Created: 2014-05-19 15:38
Updated: 2018-10-26 06:45
License: mit

Build Status

AWS Security Pictures

Generate detailed images of aws deployments for security reviews.

How to Install

$ sudo apt-get install graphviz python-pip python-virtualenv
$ git clone
$ cd aws-security-pictures
$ virtualenv venv
$ source venv/bin/activate
$ pip install -r requirements.txt

How to Contribute

$ pip install -r requirements-dev.txt

Please make sure the following command exits successfully before pushing your code.

$ flake8 awssecuritypictures --ignore=E501
$ python ./ install

How to run

Generate a picture of an ELB and attached EC2s,

$ ./awssecuritypictures/ --elb ELBNAME -o

Generate a picture of an EC2,

$ ./awssecuritypictures/ --ec2 EC2ID -o

Attach and RDS to a picture of an ELB and attached EC2s, or just an EC2,

$ ./awssecuritypictures/ --elb ELBNAME --rds RDSID -o


$ ./awssecuritypictures/ --ec2 EC2ID --rds RDSID -o

The above generate the dot files required. In order to see the output image,

$ dot -T png -o output.png

Generate a list of all ELBs and EC2s,

$ ./awssecuritypictures/

Make use of AWS CLI profiles,

$ ./awssecuritypictures/ --profile PROFILENAME


$ ./awssecuritypictures/ -p PROFILENAME

More handy arugments can be found here,

$ ./awssecuritypictures/ -h

It is recommended to utiliase a runscript provided that executes above commands in one go. More info,

$ ./run -h




Generate all rules within a subnet for review,

$ ./experiments/ > && fdp -Tpng >x.png && eog x.png

Generate the relationships of all the items with a account,

$ ./experiments/ > && fdp -Tpng >x.png && eog x.png


ELB pointing to a single instances.

Cookies help us deliver our services. By using our services, you agree to our use of cookies Learn more