Summarizer Output (Step 1)
{
"app_summary": "Compute tier is two EC2 instances: i-0601780d500bb51ea (t2.medium, subnet-0b8c568bc3659b486, private 172.31.27.120, stopped) and i-0322a28bf1a8a68c5 (t2.micro, subnet-05c9a438bb7c68867, private 172.31.87.12, stopped). Both attach to security group sg-090ff45d5d6ad1cd4 and have no IAM instance profile evidenced.",
"boundary_label": "Authorization Boundary: AWS Account 154776478584 (us-east-1) / VPC vpc-033668c99bb7641b0 (172.31.0.0/16, default VPC)",
"data_summary": "No RDS instances, S3 buckets, or other data stores evidenced. Treat EC2/EBS as local storage only; represent data persistence as attached EBS volumes (counts only) without naming specific volume IDs.",
"flow_labels": {
"admin_flow": "Administrator (Internet) \u2192 A",
"app_to_data": "EC2 instance \u2192 attached EBS ",
"ingress_flow": "Internet ingress via IGW to ",
"log_flow": "Workload/Network logs \u2192 (log",
"user_flow": "End User (Internet) \u2192 IGW \u2192 "
},
"grouping_hints": {
"data_tier": "No separate managed data tier; show \u0027EBS (3 volumes, attached to EC2)\u0027 as a small shared data box within the VPC near the EC2 instances.",
"perimeter": "Place \u0027Internet\u0027 outside the authorization boundary; show IGW on the VPC edge as the only evidenced north/south gateway. Do not show NAT or endpoints (none evidenced).",
"security": "Show \u0027Security Group sg-090ff45d5d6ad1cd4 (shared)\u0027 adjacent to EC2 instances; optionally add a small \u0027Other SGs (2) / NACLs (1) (details not evidenced)\u0027 placeholder group with dashed styling.",
"subnets": "Group six subnets under the VPC in an \u0027AZ/Subnets\u0027 band; visually emphasize the two subnets hosting EC2 instances (subnet-0b8c568bc3659b486 in us-east-1d and subnet-05c9a438bb7c68867 in us-east-1c). Remaining subnets can be summarized as \u0027Other public-mapped subnets (4)\u0027."
},
"layout_hints": {
"legend_position": "right",
"responsive_canvas": true,
"side_panels": true,
"subnet_columns": 3,
"support_panel_position": "left"
},
"network_summary": "Perimeter consists of IGW igw-0c2d9b6f737cc026e attached to VPC vpc-033668c99bb7641b0. Six subnets across AZs us-east-1a/b/c/d/e/f (172.31.0.0/20, 16.0/20, 32.0/20, 48.0/20, 64.0/20, 80.0/20) with map_public_ip_on_launch=true. No NAT gateways and no VPC endpoints; depict egress/ingress primarily via IGW (subject to routes/SGs not fully evidenced).",
"overview": "Single default VPC with an attached Internet Gateway and six subnets (all configured to map public IPs on launch). Two stopped EC2 instances run in separate subnets and share one security group. No NAT gateways, VPC endpoints, managed data stores, or logging services are evidenced.",
"placeholder_sections": [
"management_path",
"cloudtrail",
"cloudwatch_logs",
"vpc_flow_logs",
"data_services"
],
"security_summary": "Identity resources exist (IAM roles/users/password policy/credential report counts), but specific identities are not enumerated here; show IAM as an account-level control plane element. Network security artifacts include 3 security groups and 1 network ACL (details not provided); depict SG sg-090ff45d5d6ad1cd4 as the shared instance SG, and represent other SG/NACL as unlabeled placeholders only if needed for completeness.",
"style_goals": [
"Keep a strict two-level boundary: Account/Region outer boundary and VPC inner boundary with clear perimeter (IGW) separation",
"Minimize duplication by grouping the six subnets into an AZ/subnet band while highlighting the two subnets that contain EC2 instances",
"Use dashed lines for placeholders/unknowns and solid lines only for evidenced components and flows"
],
"title": "AWS us-east-1 VPC Data-Flow \u0026 Authorization Boundary (Account 154776478584)"
}
Evidence JSON (Audit Trail)
{
"account_id": "154776478584",
"counts": {
"assets": [
{
"count": 3,
"resource_type": "ebs_volume"
},
{
"count": 2,
"resource_type": "ec2_instance"
}
],
"data_stores": [],
"identities": [
{
"count": 1,
"resource_type": "iam_credential_report"
},
{
"count": 1,
"resource_type": "iam_password_policy"
},
{
"count": 4,
"resource_type": "iam_role"
},
{
"count": 5,
"resource_type": "iam_user"
}
],
"network_components": [
{
"count": 1,
"resource_type": "internet_gateway"
},
{
"count": 1,
"resource_type": "network_acl"
},
{
"count": 1,
"resource_type": "route_table"
},
{
"count": 3,
"resource_type": "security_group"
},
{
"count": 6,
"resource_type": "subnet"
},
{
"count": 1,
"resource_type": "vpc"
}
]
},
"ingestion_run_id": "4f6cda72-e405-4f30-9bde-aa3f17639f45",
"notes": {
"no_hallucination": true,
"resource_types_supported": [
"vpc",
"subnet",
"internet_gateway",
"nat_gateway",
"vpc_endpoint",
"vpc_flow_log",
"ec2_instance",
"rds_instance",
"s3_bucket",
"cloudtrail_trail",
"cloudwatch_log_group"
],
"sample_limit": 50
},
"resources": {
"cloudtrail_trails": [],
"cloudwatch_log_groups": [],
"ec2_instances": [
{
"account_id": "154776478584",
"data": {
"ebs_optimized": false,
"iam_instance_profile": null,
"instance_id": "i-0601780d500bb51ea",
"instance_type": "t2.medium",
"launch_time": "2022-09-10T16:59:37Z",
"monitoring_enabled": false,
"private_ip": "172.31.27.120",
"public_ip": null,
"security_group_ids": [
"sg-090ff45d5d6ad1cd4"
],
"state": "stopped",
"subnet_id": "subnet-0b8c568bc3659b486",
"tags": {
"Name": "First Instance"
},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "32a0eba7-e121-4edc-b1c1-bffef2933ace",
"region": "us-east-1",
"resource_id": "i-0601780d500bb51ea",
"resource_type": "ec2_instance"
},
{
"account_id": "154776478584",
"data": {
"ebs_optimized": false,
"iam_instance_profile": null,
"instance_id": "i-0322a28bf1a8a68c5",
"instance_type": "t2.micro",
"launch_time": "2022-09-20T23:57:09Z",
"monitoring_enabled": false,
"private_ip": "172.31.87.12",
"public_ip": null,
"security_group_ids": [
"sg-090ff45d5d6ad1cd4"
],
"state": "stopped",
"subnet_id": "subnet-05c9a438bb7c68867",
"tags": {
"Name": "Second Instance"
},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "5e7c6ca8-9065-4bcc-9165-dc107f489b27",
"region": "us-east-1",
"resource_id": "i-0322a28bf1a8a68c5",
"resource_type": "ec2_instance"
}
],
"internet_gateways": [
{
"account_id": "154776478584",
"data": {
"attachments": [
{
"State": "available",
"VpcId": "vpc-033668c99bb7641b0"
}
],
"internet_gateway_id": "igw-0c2d9b6f737cc026e",
"tags": {}
},
"id": "7ba32aea-41e3-41ff-ad43-ae942914a211",
"region": "us-east-1",
"resource_id": "igw-0c2d9b6f737cc026e",
"resource_type": "internet_gateway"
}
],
"nat_gateways": [],
"rds_instances": [],
"s3_buckets": [],
"subnets": [
{
"account_id": "154776478584",
"data": {
"availability_zone": "us-east-1d",
"available_ip_address_count": 4090,
"cidr_block": "172.31.16.0/20",
"map_public_ip_on_launch": true,
"state": "available",
"subnet_id": "subnet-0b8c568bc3659b486",
"tags": {},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "0ca7e857-501a-4579-9f30-b196928262be",
"region": "us-east-1",
"resource_id": "subnet-0b8c568bc3659b486",
"resource_type": "subnet"
},
{
"account_id": "154776478584",
"data": {
"availability_zone": "us-east-1a",
"available_ip_address_count": 4091,
"cidr_block": "172.31.32.0/20",
"map_public_ip_on_launch": true,
"state": "available",
"subnet_id": "subnet-0c567848e2f3285b9",
"tags": {},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "0163976f-cd7a-4344-89e7-21923ede5856",
"region": "us-east-1",
"resource_id": "subnet-0c567848e2f3285b9",
"resource_type": "subnet"
},
{
"account_id": "154776478584",
"data": {
"availability_zone": "us-east-1f",
"available_ip_address_count": 4091,
"cidr_block": "172.31.64.0/20",
"map_public_ip_on_launch": true,
"state": "available",
"subnet_id": "subnet-06c23e873cdba6e94",
"tags": {},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "6de8f5bc-f770-4210-8378-7e35eb23fb8d",
"region": "us-east-1",
"resource_id": "subnet-06c23e873cdba6e94",
"resource_type": "subnet"
},
{
"account_id": "154776478584",
"data": {
"availability_zone": "us-east-1c",
"available_ip_address_count": 4090,
"cidr_block": "172.31.80.0/20",
"map_public_ip_on_launch": true,
"state": "available",
"subnet_id": "subnet-05c9a438bb7c68867",
"tags": {},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "e784ece9-6419-44d7-9377-18245fcb7131",
"region": "us-east-1",
"resource_id": "subnet-05c9a438bb7c68867",
"resource_type": "subnet"
},
{
"account_id": "154776478584",
"data": {
"availability_zone": "us-east-1b",
"available_ip_address_count": 4091,
"cidr_block": "172.31.0.0/20",
"map_public_ip_on_launch": true,
"state": "available",
"subnet_id": "subnet-0b3e792cb9abb6b15",
"tags": {},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "c9ced59b-6593-4686-a676-5f738af9753e",
"region": "us-east-1",
"resource_id": "subnet-0b3e792cb9abb6b15",
"resource_type": "subnet"
},
{
"account_id": "154776478584",
"data": {
"availability_zone": "us-east-1e",
"available_ip_address_count": 4091,
"cidr_block": "172.31.48.0/20",
"map_public_ip_on_launch": true,
"state": "available",
"subnet_id": "subnet-006336d9696975386",
"tags": {},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "9941a8ef-7fbb-44f9-b1da-eef0274aac63",
"region": "us-east-1",
"resource_id": "subnet-006336d9696975386",
"resource_type": "subnet"
}
],
"vpc_endpoints": [],
"vpc_flow_logs": [],
"vpcs": [
{
"account_id": "154776478584",
"data": {
"cidr_block": "172.31.0.0/16",
"dhcp_options_id": "dopt-0823549fe54a61393",
"instance_tenancy": "default",
"is_default": true,
"state": "available",
"tags": {},
"vpc_id": "vpc-033668c99bb7641b0"
},
"id": "10082cf8-7102-4134-a934-89c21d1accc0",
"region": "us-east-1",
"resource_id": "vpc-033668c99bb7641b0",
"resource_type": "vpc"
}
]
}
}