Fetching VPC details using AWS Lambda

Often in an Enterprise environment, it’s important to have visibility about VPCs and associated components like NACLs, Route Tables etc. This sort of details can be very useful while performing operations like updating Route Tables or NACLs.

For this demo, we have 2 VPCs in North Virginia region. .

Each VPC has a Public and a Private subnet.Private VPC in VPC_US_EAST_1 VPC doesn’t have a NAT gateway or NAT instance associated with it while Private VPC in VPC2_US_EAST_1 VPC has a NAT gateway attached. Each subnet has a different Route Table associated with it.

We have few instances running in and each subnet(4 in our case) has at least 1 running instance.

We also need SES setup in order to send our VPC report via mail. You may also need to whitelist the recipient’s email address/addresses via SES console.

Before creating our Lambda function, create an IAM role for that Lambda with following IAM permissions:

“ec2:DescribeInstances”,
“ec2:DescribeVpcs”,
“ses:SendRawEmail”,
“ec2:DescribeSubnets”,
“ec2:DescribeNetworkAcls”,
“ec2:DescribeRouteTables”