5 min read

Cloud Infrastructure Diagrams for GitHub | Hava.io

April 18, 2023

Cloud Infrastructure Diagrams for Github

Hava cloud infrastructure diagrams are extremely useful for understanding how cloud environments are constructed. They show you what is running, where it is running, how resources are connected and how they are secured.

Diagrams are kept up to date by background tasks that periodically scan for changes in your connected cloud accounts.

Hava diagrams are even more useful when you place them in the web properties where you and your team are working.

Hava's Github Action on the GitHub marketplace is one way you can leverage accurate cloud infrastructure diagrams without being logged into Hava.

This makes it easier for you to trigger the synchronisation of cloud account (data source) diagrams within Hava to ensure the diagram set for the data source you are updating with GitHub is refreshed and up to date instantly. This means your diagrams reflect any changes you have made to your cloud environment as a result of executing jobs from GitHub instantly.

The new Hava GitHub action communicates with the Hava API and can also be used to retrieve an up to date PNG image of the updated environment that can be committed to your documents folder so that your repo network diagram is in sync with your code changes.

The minimum configuration required to include the action as a step in your jobs requires you to specify the source id of the data source connection in Hava, which is created when you connect either an AWS, GCP, Azure or Kubernetes source to Hava.

You then require an API token which is available on the business plan and higher and finally the environment Id which can be obtained using the API or when viewing environment diagrams within Hava.

Hava_GitHub_Action_Step

The full list of input options at time of writing are below, however you should check the Hava Action GitHub Marketplace listing for the latest options.

hava-sync-action-options

The only output from the action is the path to the exported image generated by the action if you set skip_export to false.

Impact on Embedded Diagrams

The sync process executed by the GitHub action effectively brings forward the diagram refresh process that is automatically executed continuously by Hava. Using the action means you have up to date diagrams immediately available after you execute your build so you can review the impact of the build without having to wait.

If you have previously embedded an environment diagram in an external web property like a Confluence wiki or a Notion page for instance, the diagram at that location will update to show the latest version of your environment diagram without any manual intervention on your part.

This means all the places your diagram is shown are automatically kept up to date and show the correct details regarding the configuration of your network and related resources. This can avoid potential confusion because everyone is looking at the same current information.

You can view an example GitHub action on the teamhava public repository

example-github-action

If you are using Hava on a teams plan and also GitHub for CI/CD you can start using the new GitHub action today. Check out the GitHub marketplace listing to download.

WHAT VIEWS CAN YOU LEVERAGE IN HAVA?

The Infrastructure view is a fully interactive diagram that show you your VPCs or Virtual Networks. Inside the VPC you have availability zones and subnets that show you what resources you have running and where they live.

Multi_AWS_VPC_Hybrid_Diagram 

The interactive nature of the Hava diagrams eludes to the ability to select individual diagram components which changes the attribute sidebar to display all the known metadata related to that resource. This means you don't have to keep flipping backwards and forwards through your cloud consoles to find out the information you need about a highlighted resource.

Another view is the Security View. This is entirely unique to Hava and shows you the security configuration for your AWS or Azure VPCs

AWS_Security_Group_Diagram

This view is also interactive and shows security groups horizontally with the open ports and protocols that allow traffic ingress/egress shown as arrows overlaid on the groups.

Selecting a security group on the diagram changes the attribute panel to show a ton of useful information including all the connected resource that security group controls.

If you are deploying containerised workloads on ECS EKS AKS GKE or stand alone Kubernetes clusters, you can leverage Hava's Container View to see the status of your pods or tasks in each cluster. While not as detailed as say the infrastructure view in AWS, you still get to see all your tasks and whether the run status is optimal or not.

Container Tasks 

There is also a detailed AWS compliance report showing you how each of your AWS environment configurations adhere to AWS well architected standards.

There is an API that allows you to add and remove data sources, sync diagrams, set up and amend teams and projects and a whole host of other functions you might like to script instead of perform via the Hava UI.

Hava also has Architectural Monitoring built in.

This allows you to set up alerts for when changes are detected. The changes are highlighted on a Diff diagram and sent directly to you inbox and the inbox of anyone you care to nominate. When resources are added or removed or a new type of service is deployed, you can find out about it fast (and so can your security team)

You can also leverage other integrations like Hava's Terraform and Atlassian Confluence plugins.

If you have any questions, please get in touch.

If you are not using Hava yet to generate a single view across all your cloud environments so you can quickly understand and diagnose issues, you can automate away the tedious task of keeping your cloud documentation up to date by taking Hava for a free 14 day trial using the button below.

 

 

Topics: aws github
Team Hava

Written by Team Hava

The Hava content team

Featured