Generate basic graphviz/dot maps of your AWS deployments.
Debian
$ pip install -r requirements.txt
$ sudo apt-get install graphviz
OSX
$ pip install -r requirements.txt
$ brew install graphviz
windows
https://www.debian.org
$ ./mapall.py --region us-east-1 | dot -Tpng > aws-map.png
viewing the imaage on linux
$ eog aws-map.png
viewing the image on OSX
$ open aws-map.png
viewing the image on windows
https://www.debian.org
Options include specifying just one VPC to draw with: ./mapall.py --vpc vpc_123456
Or specifying a subnet to draw with: ./mapall.py --subnet subnet_123456
If you want to use virtualenv:
$ sudo apt-get install -y python-setuptools
$ virtualenv -p /usr/bin/python2.7 venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ ./mapall.py --region us-east-1 | dot -Tpng > aws-map.png
# And to leave the virtual environment:
$ deactivate
You can generate a map of each vpc or subnet individually. This is very useful if you have a large and complex setup where putting it all on a single page becomes spaghetti.
$ ./mapall.py --iterate vpc
$ ./mapall.py --iterate subnet
Normally security groups get in the way and obscure what you want to see so they aren't included. You can add them back with --security. Note that if you only want to map a single subnet you shouldn't turn security groups on as there is no easy way to determine which subnet a security group operates on - so it draws them all - leading to potentially huge, unusable maps.
The program will write the results of the aws query to a .cache directory and use that unless you specify --nocache. Cacheing is much faster than querying AWS everytime but obviously won't react to changes that are made.
You must indicate a region for the queries. This can be through the --region CLI option, or the AWS_DEFAULT_REGION environment variable. If both are set, the CLI opton takes precedence.
With the effort of everyone below this project would not be possible.
- @dwagon
- @justinholmes
- @joerayme
- @hposca
- @bjorand
- @ngfw