Overview
Workload Discovery on AWS (formerly called AWS Perspective) is a tool to visualize AWS Cloud workloads. Use Workload Discovery on AWS to build, customize, and share detailed architecture diagrams of your workloads based on live data from AWS.
The image to the right is a sample architecture diagram generated by Workload Discovery on AWS.
Benefits
Workload Discovery on AWS lets you build, customize, and share detailed architecture diagrams. Workload Discovery on AWS maintains an inventory of the AWS resources across your accounts and Regions, mapping relationships between them, and displaying them in a web UI.
The cost query builder lets you locate AWS resources and services that may have incurred a cost. The estimated cost data is automatically calculated for the time period specified and displays on your architecture diagrams.
You can generate a cost report for your architecture diagrams that contains an overview of the estimated cost and export them as CSV.
The search feature lets you use basic information, such as resource name, Tag name, or IP address to locate the resources you are interested in.
Explore resources provisioned across your accounts and Regions using the resource directory. It contains all the resources Workload Discovery on AWS has discovered. You can start building your Workload Discovery on AWS architecture diagrams by selecting a resource in the web UI.
You can save your Workload Discovery on AWS architecture diagram to revisit later or share it with other Workload Discovery on AWS users. To use the diagrams outside of Workload Discovery on AWS you can export to PNG, JSON, CSV, or draw.io.
Technical details
The following diagram presents the serverless architecture, which you can automatically deploy by either using the solution's implementation guide and accompanying AWS CloudFormation template.
Step 1
HTTP Strict-Transport-Security (HSTS) adds security headers to each response from the Amazon CloudFront distribution.
Step 2
An Amazon Simple Storage Service (Amazon S3) bucket hosts the web user interface (web UI), which is distributed with Amazon CloudFront. Amazon Cognito authenticates user access to the web UI.
Step 3
AWS WAF protects the AppSync API from common exploits and bots that can affect availability, compromise security, or consume excessive resources.
Step 4
AWS AppSync endpoints allow the web UI component to request resource relationship data, query costs, import new AWS Regions, and update preferences. AWS AppSync also allows the discovery component to store persistent data in the solution’s databases.
Step 5
AWS AppSync uses JSON Web Tokens (JWTs) provisioned by Amazon Cognito to authenticate each request.
Step 6
The Settings AWS Lambda function persists imported Regions and other configurations to Amazon DynamoDB.
Step 7
The solution deploys AWS Amplify and an Amazon S3 bucket as the storage management component to store user preferences and saved architecture diagrams.
Step 8
The data component uses the Gremlin Resolver AWS Lambda function to query and return data from an Amazon Neptune database.
Step 9
The data component uses the Search Resolver Lamda function to query and persist resource data into an Amazon OpenSearch Service domain.
Step 10
The Cost Lambda function uses Amazon Athena to query AWS Cost and Usage Reports (AWS CUR) to provide estimated cost data to the web UI.
Step 11
Amazon Athena runs queries on AWS CUR.
Step 12
AWS CUR delivers the reports to the CostAndUsageReportBucket Amazon S3 bucket.
Step 13
The Cost Lambda function stores the Amazon Athena results in the AthenaResultsBucket Amazon S3 bucket.
Step 14
AWS CodeBuild builds the discovery component container image in the image deployment component.
Step 15
Amazon Elastic Container Registry (Amazon ECR) contains a Docker image provided by the image deployment component.
Step 16
Amazon Elastic Container Service (Amazon ECS) manages the AWS Fargate task and provides the configuration required to run the task. AWS Fargate runs a container task every 15 minutes to refresh inventory and resource data.
Step 17
AWS Config and AWS SDK calls help the discovery component maintain an inventory of resource data from imported Regions, then store its results in the data component.
Step 18
The AWS Fargate task persists the results of the AWS Config and AWS SDK calls into an Amazon Neptune database and an Amazon OpenSearch Service domain with API calls to the AppSync API.
Step 1
HTTP Strict-Transport-Security (HSTS) adds security headers to each response from the Amazon CloudFront distribution.
Step 2
An Amazon Simple Storage Service (Amazon S3) bucket hosts the web user interface (web UI), which is distributed with Amazon CloudFront. Amazon Cognito authenticates user access to the web UI.
Step 3
AWS WAF protects the AppSync API from common exploits and bots that can affect availability, compromise security, or consume excessive resources.
Step 4
AWS AppSync endpoints allow the web UI component to request resource relationship data, query costs, import new AWS Regions, and update preferences. AWS AppSync also allows the discovery component to store persistent data in the solution’s databases.
Step 5
AWS AppSync uses JSON Web Tokens (JWTs) provisioned by Amazon Cognito to authenticate each request.
Step 6
The Settings AWS Lambda function persists imported Regions and other configurations to Amazon DynamoDB.
Step 7
The solution deploys AWS Amplify and an Amazon S3 bucket as the storage management component to store user preferences and saved architecture diagrams.
Step 8
The data component uses the Gremlin Resolver AWS Lambda function to query and return data from an Amazon Neptune database.
Step 9
The data component uses the Search Resolver Lamda function to query and persist resource data into an Amazon OpenSearch Service domain.
Step 10
The Cost Lambda function uses Amazon Athena to query AWS Cost and Usage Reports (AWS CUR) to provide estimated cost data to the web UI.
Step 11
Amazon Athena runs queries on AWS CUR.
Step 12
AWS CUR delivers the reports to the CostAndUsageReportBucket Amazon S3 bucket.
Step 13
The Cost Lambda function stores the Amazon Athena results in the AthenaResultsBucket Amazon S3 bucket.
Step 14
AWS CodeBuild builds the discovery component container image in the image deployment component.
Step 15
Amazon Elastic Container Registry (Amazon ECR) contains a Docker image provided by the image deployment component.
Step 16
Amazon Elastic Container Service (Amazon ECS) manages the AWS Fargate task and provides the configuration required to run the task. AWS Fargate runs a container task every 15 minutes to refresh inventory and resource data.
Step 17
AWS Config and AWS SDK calls help the discovery component maintain an inventory of resource data from imported Regions, then store its results in the data component.
Step 18
The AWS Fargate task persists the results of the AWS Config and AWS SDK calls into an Amazon Neptune database and an Amazon OpenSearch Service domain with API calls to the AppSync API.
Related content
An introduction to AWS Config and the process of recording and normalizing configuration changes within your AWS account. We also cover use cases and configuration, and we give a brief demonstration as well.
This course introduces you to Amazon Neptune and its core features and capabilities. The course describes how this service integrates with other AWS services, introduces important terminology and technology concepts, and includes a demonstration of the service.
A basic overview of how AWS CloudFormation can be used to automate resource provision. Use cases where AWS CloudFormation is used to repeatedly and predictably create groups of resources is covered in this course. A demonstration in designing an AWS CloudFormation template for resource provisioning is also covered.