10 min read

Generate AWS Diagrams Using Hava

August 23, 2023

When you are building cloud solutions on AWS, taking on new client networks or inheriting a project, having up to date documentation is massive advantage.

What used to be a manual labour intensive task can now be achieved in minutes by connecting your AWS, Azure, GCP and Kubernetes Clusters to hava.io and letting Hava auto generate your architecture topology diagrams for you.

You no longer have to do it yourself, or waste other team member's time trawling through consoles or engage consultants to produce accurate perpetually up to date cloud architecture, container and security posture diagrams.

You can always have the diagrams you need on hand when you need them when you leverage Hava's AWS Diagram Generator.

Generate AWS Diagrams on autopilot using Hava  and free yourself from drag and drop forever.

Hava Views NewUI

AUTO GENERATE AND AUTO UPDATE AWS Diagrams

When you auto generate AWS diagrams that automatically keep themselves up to date, you free up your time, your architects and engineers time and still have accurate diagrams on hand to help diagnose problems.

Visualised cloud architecture topology surfaces anomalies that can be difficult to spot in cloud console settings. You get to see what is running where across all your connected cloud accounts including multi cloud deployments.

Hava keeps all your diagrams up to date on auto pilot. As changes are detected, new diagrams are produced and superseded diagrams moved to version history, even if you haven't logged into Hava. There is no need to manually trigger updates, it's done for you. However if you need to diagram changes immediately you can sync whenever you like, either via the Hava app, pipeline integrations or via API.

ARCHITECTURAL MONITORING ALERTS

When changes are detected in the configuration of the cloud accounts you are managing, Hava can trigger an alert that lets your know when that change is detected.

Alerts_Detail

This means you always know what is happening in your cloud accounts and for MSPs it means you can let clients loose on their own infrastructure and resources but you can keep an eye on the changes and can warn them of any security or cost implications of the deployed changes - no more bill shock! 

COMPARE DIAGRAMS WITH DIFF VIEW

As changes are detected in your cloud configs, Hava stores superseded diagrams in version history automatically. You can compare any two interactive diagrams from any point in time using the revision comparison feature built into Hava. This shows you exactly what resources have been added, and which ones were removed during the time period between the two diagrams.

Diff_View

This could be the current live architecture diagram vs one from yesterday should you need to troubleshoot sudden unexpected application errors, or you could compare architecture over a longer period of time, like the period between PCI compliance audits so the auditors can see the changes they are interested in. You can also use diff views to analyse architectural drift or show clients the changes that have happened over time that have prompted questions around billing and escalating costs.

FIND CLOUD RESOURCES FAST

The query tool built into Hava is a powerful search function that can interrogate hundreds of cloud accounts across multiple vendors simultaneously with a single command.

search

You can search for tags, resources, IP addresses, resource types, names and a whole host of other search parameters and combinations to locate matching cloud resources, no matter what vendor or cloud account they are located in. Now there is no need to log into hundreds of consoles to locate the asset you are looking for.

Need to identify all the AWS VPCs with a particular database type running? Even if you are an MSP with thousands of accounts under management, Hava makes it possible with a single centralised query.

 

WHY HAVA?

Speed up On-boarding - When you take on new engineers or engage cloud consultants, having accurate up to date diagrams means you can show them exactly what you have deployed in a format that is easy to comprehend.

See What's Running Where - When you inherit environments the first question you ask is what is running where. Connect to Hava and you have the answer. The same is true if you are managing lots of accounts. The first step is to see what is running where before you start troubleshooting.

Compare Architecture Over Time - Easily see the changes made to a VPC in seconds. Select any two diagrams from versioning to see the resources added or removed between those dates. Help conquer architectural drift and explain why costs have changed, demonstrate why the architecture no longer resembles the original design and why security may need to be reviewed.

Never Start From Scratch - Before starting architecture redesign or a performance improvement proposal, you can turn to Hava for a picture of what is running now. Step 1 - Generate AWS Diagram. Step 2: You can then document your proposed changes without having to draw complex networks from scratch.

Track Changes - When changes are detected in your cloud config, Hava automatically generates new diagrams and saves the previous diagrams to version history. So when you want to identify resource changes in the middle of an outage, or compare cost changes, you can. This is especially useful during ISO/PCI/SOC audits when you need to identify changes since the last audit.

Embed Diagrams Anywhere - You can embed fully interactive Hava diagrams outside of the application, like in say a Wiki, in Github or any web property. Diagram endpoints can be placed once, and as your diagrams update, the embedded diagram automatically updates too. This means your Confluence page, GitHub doco or intranet stays up to date automatically, hands free.

CMDB Validation - When you are maintaining a cmdb, you can drop in a diagram link so you can view the cloud asset in context

Validate your AWS Compliance - Using the built in AWS compliance report, you can see how well your AWS configuration complies to best practice and well architected standards. The report will highlight potential problems, the severity of the issue and suggest solutions.

Monitor Container Tasks - Hava's container view visualises the run status of your cluster tasks or pods. You can see at a glance the health and status of your cluster and any pods or tasks that are in a sub optimal state.


What do our clients say:

 

JUST AFTER MIDNIGHT

"Hava has grown into a comprehensive tool for mapping out entire network topologies, in minutes. Rather than spending hours trawling through cloud consoles, firing up needless drawing tools or having new customers dig through historical data, Hava automatically generates a full layout of the new cloud environment."

Callum Davies - Managing Director, Asia


 

SECURITY

When you connect Azure and AWS to Hava, you will generate a security view that details all the configured security groups on your virtual networks.

AWS_Security_Group_Diagram

 

This interactive diagram shows all your security groups and when a security group is selected you can see all the connected resources, ingress and egress IP details and other relevant metadata. The overlaid arrows show you how traffic enters and exits your network with details on the ports and protocols in use.

This allows you to show your security team your cloud security posture and when used in conjunction with the infrastructure view diagram, they will better understand how your network hangs together. They will visually understand what is going on and where attention may be needed without spending days checking individual cloud resources in the console.

In terms of Hava security, the app connects via read only credentials and scans configuration settings only, no client data is read or stored. Data required to generate diagrams is encrypted in transit and at rest and the entire application can be self hosted on your own cloud infrastructure behind your own security.

INTEGRATIONS

 

There are a number of ways to integrate diagrams and trigger actions outside of the Hava application.

GitHub Integration - Available on the GitHub marketplace, the Hava sync action allows you to trigger diagram updates and optionally retrieve updated diagrams to your Github Docs repo from within your deployment workflow.

Confluence - The Hava diagram viewer is available on the Atlassian marketplace and allows you to easily insert interactive diagrams into Confluence.

Embeds - Have provides the ability to embed your diagrams via iFrame code snippets. This means you can embed interactive diagrams anywhere that supports iFrames, like Notion, other web apps, the list is endless. The embeds utilise a dynamic URL that hosts the latest diagram version, so you only ever have to embed once.

API - Hava has an API you can use to programatically perform the operations you can within the application UI. You can add and remove data sources, trigger diagram updates, retrieve diagrams using API calls. This means you can build diagramming into your CI/CD pipeline or perform bulk actions using code and not the Hava app.

Export - You can export diagrams for analysis, archiving, use in proposals or management reports or for editing. The PDF and PNG file formats provide formatted diagrams, the VSDX export allows you to edit the diagrams using Visio, draw.io or other compatible editors, whereas the CSV and JSON exports provide the raw data you can use to diff or ingest diagram data into other applications.

TRACK RESOURCES DURING A PROJECT

During a development project that impacts your cloud infrastructure and resources, there are several stages during the process that Hava can help speed up the process and improve the outcome.

Before your team or your client commences work, you can establish an infrastructure baseline by documenting what is currently running and how it hangs together. Then as work commences, you can use Hava's integrations to update and capture diagrams as resources are deployed providing an audit trial and proxy architectural decision register that demonstrates what changes were made when. You can set alerts on the environments or subsets of resources related to a project and define which teams or individuals should receive the diff diagrams showing the changes.

Finally you can use Hava to place live interactive diagrams where your team or clients can access them (outside of Hava) to provide transparency on the progress of the project.

This video shows this process in action:
 


GET STARTED

 

testimonials

If it sounds like Hava can help save you time and money diagramming your cloud environments, help you keep track of changes and help you find resources across multiple cloud accounts and vendors with a single query, you can sign up to a free 14 day trial here: There's no obligation or credit card required.

 

If you have any questions, please get in touch using the chat facility at the bottom of this page.

Thanks for your interest.

 

Topics: aws cloud DevOps
Team Hava

Written by Team Hava

The Hava content team

Featured