AWS Diagram Generator
Generate architecture diagrams from aws_infrastructure.json using the Python diagrams library.
Before Starting
- •
Check that
aws_infrastructure.jsonexists in the current directory - •
Ask user which diagram type they want:
- •architecture - Overall infrastructure overview
- •security - Security controls and traffic flow
- •network - Network topology and connectivity
- •data-flow - Data flow between components
- •all - Generate all types
- •
Ask for output format: png (default), svg, or pdf
Process
- •Read
aws_infrastructure.json - •Generate Python code using the
diagramslibrary - •Write the code to a temporary file
- •Execute it with
python <file>.py - •Report the generated files to the user
Diagrams Library Reference
Basic Structure
python
from diagrams import Diagram, Cluster, Edge
with Diagram("Title", filename="output_name", outformat="png", show=False):
# Create nodes and connections
AWS Icons (import from diagrams.aws.*)
Compute:
python
from diagrams.aws.compute import ECS, Lambda, Fargate, EC2, EKS, Batch, ECR
Database:
python
from diagrams.aws.database import RDS, Aurora, ElastiCache, Dynamodb, DocumentDB, Neptune, Redshift
Note: Use Dynamodb (not DynamoDB)
Network:
python
from diagrams.aws.network import ALB, NLB, CloudFront, Route53, VPC, InternetGateway, NATGateway, TransitGateway, Endpoint, APIGateway
Storage:
python
from diagrams.aws.storage import S3, EFS
Security:
python
from diagrams.aws.security import WAF, Shield, ACM, Cognito, SecretsManager, KMS, IAM
Integration:
python
from diagrams.aws.integration import SQS, SNS, Eventbridge, StepFunctions
Note: Use Eventbridge (not EventBridge)
Analytics:
python
from diagrams.aws.analytics import Kinesis, Athena, Glue, EMR, Quicksight
Management:
python
from diagrams.aws.management import Cloudwatch, CloudwatchAlarm, Cloudtrail
General (for unknown services):
python
from diagrams.aws.general import General
External/Users:
python
from diagrams.onprem.network import Internet from diagrams.onprem.client import Users
Connections
python
# Left to right flow node1 >> node2 node1 >> Edge(label="HTTPS") >> node2 # Multiple targets node1 >> [node2, node3]
Clusters (for grouping)
python
with Cluster("VPC"):
with Cluster("Public Subnet"):
alb = ALB("Load Balancer")
with Cluster("Private Subnet"):
app = Fargate("App")
Diagram Types
Architecture Diagram
Show overall infrastructure:
- •Internet/Users connecting to load balancers
- •Load balancers to compute (ECS, Lambda, EC2)
- •Compute to databases (RDS, DynamoDB, ElastiCache)
- •Storage services (S3)
- •Group by VPC and subnet types
Security Diagram
Show security controls:
- •WAF protecting load balancers
- •Cognito for authentication
- •ACM certificates
- •Security boundaries (VPC, subnets)
- •Traffic flow from external to internal
- •KMS, Secrets Manager
Network Diagram
Show network topology:
- •VPC with CIDR
- •Subnets grouped by availability zone
- •Internet Gateway and NAT Gateways
- •Transit Gateway connections
- •VPC Endpoints
Data Flow Diagram
Show data movement:
- •How data enters (API, events)
- •Processing pipeline (compute services)
- •Data storage destinations
- •Caching layers
- •Event flows (SQS, SNS, EventBridge)
Output Files
Use these filenames:
- •
aws_architecture.png - •
aws_security.png - •
aws_network.png - •
aws_data_flow.png
Guidelines
- •Set
show=Falsein Diagram constructor - •Create meaningful labels from the JSON data
- •Draw connections based on logical relationships
- •Use Clusters to group related resources
- •Limit displayed items to 3-5 per category for readability
- •For services not in the library, use
General - •Always use the exact import names (case-sensitive)
Example Generated Code
python
from diagrams import Diagram, Cluster
from diagrams.aws.compute import Fargate
from diagrams.aws.database import RDS, ElastiCache
from diagrams.aws.network import ALB, InternetGateway
from diagrams.aws.storage import S3
from diagrams.onprem.network import Internet
with Diagram("AWS Architecture - MyProject (PROD)", filename="aws_architecture", outformat="png", show=False):
internet = Internet("Users")
with Cluster("VPC: 10.0.0.0/16"):
igw = InternetGateway("IGW")
with Cluster("Public Subnet"):
alb = ALB("Public ALB")
with Cluster("Private Subnet"):
with Cluster("ECS Cluster"):
svc1 = Fargate("api")
svc2 = Fargate("worker")
db = RDS("Aurora")
cache = ElastiCache("Redis")
s3 = S3("Assets")
internet >> igw >> alb >> [svc1, svc2]
svc1 >> [db, cache, s3]
svc2 >> [db, s3]
After Generation
Tell the user:
- •Which diagram files were created
- •They can open PNG/SVG directly or import into documentation