Amazon.com, Inc.
Graph based management of virtualized infrastructures

Abstract:

Technology is described for mapping virtualized infrastructure resources and associated flows in a virtualized infrastructure of a service provider environment. An application dataflow involving a virtualized infrastructure resource may be described using a swim lane model. Controls within the virtualized infrastructure to enforce segmentation and security of the application dataflow may be deduced from how the application dataflow is secured into a corresponding swim lane. An infrastructure mapping service may use information that identifies virtualized infrastructure resources and describes application dataflows in the virtualized infrastructure to generate a map of the virtualized infrastructure in the form of a graph. The graph may provide a visual representation that is easy for an auditor or engineer to understand. In addition, the graph generated by the infrastructure mapping service may be stored in a graph database providing quicker access to a representation or abstraction of the virtualized infrastructure for configuration, management, and auditing.