AWS Step-by-Step

Using AWS Cloud Map To Keep Track of Your Cloud Resources, Part 1

The easiest way to determine what AWS resources exist in your environment at any given time is meant mostly for developers -- but doesn't require any developer skills to use.

One of the things that can make AWS cloud resource management difficult is the fact that the environment tends to be highly dynamic. New virtual machines and containers are likely being created all the time, while older ones are being deleted just as quickly. Similarly, workloads may be designed to scale automatically, causing even more virtual machine instances or containers to be created or deleted on an as-needed basis.

Thankfully, there is a tool that can help you to more easily determine which resources exist at a given moment.

This tool is called AWS Cloud Map. Cloud Map is primarily intended for developers who need a way to programmatically inventory cloud infrastructure components. This tool is also useful for admins because it gives them a quick and easy way to check what resources exist within the AWS cloud right now. Suppose, for example, that a particular workload had begun to perform sluggishly even though it was configured to scale automatically. An admin could use AWS Cloud Map to see if that workload is indeed scaling or if there is a problem.

Before I Begin
Before I show you how to set up AWS Cloud Map, I want to address what I am guessing might be a concern: Although AWS Cloud Map is intended mostly for developers, you won't need any development skills to use it. You can configure the service entirely through the AWS Web interface. Querying AWS Cloud Map to see what resources exist in your environment does require you to use the AWS Command Line Interface, but this process does not involve doing anything that's difficult.

For the purposes of this series, I will show you how to use PowerShell to perform a simple query. If your Windows PowerShell for AWS installation is not up-to-date, it's a good idea to update it before you get started. Some of the older versions of Windows PowerShell for AWS do not work with AWS Cloud Map.

AWS Cloud Map Namespaces
The first step in configuring AWS Cloud Map to keep track of your resources is to create one or more namespaces.

A namespace is really just a group. Every organization uses multiple applications, and if you were to simply lump all of those applications and their resources together, it would be really difficult to tell what's what. A namespace allows you to group together the services that belong to a particular application. For example, if an application leverages a collection of EC2 virtual machine instances, then you could include those instances in a common namespace.

The most important thing you need to know about creating a namespace is that because AWS Cloud Map's job is to help you to keep track of resources that are dynamically created and deleted, you can't just create a static list of virtual machine instances within a namespace. That would defeat the entire point of using AWS Cloud Map in the first place. Instead, the namespace that you create will need a way to query your AWS environment to check for the presence of resources that are associated with a given workload. There are three ways that you can accomplish this.

The first option is to use API calls using something like Python or REST. I'm not going to be addressing API calls in this series since API calls fall squarely in developer territory.

The second option is to use a mixture of API calls and DNS queries within a VPC. This approach allows Cloud Map to locate resources by using DNS queries.

The third option is to use API calls and public DNS queries. Again, you can use this option to track resources through the use of DNS queries.

I am going to use the API-calls-and-queries-in-VPCs option. In doing so, I am going to assume that all of the resources associated with a particular workload exist within a dedicated VPC. Additionally, I am going to assume that the VPC is solely dedicated to that one specific workload and that any other workloads that the organization may have deployed are running in other VPCs.

Now that I have described how a namespace works, it's time to set up AWS Cloud Map. I will walk you through this process in Part 2.

About the Author

Brien Posey is a 22-time Microsoft MVP with decades of IT experience. As a freelance writer, Posey has written thousands of articles and contributed to several dozen books on a wide variety of IT topics. Prior to going freelance, Posey was a CIO for a national chain of hospitals and health care facilities. He has also served as a network administrator for some of the country's largest insurance companies and for the Department of Defense at Fort Knox. In addition to his continued work in IT, Posey has spent the last several years actively training as a commercial scientist-astronaut candidate in preparation to fly on a mission to study polar mesospheric clouds from space. You can follow his spaceflight training on his Web site.


Subscribe on YouTube