Coverage and known limitations

Dependency discovery covers all DNS queries made through Route 53 resolvers in your VPC, including both IPv4 and IPv6 queries, and queries from Amazon EC2, Amazon ECS, Amazon EKS, and VPC-connected Lambda. The following known limitations apply:

Limitation	Impact	Workaround
Non-VPC Lambda	Lambda functions without VPC connectivity are not covered	Connect Lambda to VPC or manually track dependencies
Direct IP connections	Connections made by IP address (not DNS) are not discovered	No workaround
Infrequent dependencies	Dependencies called less than once per hour may be missed in initial discovery	35-day lookback catches most; very rare calls may not appear
Kubernetes shared tenancy	Multi-tenant Amazon EKS clusters may attribute dependencies to the wrong service	Verify compute resource attribution is correctly mapping resources to services

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Classifying dependencies as hard or soft

Troubleshooting dependency discovery