from diagrams import Cluster, Diagram, Edge
from diagrams.aws.compute import EC2
from diagrams.aws.database import RDS
from diagrams.aws.network import ELB, VPC, NATGateway, InternetGateway
from diagrams.aws.management import SystemsManager as SSM
from diagrams.onprem.client import Users
from diagrams.onprem.network import Internet
with Diagram("3 Tier Web Module", show=False):
users = Users("Users")
internet = Internet("Internet")
with Cluster("Region Sa-East-1"):
ssm = SSM("SSM Management")
with Cluster("VPC"):
with Cluster("subnet/public"):
igw = InternetGateway("InternetGateway")
lb = ELB("lb")
with Cluster("subnet/private"):
with Cluster("App"):
auto_scaling_group = [EC2("app1"), EC2("app2")]
with Cluster("Database"):
database = RDS("app_db")
natgw = NATGateway("NATGW")
users >> internet >> lb >> auto_scaling_group
natgw - auto_scaling_group
auto_scaling_group - Edge(style="dotted") - database
ssm >> Cluster("subnet/private")
from diagrams.onprem.ci import GitlabCI
from diagrams.aws.storage import S3
with Diagram("EKS Cluster", show=False, direction="LR"):
ssl_certificate = ACM("SSL cert")
dns_name = Route53("DNS domain")
load_balancer = ELB("Load balancer")
with Cluster("Custom VPC"):
with Cluster("Public network"):
public_subnets = [
PublicSubnet("Subnet zone a"),
PublicSubnet("Subnet zone b"),
PublicSubnet("Subnet zone c"),
PublicSubnet("Subnet zone d"),
]
nat_gateway = NATGateway("NAT gateway")
with Cluster("Private network"):
private_subnets = [
PrivateSubnet("Subnet zone a"),
PrivateSubnet("Subnet zone b"),
PrivateSubnet("Subnet zone c"),
PrivateSubnet("Subnet zone d"),
]
with Cluster("Kubernetes cluster"):
autoscaling_group = AutoScaling("Autoscaling group")
autoscaling_group_instances = [
EC2("K8s worker zone a"),
EC2("K8s worker zone b"),
EC2("K8s worker zone c"),
EC2("K8s worker zone d"),
]
from diagrams import Cluster, Diagram
from diagrams.aws.compute import EC2
from diagrams.aws.network import InternetGateway, NATGateway, VPC, PublicSubnet, PrivateSubnet
from diagrams.aws.storage import S3
with Diagram("Connecting to S3 over the internet", show=False, direction = "BT"):
with Cluster("VPC"):
VPC()
with Cluster("Public Subnet"):
PublicSubnet()
ig = InternetGateway("Internet Gateway")
nat = NATGateway("NAT Gateway")
with Cluster("Private Subnet"):
PrivateSubnet()
svc_group = [EC2("web%s" % idx) for idx in [1,2,3,4,5]]
s3 = S3("S3")
svc_group >> nat
nat >> ig
ig >> s3
def compile(self, vpc_id, profile_name, region_name):
"""Build Diagram of the subnets."""
self.p("Compiling: {} / {} / {}".format(vpc_id, profile_name, region_name))
vpn_gws = self.get_vpn_gateways(vpc_id, profile_name=profile_name, region_name=region_name)
subnets = self.get_subnets(vpc_id, profile_name=profile_name, region_name=region_name)
nat_gws = self.get_nat_gateways(vpc_id, profile_name=profile_name, region_name=region_name)
inet_gws = self.get_internet_gateways(vpc_id, profile_name=profile_name, region_name=region_name)
transit_gws = self.get_transit_gateways(vpc_id, profile_name=profile_name, region_name=region_name)
route_tables = self.get_route_tables(vpc_id, profile_name=profile_name, region_name=region_name)
# self.pp(route_tables)
with Diagram(vpc_id,
filename="images/{}/subnets_{}".format(self.get_account_id(profile_name, region_name), vpc_id),
show=False,
graph_attr=self.graph_attr):
internet_gateways = {}
for inet_gw in inet_gws:
internet_gateways[inet_gw['InternetGatewayId']] = InternetGateway(inet_gw['InternetGatewayId'])
nat_gateways = {}
for nat_gw in nat_gws:
nat_gateways[nat_gw['NatGatewayId']] = NATGateway(nat_gw['NatGatewayId'])
vpn_gateways = {}
for vpn_gw in vpn_gws:
vpn_gateways[vpn_gw['VpnGatewayId']] = ClientVpn(vpn_gw['VpnGatewayId'])
transit_gateways = {}
for transit_gw in transit_gws:
transit_gateways[transit_gw['TransitGatewayId']] = TransitGateway(transit_gw['TransitGatewayId'])
for subnet in subnets:
# self.pp(subnet)
subnet_tags = self._tags(subnet['Tags'])
with Cluster(subnet_tags['Name']):
diag_subnet = VPC("{}\n{}".format(subnet['CidrBlock'], subnet['AvailabilityZone']))
# Is this subnet associated with a RT?
for rtable in route_tables:
self.pp(rtable)
for rt_association in rtable['Associations']:
# self.pp(rt_association)
if 'SubnetId' in rt_association.keys() and rt_association['SubnetId'] == subnet['SubnetId']:
self.p("Found RT association")
for route in rtable['Routes']:
if 'NatGatewayId' in route and route['NatGatewayId'] in nat_gateways.keys():
self.p("Found NAT Gateway route: {}".format(route['NatGatewayId']))
diag_subnet >> nat_gateways[route['NatGatewayId']]
if 'GatewayId' in route and route['GatewayId'] in vpn_gateways.keys():
self.p("Found VPN Gateway route: {}".format(route['GatewayId']))
diag_subnet >> vpn_gateways[route['GatewayId']]
if 'GatewayId' in route and route['GatewayId'] in internet_gateways.keys():
self.p("Found Internet Gateway route: {}".format(route['GatewayId']))
diag_subnet >> internet_gateways[route['GatewayId']]
if 'TransitGatewayId' in route and route['TransitGatewayId'] in transit_gateways.keys():
self.p("Found Transit Gateway route: {}".format(route['TransitGatewayId']))
diag_subnet >> transit_gateways[route['TransitGatewayId']]
from diagrams.onprem.container import Docker
from diagrams.aws.storage import S3
with Diagram("Notejam Cloud Infrastructure", show=False, direction="LR"):
ssl_certificate = ACM("SSL Cert")
dns_name = Route53("DNS Domain")
load_balancer = ELB("Load Balancer")
with Cluster("VPC"):
with Cluster("Public Network"):
public_subnets = [
PublicSubnet("Subnet a"),
PublicSubnet("Subnet b"),
PublicSubnet("Subnet c"),
]
nat_gateways = [
NATGateway("NAT Gateway a"),
NATGateway("NAT Gateway b"),
NATGateway("NAT Gateway c"),
]
bastion_host = EC2("Bastion Host")
with Cluster("Private Network"):
private_subnets = [
PrivateSubnet("Subnet a"),
PrivateSubnet("Subnet b"),
PrivateSubnet("Subnet c"),
]
with Cluster("ECS Cluster"):
autoscaling_group = AutoScaling("Autoscaling Group")
autoscaling_group_instances = [
EC2("EC2 Instance a"),
EC2("EC2 Instance b"),
def compile(self,
vpc_id,
profile_name: str = "default",
region_name: str = "us-west-2"):
self.p(f"Compiling: {vpc_id} / {profile_name} / {region_name}")
vpn_gws = self.get_vpn_gateways(vpc_id,
profile_name=profile_name,
region_name=region_name)
subnets = self.get_subnets(vpc_id,
profile_name=profile_name,
region_name=region_name)
nat_gws = self.get_nat_gateways(vpc_id,
profile_name=profile_name,
region_name=region_name)
inet_gws = self.get_internet_gateways(vpc_id,
profile_name=profile_name,
region_name=region_name)
route_tables = self.get_route_tables(vpc_id,
profile_name=profile_name,
region_name=region_name)
# self.pp(route_tables)
with Diagram(vpc_id, filename=f"images/subnets_{vpc_id}", show=False):
internet_gateways = {}
for inet_gw in inet_gws:
internet_gateways[
inet_gw['InternetGatewayId']] = InternetGateway(
inet_gw['InternetGatewayId'])
nat_gateways = {}
for nat_gw in nat_gws:
nat_gateways[nat_gw['NatGatewayId']] = NATGateway(
nat_gw['NatGatewayId'])
vpn_gateways = {}
for vpn_gw in vpn_gws:
vpn_gateways[vpn_gw['VpnGatewayId']] = ClientVpn(
vpn_gw['VpnGatewayId'])
for subnet in subnets:
# self.pp(subnet)
subnet_tags = self._tags(subnet['Tags'])
with Cluster(subnet_tags['Name']):
diag_subnet = VPC(
f"{subnet['CidrBlock']}\n{subnet['AvailabilityZone']}")
# Is this subnet associated with a RT?
for rt in route_tables:
self.pp(rt)
for rt_association in rt['Associations']:
# self.pp(rt_association)
if 'SubnetId' in rt_association.keys(
) and rt_association['SubnetId'] == subnet['SubnetId']:
self.p(f"Found RT association")
for route in rt['Routes']:
if 'NatGatewayId' in route and route[
'NatGatewayId'] in nat_gateways.keys():
self.p(
f"Found NAT Gateway route: {route['NatGatewayId']}"
)
diag_subnet >> nat_gateways[
route['NatGatewayId']]
if 'GatewayId' in route and route[
'GatewayId'] in vpn_gateways.keys():
self.p(
f"Found VPN Gateway route: {route['GatewayId']}"
)
diag_subnet >> vpn_gateways[
route['GatewayId']]
if 'GatewayId' in route and route[
'GatewayId'] in internet_gateways.keys(
):
self.p(
f"Found Internet Gateway route: {route['GatewayId']}"
)
diag_subnet >> internet_gateways[
route['GatewayId']]
azure_icon = "azure.png"
urlretrieve(azure_url, azure_icon)
with Diagram(""):
azure = Custom("Azure", azure_icon)
dns = Route53("dns")
office = Switch("office")
with Cluster("odhk-data-vpc"):
cf = CloudFront("odhk-data-cf")
waf = WAF("odhk-data-waf")
s3 = S3("odhk-data-s3")
rt = RouteTable("odhk-data-rt")
natrt = RouteTable("odhk-data-nat-rt")
igw = InternetGateway("odhk-data-igw")
with Cluster("odhk-data-gw-subnet"):
natgw = NATGateway("odhk-data-nat-gw")
with Cluster("data-public-subnet"):
elb = ELB("data-pipeline-elb")
with Cluster("data-pg-sg"):
ppg = RDS("pipeline-pg")
wpg = RDS("warehouse-pg")
with Cluster("data-pipeline-subnet"):
eks = EKS("data-pipeline-eks")
with Cluster("data-pipelie-eks-ng"):
ng = EC2("data-pipelie-eks-node")
with Cluster("data-pipelie-redis-sg"):
ec = ElastiCache("data-pipeline-ec")
with Cluster("odhk-data-integration-subnet"):
alb = ELB("odhk-data-integration-alb")
ecs = ECS("odhk-data-integration-ecs")
with Cluster("data-integration-tg"):