How to find resources in AWS
When you are developing applications or creating infrastructure in AWS things can escalate quickly, which is kind of the point of choosing the cloud in the first place. What that means though, is that it might not be too long into your development cycle before you start to lose track of what resources you have running, especially if you have multiple AWS accounts, multiple projects or duplicate environments for staging and testing purposes.
Within a single AWS account it’s not uncommon to have hundreds of VPCs configured containing hundreds or thousands of resources which is only compounded if you are a managed service provider or consultant looking after multiple AWS accounts.
So there will come a time when you need to track down a specific resource for some reason and you are not sure where it is running or even which account to sign into to start looking. Or maybe you just need line of sight on exactly what you are running.
How do I see my resources in AWS ?
or Find all resources in an AWS account?
This is probably the most typical task undertaken by Hava users. It happens by default. When you connect a data source, otherwise known as an AWS account using a read-only cross account role, the application will automatically generate network topology diagrams for each VPC discovered.
So by default all the supported resources running in your AWS account will be documented on the interactive diagrams so you can click on individual resources to see the known settings and metadata related to the resource.
A more extensive list of everything discovered, even resources that are not placed on the diagrams are visible on the list view, which is an interactive list where you can select listed resources to take a deeper dive into the settings and metadata.
Find a resource by ID in AWS
The challenge with having multiple VPCs or multiple AWS accounts with many many resources is remembering exactly which VPC, region or AWS account a resource belongs to. It’s great having dozens or hundreds of accurate diagrams for all your environments, but it can be a challenge to track down a known resource ID. Maybe it’s just popped up in an error or traffic log and you need to know where it is running or what context it should be accessed.
Either way, the fastest way to track down an individual resource by its resource ID is to use Hava’s search/filter utility.
The search facility has a number parameters you can use to filter and search.
The search function will create on the fly diagrams based on the specific search terms you feed it. In this case the id: token can be used to locate a specific resource like in this example an EC2 instance with the resource id “i-3782ey37y18y877d7”
Performing this search will tell Hava to go through all the VPCs in all the AWS accounts connected to your Hava account and find the resources with a matching Id token. As you can see the resource is returned and we can see the VPC containing it as well as the region, CIDR block and subnet displayed on the diagram
To the side of the diagram in the attribute pane, you can then view a substantial amount of meta data related to the resource like image details, availability zone, cost estimate, dns name, private IPs, launch subnet, security groups, network interfaces, volumes and tags.
You can also prefix the request with the deep search operator. This will find the desired resource and also diagram any directly connected resources.
In this example we can now see the elastic load balancer connected to the ec2 instance and a second subnet.
How do I view all resources in a VPC?
AWS find resources in a VPC
By default Hava auto generates diagrams for each VPC discovered, so you all you need to do to find resources in an AWS VPC is to go to the environments dashboard and view the applicable diagram.
But say you are a busy MSP with thousands of VPCs running in multiple AWS accounts. You can use the search operator vpc: to save yourself a ton of scrolling to find the VPC diagram you are looking for.
Say we have a VPC called “vpc-fd2341c2b”, we can use the same methodology we used in the id: example, but swap out the search term to “vpc:vpc-fd2341c2b”
Now we’re getting warmed up, we could pull back two VPCs onto a single diagram by using the “or” operator in the search:
This pulls back the two VPCs onto a single diagram
The power in this search is that you can save the resulting diagram and it will be available to revisit and will continue to self update and store changes in version history as they are detected and updated diagrams are produced.
AWS find resources in a subnet
The subnet token is also available within the search function, so that you can use the subnet: operator to find a known subnet across multiple VPCs, regions or even multiple AWS accounts should you have them connected to Hava.
In this example we can search for “subnet-b23c2831”
How to list all resources in an AWS account?
If for some reason you need a list of all the resources in an AWS account, even if those resources are spread across multiple VPCs then a combination of the source: search and the Hava list view will allow you achieve that.
The initial step would be to execute a “source:” search using the source ID of the required AWS account.
This may take a while as Hava searches through all the resources and creates a diagram that includes everything found in your AWS account. This is basically amalgamating all the separate VPC diagrams Hava would normally produce.
You can then swap to the Hava “List View” to see an extensive list of all the resources detected in the target AWS account.
This list can be exported to a CSV or JSON file. In this example the CSV export details over 3000 resources detected in the AWS account.
How do I find AWS resources by resource type?
There are many reasons you might need to find a particular AWS resource. This is fairly simple to do with the AWS console, you simply go to the relevant service console and find them. It get a little more complicated if you have multiple accounts or projects or you don’t have time to sit down and document which resources run in which VPC.
The “type:” search operator in Hava makes the process simple. You just select a type: search and choose the resource type you are looking for. You can stack the query and pull back several different resource types.
You might be concerned with security and need to review all your configured load balancers. Or you might be a DB admin and would like an overall picture of your stable of databases you need to monitor.
We could get a diagram of all the RDS databases in all the AWS accounts connected to Hava with one simple search:
This scans all the attached AWS and returns a diagram with all the RDS instances that are laid out in the subnets and VPCs that they run in.
This diagram is fully interactive, meaning you can select a database and view all the known metadata that relates to it, which is displayed to the right of the diagram in the attribute pane.
Saving the custom “database” diagram places the diagram in your environments dashboard so it can be accessed at any time. The diagram is self updating so if a database gets deleted or added, the diagram is updated to reflect the change. The superseded diagram isn’t overwritten or deleted, but is moved to version history and can be viewed at any time for comparison purposes.
If you are building or managing AWS infrastructure and see a benefit in adding a lightning fast method of locating AWS resources to your engineering toolbox then we would welcome the opportunity to explore how Hava can assist you and your team.