search

AWS

This page documents AWS-specific details for the Discover Assets feature.

hashtag
Prerequisites

  • Your AWS account must be added to MechCloud using OIDC federation. Follow the AWS onboarding guide to connect your account.

  • The IAM role used by MechCloud must allow read access to the resources you want to discover. At minimum attach AmazonEC2ReadOnlyAccess for EC2 and VPC inventory.

hashtag
How Discovery Works

When you run Discover Assets against an AWS account MechCloud queries AWS APIs to enumerate resources across the selected regions. The results are rendered in a hierarchical view that reflects AWS's resource organization:

  • Regions - top-level grouping (e.g. us-east-1, eu-west-1)

  • VPCs - within each region

  • Subnets - within each VPC

  • Instances - resources scoped to a subnet or VPC

  • Regional resources - resources scoped to a region such as Elastic IPs and EBS volumes

VPCs and subnets are displayed with their contained resources so you can see which EC2 instances sit inside which subnet and which EBS volumes are attached to which instance.

hashtag
Resource Cards

Each discovered resource is displayed as a card with key attributes:

EC2 Instances

  • Instance type (e.g. t3.medium, m6i.large)

  • Private and public IP addresses

  • Attached EBS volumes

  • Current state (running, stopped, terminated)

EBS Volumes

  • Volume type (e.g. gp3, gp2, io2)

  • Size in GB

  • Attached instance (if any)

  • Availability Zone

Elastic IPs

  • Public IP address

  • Associated resource (if any)

  • Allocation status

hashtag
Lifecycle Operations

The following operations are available directly from the discovery view:

Operation
Scope
Description

Start

EC2 Instance

Start a stopped instance

Stop

EC2 Instance

Stop a running instance

Reboot

EC2 Instance

Restart a running instance

Delete

EC2 Instance, EBS Volume, Elastic IP, VPC, Subnet

Remove the resource

All operations are available at the individual resource level and in bulk.

Cascading Deletes: When deleting a VPC or subnet MechCloud automatically identifies and removes dependent resources such as EC2 instances, network interfaces, route table associations and security-group-bound resources in the correct order. No manual cleanup is required.

hashtag
Identifying Waste

Use Discover Assets to spot resources that are incurring cost without providing value:

  • Unattached EBS volumes - volumes not attached to any EC2 instance continue to incur storage charges

  • Unused Elastic IPs - allocated public IPs not associated with a running resource can still be billed

  • Stopped instances with attached volumes - compute charges may stop, but EBS storage charges continue

These resources can be deleted directly from the discovery UI with a single click.

PreviousDiscover AssetsNextAzure

Last updated