What is Reachability Analyzer?
Reachability Analyzer is a configuration analysis tool that enables you to perform connectivity testing between a source resource and a destination resource in your virtual private clouds (VPCs). When the destination is reachable, Reachability Analyzer produces hop-by-hop details of the virtual network path between the source and the destination. When the destination is not reachable, Reachability Analyzer identifies the blocking component. For example, paths can be blocked by configuration issues in a security group, network ACL, route table, or load balancer.
Use cases
You can use Reachability Analyzer to do the following:
-
Troubleshoot connectivity issues caused by network misconfiguration.
-
Verify that your network configuration matches your intended connectivity.
-
Automate the verification of your connectivity intent as your network configuration changes.
Get started
To learn more about Reachability Analyzer, see How Reachability Analyzer works. For step-by-step directions using the AWS Management Console, see Getting started with Reachability Analyzer. For example commands using the AWS Command Line Interface (AWS CLI), see Getting started with Reachability Analyzer using the AWS CLI.
Access Reachability Analyzer
You can use any of the following options to create and manage Reachability Analyzer resources:
-
AWS Management Console — A web interface for AWS services, including Reachability Analyzer.
-
AWS Command Line Interface (AWS CLI) — Provides commands for AWS services, including Reachability Analyzer. The AWS CLI is supported on Windows, macOS, and Linux. For more information, see the AWS Command Line Interface User Guide.
-
AWS CloudFormation — Enables you to create templates that describe your AWS resources. You use a template to provision and manage AWS resources as a single unit. For more information, see the following resources: AWS::EC2::NetworkInsightsAnalysis and AWS::EC2::NetworkInsightsPath.
-
AWS SDKs — Provide language-specific APIs and take care of many of the connection details, such as calculating signatures, handling request retries, and handling errors. For more information, see AWS SDKs
. -
Query API — Provides low-level API actions that you call using HTTPS requests. Using the Query API is the most direct way to access Reachability Analyzer. However, the Query API requires that your application handle low-level details such as generating the hash to sign the request, and handling errors. For more information, see the Amazon EC2 API Reference.
Pricing
You are charged per analysis run between a source and destination. For pricing details,
open the Amazon VPC Pricing