← Back to Case Studies
Cloud Optimization
AWS Resource Analyzer
Multi-agent AI-powered tool for discovering, analyzing, and identifying orphaned AWS resources across accounts — with full GovCloud compatibility.
The Challenge
AWS accounts accumulate orphaned resources over time, leading to unnecessary costs and security risks:
- Resources created for testing or development are forgotten and never cleaned up
- Dependencies between resources are complex and hard to track manually
- Multi-account environments (AWS Organizations) multiply the problem
- GovCloud environments have additional compliance requirements
The Solution
AWS Resource Analyzer uses AI agents to automatically discover, map, and analyze resources:
- Resource Discovery — Crawls 12+ AWS services (EC2, Lambda, S3, RDS, DynamoDB, IAM, VPC, etc.)
- Relationship Mapping — Detects dependencies between resources (Lambda→IAM, EC2→VPC)
- Orphan Detection — Identifies resources with no dependencies (cleanup candidates)
- AI Analysis — Uses AWS Bedrock (Claude 3) for intelligent recommendations
Quick Start
# Single account analysis (GovCloud)
./run.sh analyze --regions us-gov-west-1 --ai
# Multi-account scan (AWS Organizations)
./scan-org.sh --role-name OrganizationAccountAccessRole --region us-gov-west-1 --ai
# Without AI (if Bedrock not available)
./run.sh analyze --regions us-gov-west-1 --no-ai
Services Scanned
EC2
Lambda
S3
RDS
DynamoDB
IAM
VPC
ECS
EKS
SNS
SQS
CloudFormation
Multi-Account Support
| Environment | Cross-Account Role |
|---|
| LZA (Landing Zone Accelerator) | AWSLandingZoneAdminExecutionRole |
| AWS Organizations default | OrganizationAccountAccessRole |
| Control Tower | AWSControlTowerExecution |
GovCloud Compatibility
- Full support for us-gov-west-1 and us-gov-east-1 regions
- Pre-configured GovCloud settings included
- Air-gapped installation option — all dependencies vendored, no internet required
- Compatible with LZA (Landing Zone Accelerator) deployments
Key Features
- Dependency Graph — Visualize relationships between resources
- Orphan Scoring — Prioritize cleanup candidates by risk and cost
- AI Recommendations — Intelligent suggestions for resource optimization
- Checkpoint/Resume — Resume interrupted scans without starting over
- Read-Only — Safe to run in production (no modifications made)
Use Cases
- Cost Optimization — Identify and remove unused resources
- Security Audit — Find orphaned IAM roles and security groups
- Compliance — Document resource inventory for auditors
- Migration Prep — Understand dependencies before account migrations