GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → pplu → aws-map

pplu / aws-map

Licence: other
Make a network graph of an AWS region

Programming Languages

perl
6916 projects
Dockerfile
14818 projects

Labels

mapawsec2graphnetworkvpcrdsalbelbsecurity-groups

Projects that are alternatives of or similar to aws-map

Awesome Aws
A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
Stars: ✭ 9,895 (+12425.32%)
Mutual labels:  ec2, rds
aws-tag-sched-ops
Retired, please see https://github.com/sqlxpert/lights-off-aws
Stars: ✭ 24 (-69.62%)
Mutual labels:  ec2, rds
Aws Cli Cheatsheet
☁️ AWS CLI + JQ = Make life easier
Stars: ✭ 94 (+18.99%)
Mutual labels:  ec2, rds
instance-watcher
Get notified for Instances mistakenly left running across all AWS regions for specific AWS Account
Stars: ✭ 90 (+13.92%)
Mutual labels:  ec2, rds
Komiser
☁️ Cloud Environment Inspector 👮🔒 💰
Stars: ✭ 2,684 (+3297.47%)
Mutual labels:  ec2, rds
awsctl
Control AWS infrastructure easily from a single command line written in Go
Stars: ✭ 97 (+22.78%)
Mutual labels:  ec2, rds
Check Reserved Instances
Compare instance reservations and running instances for AWS services
Stars: ✭ 102 (+29.11%)
Mutual labels:  ec2, rds
Amazon
Simple access to Amazon's web services.
Stars: ✭ 20 (-74.68%)
Mutual labels:  ec2, elb
terraform-aws-lb-s3-bucket
Terraform module to provision an S3 bucket with built in IAM policy to allow AWS Load Balancers to ship access logs
Stars: ✭ 29 (-63.29%)
Mutual labels:  alb, elb
Aws Cost Saver
A tiny CLI tool to help save costs in development environments when you're asleep and don't need them!
Stars: ✭ 178 (+125.32%)
Mutual labels:  ec2, rds
pingdom-probes-aws-whitelist
A script for syncing Pingdom probe IPv4 addresses to AWS security groups.
Stars: ✭ 27 (-65.82%)
Mutual labels:  ec2, security-groups
ecs-ansible-packer-terraform-wordpress
Proof of concept: Install wordpress environment using ansible, packer, docker, terraform and AWS.
Stars: ✭ 29 (-63.29%)
Mutual labels:  ec2, elb
sensu-plugins-aws
This plugin provides native AWS instrumentation for monitoring and metrics collection, including: health and metrics for various AWS services, such as EC2, RDS, ELB, and more, as well as handlers for EC2, SES, and SNS.
Stars: ✭ 79 (+0%)
Mutual labels:  ec2, rds
Ec2instances.info
Amazon EC2 instance comparison site
Stars: ✭ 3,619 (+4481.01%)
Mutual labels:  ec2, rds
aws-solutions-architect-associate-certificate
Note to pass the AWS Solutions Architect Associate Exam
Stars: ✭ 58 (-26.58%)
Mutual labels:  ec2, vpc
Awstaghelper
AWS bulk tagging tool
Stars: ✭ 98 (+24.05%)
Mutual labels:  ec2, rds
headless-wordpress
Headless Wordpress - AWS - Easy Setup
Stars: ✭ 42 (-46.84%)
Mutual labels:  vpc, rds
serverless-vpc-discovery
Serverless plugin for discovering VPC / Subnet / Security Group configuration by name.
Stars: ✭ 35 (-55.7%)
Mutual labels:  ec2, vpc
Deploy Strapi On Aws
Deploying a Strapi API on AWS (EC2 & RDS & S3)
Stars: ✭ 121 (+53.16%)
Mutual labels:  ec2, rds
serverless-examples-cached-rds-ws
A serverless framework example project that uses API Gateway, ElastiCache, and RDS PostgreSQL.
Stars: ✭ 45 (-43.04%)
Mutual labels:  vpc, rds
View All Similar Projects ➔

AWS Network Graph

This is a small program for getting a hold of the state of your AWS network. It maps out a VPC region of your choice

Example

Graph Example

Installation

On a recent Ubuntu system these packages are needed

apt-get install -y graphviz-dev libxml2-dev libssl-dev carton
git clone https://github.com/pplu/aws-map.git
cd aws-map
carton install

Generating images

You can scan your infrastructure with two utilities:

carton exec perl -I lib bin/map_network_sgs eu-west-1

This will generate three files: graph.svg, graph.dot and graph.png. These all have the same contents in different formats SVG, DOT (for graphviz) and PNG

Optionally you can pass a second parameter with the prefix for the the images to be generated. Note that the three extensions will be added to the prefix

Self-Hosted web server

carton exec perl -I lib bin/map-webserver eu-west-1

This will prompt you to visit http://localhost:3000 where there is a small web application that has a viewer with zooming and panning. This is very convenient to navigate the map (specially big ones)

Understanding the graph

The generated graph attempts to show you your AWS region from a networking perspetive. It shows you what can talk to what, at an IP level.

The graphs' nodes are "things" that can talk IP (Network hosts, Instances, etc.)

Network Icon Network Hosts and Network Ranges.

Internet Icon We have a special icon for 0.0.0.0/0, tagging it as "The Internet"

Instance Icon...RDS Icon Instances, RDSs, ELBs... (AWS objects) are represented with their respetive icons. If there is no icon the object is just a box.

Security Group Icon are Security Groups with nothing in them. You may want to evaluate deleting them.

Instances in an autoscaling group will be surrounded in a dotted box with "autoscaling arrows" to left and right.

Arrows tell you in what direction IP connections (TCP, UDP, ICMP, etc) can flow (what can talk to what). Only incoming connections are graphed (Outbound rules aren't scanned yet). When a port range is not labeled, it means that the ports are TCP (i.e.: "25" means TCP port 25. "25-27" means TCP ports 25 to 27). If the ports are UDP, they are indicated: "25-27 UDP").

With a quick look at the example graph we can see the following:

Graph Example

Things in 1.1.1.1/32 can talk to the instances via HTTP and SSH.

The ELB is open to the Internet via HTTPS. It talks to instances via HTTP.

The instances talk to an RDS on port 3306

Known limitations

This tool only evaluates incoming Security Group rules. That means that Subnet ACLs, Routing tables, etc. are not taken into account to calculate if a host can actually talk to another.

When you graph a big account, it can take a while. Be patient. Also take into account that the graph can be hard to look at.

Contributing

Contributions are more than welcome. Take a look at the Perl Graphviz module to control the graph better: https://metacpan.org/pod/GraphViz2

The source code is located here: https://github.com/pplu/aws-map

Issuses can be opened here: https://github.com/pplu/aws-map/issues

Author

Jose Luis Martinez Torres ([email protected])

Copyright

Copyright (c) 2017 by CAPSiDE

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

The full text of the license can be found in the LICENSE file included with this module.

Icons come from AWS Simple Icons collection and are (c) AWS

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].