Introducing Live Cloud Service Discovery

Today we launch the biggest new feature for the Clouds and Light platform yet: the ability to embed live AWS and GCP service data into your documents and workflows. The service goes live with full support for 47 AWS services and 20 GCP services, with additional cloud providers and services being rolled out in the next few weeks.

Here are three ways this changes how you work with cloud infrastructure.

Cloud Application Compliance and Audit

Regulated industries have sophisticated control frameworks around cloud standards. However, a key challenge with audit processes is the gap between the audit discovery process and the control owner certifying that running services align to the controls.

What if you could have a single document which contains the control wording with a dynamic view of the application and service in question? The service owner can then attest that the service as viewed live meets the control standards. The result is an immutable document combining the control wording, a real-time view of the application, and the service owner's signed attestation — a complete audit record in a single place.

Here is a controls document combined with real time service discovery and user attestation in a single process.

If you load it anonymously it will populate with mock AWS data. When you create an account you can link your AWS test account from your user profile and see the document update as you modify your AWS account.

Security, Resilience and FinOps recommendations

Many IT teams will produce best practice recommendations for the configuration of services. You might recommend that AWS S3 storage is configured to be multi-region for disaster recovery but use reduced redundancy storage to save costs for short-lived objects. But these recommendations often live deep in intranet sites or as Word documents.

By combining best practice guidance with live service discovery you can provide a single dynamic view of the service and your standards, which updates automatically as changes are implemented.

Training Courses

Many companies want to upskill their staff with cloud skills and hands-on learning, but this can be expensive. By linking the training materials with a student's AWS or GCP account they can work through the course and see real-time feedback on the services they build in the course itself, allowing them to check for mistakes before moving to the next section. This provides many of the benefits of hands-on, instructor-led training with a far more flexible and cost-effective delivery mechanism.

You can see this in action with service discovery integrated into a Three Tier Web Setup Course for AWS Three Tier Web Application and now for GCP Three Tier Web Application. The GCP course is in active development, but if you have linked a GCP account you can already see live service discovery sections embedded throughout the course.

Adding Live Discovery to a Document

Adding discovery to a document takes a single block of markup. Every document on this platform is built from a custom markup language — a simplified HTML with specialised tags for documentation creation.

To add service discovery for EC2, you would insert the following:

[discover provider:aws region:eu-west-2]
- ec2: name, instance_id, instance_type, state, private_ip, public_ip, vpc_id, subnet_id, key_name, launch_time, availability_zone, platform, architecture, ami_id, iam_role, security_groups, tags
[/discover]

The site then renders this as:

On this public website this reads data from the user's connected AWS accounts stored in the user profile.

Try this in 30 seconds (no login required).

Go to the online " Markup Editor " and select the "Discover" button.
Choose "AWS" or "GCP" and select a service, for example "EC2" or "S3" on AWS or "Compute Engine Instances" or "Cloud Storage Buckets" on GCP.
Add the attributes you are interested in and click "Add to Block" to add the attributes to the generated code block.
Click "Insert Discover Block" to add the Markup to the document.
Feel free to add text around it, then click the Preview button to see the discovered services.

By combining the ability to import your existing documents and add cloud service discovery in 30 seconds you can transform how you see and share your cloud infrastructure.

Supported Services

The service discovery currently supports 47 AWS services and 20 GCP services with over 1000 attributes. By the end of March 2026 the platform will support five cloud providers and around 250 services.

We recommend using up to 12 services per cloud provider on a single page, as cloud providers can throttle requests to the discovery APIs on their platforms. To support higher density at scale, the enterprise edition includes a caching layer and on-demand loading of service data.

The following services are supported. Click on the links to see the mock data presentation and real-time data from your linked cloud account:

Supported AWS Services

Link	Count	Services
Compute and Networking	12	EC2, AMIs, Key Pairs, Elastic IPs, ELB, VPCs, Subnets, Security Groups, Network ACLs, Route Tables, Internet Gateways, NAT Gateways
Storage and Databases	12	S3, EBS Volumes, EBS Snapshots, EFS, RDS Instances, RDS Clusters, DynamoDB, ElastiCache Clusters, ElastiCache Replication Groups, Redshift, VPC Endpoints, VPC Peering
Serverless and Integration	12	Lambda, Step Functions, SNS, SQS, Kinesis, EventBridge, EMR, CloudFront, Route 53, ECR, CodeBuild, CodePipeline
Security and Management	11	IAM Policies, KMS Keys, ACM Certs, Secrets Manager, WAF (Regional), GuardDuty, Config Rules, CloudWatch Alarms, CloudTrail, SSM Parameters, Glue Databases

Supported GCP Services

Link	Count	Services
GCP Services	20	Compute Instances, Cloud Functions, GKE Clusters, Cloud Run Services, VPC Networks, Subnetworks, Firewall Rules, URL Maps, Cloud Storage Buckets, Persistent Disks, BigQuery Datasets, Spanner Instances, Pub / Sub Topics, Pub / Sub Subscriptions, KMS Key Rings, IAM Service Accounts, DNS Managed Zones, Artifact Registry Repositories, Cloud Monitoring Alert Policies, Cloud SQL Instances.

Roadmap

Currently we are adding support for Microsoft Azure, Alibaba Cloud and Oracle Cloud Infrastructure. The aim is to have five cloud providers integrated with around 50 services each live by the end of March 2026. If you look at the user profile pages or the markup editor you will see support for adding accounts and integrating service discovery is already in progress.

In parallel we are developing support for tests on discovered services. You could, for example, insert a rule which states "List all the S3 buckets which aren't encrypted with a KMS key" or "Show me EC2 instances grouped by Intel, AMD or ARM instance types" — turning a static document into a live, queryable view of your infrastructure.

The enterprise edition will also add document-level permissions for service discovery, so you can link review documents to specific services and separate this from document viewer permissions — particularly powerful for audits and control reviews.

We are always happy to arrange demos, discuss the product roadmap, or talk about the implementation partners we are working with to bring this to customers.

Cloud data used to be buried in complex consoles and obscure command-line tools. By surfacing it in real-time web views we democratise the data and open up a wide range of possibilities to present it in clear formats, to the people who need to understand it.

Get in touch at support@cloudsandlight.com — we'd love to hear from you.

User Name