from diagrams.aws.network import InternetGateway, RouteTable, VPCRouter from diagrams.aws.security import KMS, IAMRole from diagrams.generic.network import Firewall from diagrams.onprem.network import Internet graph_attr = { "pad": "0", "bgcolor": "transparent" } with Diagram("template-08", show=False, direction="LR", filename="diagram-08", graph_attr=graph_attr): internet = Internet("Public Internet") with Cluster("Vpc 10.0.0.0/16"): internet_gateway = InternetGateway("Igw") internet - internet_gateway routeTable = RouteTable("RouteTable") routeTable >> Edge(label="0.0.0.0/0", style="dashed") >> internet_gateway with Cluster("Subnet 10.0.0.0/24"): router = VPCRouter("Router\n10.0.0.1") router - Edge(style="dashed") - routeTable router - internet_gateway ec2 = EC2("ec2\n10.0.0.x") ec2 - Edge(style="dashed") - router sg = Firewall("SG: 22/tcp") ec2 - sg - router KMS("KeyPair") - ec2 ec2Role = IAMRole("Ec2InstanceRole") - ec2 cw = Cloudwatch("CloudWatch") cw - internet
"fontname": "Helvetica", "style": "rounded", "bgcolor": "transparent" } cluster = { "fontsize": "16", "fontname": "Helvetica", "style": "rounded", "bgcolor": "transparent" } with Diagram("Codebuild", graph_attr=graph_attr, direction="LR"): with Cluster("Code change", graph_attr=major_cluster): with Cluster("Trigger", graph_attr=cluster): Trigger = Cloudwatch("Event Trigger") IAMRole("Trigger Role") >> Trigger Cloudwatch = Codecommit("Code Change") >> Edge( color="firebrick") >> Cloudwatch("Event Rule") >> Trigger with Cluster("Build", graph_attr=cluster): Build = Codebuild("Codebuild") IAMRole("Codebuild Role") >> Build Build << Edge(color="black") >> ParameterStore("Build No") Build << Edge(color="black") >> ParameterStore("Latest") Build >> Edge(color="darkgreen") >> S3("Artefact Store") Trigger >> Edge(color="firebrick") >> Build
show=False, graph_attr=graph_attr): transit_gateway = None central_cloudtrail = None central_iam = None with Cluster('Security Account'): central_cloudtrail = Cloudtrail('Aggregated CloudTrail') central_iam = IAM('Centralized IAM') with Cluster('Billing Account'): CostExplorer('Centralized Cost Explorer') Budgets('Centralized Budgets') SavingsPlans('Centralized Savings Plans') ReservedInstanceReporting('Centralized Reserved Instance Reporting') IAMRole('Billing IAM Role') - central_iam with Cluster('Shared Services Account'): transit_gateway = TransitGateway('Centralized Transit Gateway') with Cluster('Public'): VPC('Public VPC') - transit_gateway with Cluster('Private VPC'): VPC('Private VPC') - transit_gateway Cloudtrail('Shared Service CloudTrail') - central_cloudtrail IAMRole('Shared Services IAM Role') - central_iam with Cluster('New Prod Account'): with Cluster('Prod VPC'): VPC('Prod VPC') - transit_gateway
from diagrams import Diagram from diagrams.aws.compute import Lambda from diagrams.aws.security import IAMRole with Diagram("AWS Lambda Function", show=False, direction="TB"): Lambda("lambda function") << IAMRole("lambda role")
from diagrams import Diagram from diagrams.aws.security import IAMRole, IAMPermissions with Diagram("AWS IAM Role", show=False, direction="TB"): IAMRole("iam role") << [ IAMPermissions("inline policies"), IAMPermissions("attached policies") ]
from diagrams import Diagram from diagrams.aws.security import IAMRole with Diagram("opscenter_role"): IAMRole("OpsCenterRole")