Given our world here at Hava completely revolves around producing cloud computing diagrams, you can imagine we’ve got some fairly strong opinions on what makes a great diagram and the best way to go about creating them.

The Problem with Cloud Computing Diagrams

Discovering and documenting all the resources and their respective settings across multiple cloud consoles can be a daunting prospect especially if you are taking over infrastructure as a new engineer or consulting for a new client.

The first major problem is accuracy. More often than not, there will be no documentation, or if there is, it is so out of date that it cannot be trusted. Accurate diagrams communicate at a glance how infrastructure is configured so it is essential that reality is reflected on the documentation.

The second issue is time. Manually drawing and mapping out client or application infrastructure can take multiple team members days or weeks for particularly complex environments.

The third issue is keeping your diagrams up to date. With today’s technologies utilising autoscaling and easily deployed infrastructure as code approaches, the chances are your environments are rapidly changing and scaling/descaling as loads and traffic dictate. Automation makes it easier to respond to network load requirements, but adjusting and updating your infrastructure diagrams to reflect the changes is often overlooked and can be expensive if you are engaging external consultants to do this work.

Why Create Cloud Computing Diagrams?

The first is ease of internal communication. If you are onboarding a new engineer then being able to show them the network in diagram form will immediately convey what is running and how it all hangs together. This is done in seconds instead of hours or days of tedious research looking through console settings.

The second is ease of external communication. From a governance perspective having accurate diagrams to demonstrate the state and structure of your network is important. Should you be subject to PCI compliance audits or questions around data protection or integrity, having accurate documentation on the state and design of your network infrastructure at any point in time will enable you to respond with confidence.

The third is fault diagnosis and disaster recovery. Sometimes things go wrong and the sooner you can identify the problem the better. If you have previous versions of your network configuration in diagram form that you can visually compare to the current topology, you may be able to identify changes causing the issue faster than looking through logs and console settings. Laying out two diagrams side by side makes the changes or missing resources infinitely easier to identify.

Manually Draw or Auto Generate Network Topology Diagrams?

Once infrastructure exists however, then there is no excuse for spending time manually mapping out what is running. You can and should automate the diagramming process.

Why Automate Cloud Computing Diagrams?

This sentiment has been echoed by many Hava users, especially those working in the cloud consulting and MSP space. Automating the process has saved users hundreds, if not thousands of man hours getting to grips with cloud infrastructure as they take on new clients.

Accuracy is another consideration. If you are manually drawing network topology diagrams, then it is very easy to draw a resource that doesn’t exist or has been deleted since the original design and deployment. It’s equally as easy to miss a resource that has been deployed but wasn’t in the original design.

Keeping on top of what is actually running manually is tough especially if you have dynamic configurations that autoscale, which is why we believe automation is the only way to go. When you automate your cloud computing diagrams based on actual running configuration data you end up with accurate infrastructure diagrams from a “source of truth”. There is then no question that the diagrams you are looking at reflect reality.

Spotting Structural Problems in Cloud Diagrams

How to Generate Cloud Computing Diagrams

Interactive Cloud Computing Diagrams

The term “Diagram” doesn’t really do justice to the visualizations that Hava automatically generates. When your cloud config is scanned, the settings for each resource discovered are also captured. When you select a resource on the diagram, the contextual attribute pane to the right of the diagram displays all of the known config data. This saves you having to switch out to your cloud console to find more information about the resource.

3D Cloud Computing Diagrams

Hava currently supports three cloud computing platforms:

AWS Cloud Computing Diagrams

As previously mentioned, selecting a resource, subnet or the entire bounding box VPC will change the attribute pane to display details about the selected item.

In addition to the infrastructure view, AWS environments also spawn a security group diagram.

The security view displays all the discovered security groups. On top of the groups, the open ports a traffic flow is overlaid which allows you to view the traffic ingress and egress and hopefully spot any vulnerabilities caused by misconfigured ports.

AWS container workloads are also supported via diagram visualization.

You can see all of the visualized resources for AWS here

GCP Cloud Computing Diagrams

Currently security and container views for GCP are on the development roadmap.

A list of visualized GCP resources can be found here

Azure Cloud Computing Diagrams

The interactive nature of the Azure diagrams means you can select resources and components just like the AWS and GCP diagrams to dig into the settings and configuration of each component.

A full list of visualized Azure resources can be found here

Versioning Cloud Computing Diagrams

Hava approaches the need for both current automated up to date diagrams and historical network diagrams by way of a unique versioning system.

Hava polls your cloud configuration continuously. Once a change is detected, a new set of diagrams is generated and the superseded set is placed in a version history. The historical versions are also fully interactive, so you can dig into historical settings and config data which is especially useful when diagnosing errors or unexpected events.

If you are working with AWS, Azure or GCP and can see the benefits of improved accuracy and massive time savings by automating your documentation production, then moving to an automated solution like Hava will help improve accuracy, remove time sucking manual drawing tasks and may surface resources or security vulnerabilities you are presently unaware of.

You can try out Hava for free. Visit https://hava.io

Originally published at https://www.hava.io.

Tech Writer, Developer, Marketer and Generator of Leads.