-network-interfaces but I don't think this provides the information I'm looking for.

For example, say I have an Amazon service like SageMaker, which uses a number of other resources like EC2, S3, EBS, etc. Is there a way to fetch what SageMaker is connected to and/or depends on?

Similarly, can I find out for a given EC2 instance what services are using it?

Cybernetic
  • 103
  • 2
  • Not really. Lucid Charts / Cloudockit can help but both are third party. – Tim Nov 03 '21 at 00:04
  • If there are 3rd party vendors who are able to do it, then it can be done. They wouldn't have access to any more data than someone with admin privileges in AWS. – Cybernetic Nov 03 '21 at 01:41
  • To clarify: AWS does not provide a tool that visually shows which resources are connected. Some third party vendors call AWS APIs and use the information they gain from there to create a visual representation of the resources in your account, including connectivity. – Tim Nov 03 '21 at 01:53
  • @Tim yes that is what I am looking for. Not the visualization tool, but where in the API this information is available. Someone with full admin access should be able to call some API endpoints to gather this connectivity information; I’m assuming. – Cybernetic Nov 03 '21 at 02:29
  • I think you can get limited information, about what is directly configured to talk to what, such as what EC2 instances an ALB / target group talk to. Otherwise I think it's in the realm of proprietary information. The migration tools might be your best bet, some of them do network level analysis using agents on EC2 instances. You might be better just doing this one the hard way. – Tim Nov 03 '21 at 05:49
  • @Tim makes sense. Thanks Tim. – Cybernetic Nov 03 '21 at 14:03
  • You might find this tool useful - not quite what you want but maybe useful anyway. https://github.com/darkbitio/aws-recon?ck_subscriber_id=512836140 . Prowler and Scout Suite are similar. – Tim Nov 04 '21 at 18:58

0 Answers0