Get the FREE Ultimate OpenClaw Setup Guide →

aws-diagram

npx machina-cli add skill mpuig/claude-cloud-diagrams/aws-diagram --openclaw
Files (1)
SKILL.md
5.1 KB

AWS Diagram Generator

Generate architecture diagrams from aws_infrastructure.json using the Python diagrams library.

Before Starting

  1. Check that aws_infrastructure.json exists in the current directory

  2. Ask user which diagram type they want:

    • architecture - Overall infrastructure overview
    • security - Security controls and traffic flow
    • network - Network topology and connectivity
    • data-flow - Data flow between components
    • all - Generate all types

  3. Ask for output format: png (default), svg, or pdf

Process

  1. Read aws_infrastructure.json
  2. Generate Python code using the diagrams library
  3. Write the code to a temporary file
  4. Execute it with python <file>.py
  5. Report the generated files to the user

Diagrams Library Reference

Basic Structure

from diagrams import Diagram, Cluster, Edge

with Diagram("Title", filename="output_name", outformat="png", show=False):
    # Create nodes and connections

AWS Icons (import from diagrams.aws.*)

Compute:

from diagrams.aws.compute import ECS, Lambda, Fargate, EC2, EKS, Batch, ECR

Database:

from diagrams.aws.database import RDS, Aurora, ElastiCache, Dynamodb, DocumentDB, Neptune, Redshift

Note: Use Dynamodb (not DynamoDB)

Network:

from diagrams.aws.network import ALB, NLB, CloudFront, Route53, VPC, InternetGateway, NATGateway, TransitGateway, Endpoint, APIGateway

Storage:

from diagrams.aws.storage import S3, EFS

Security:

from diagrams.aws.security import WAF, Shield, ACM, Cognito, SecretsManager, KMS, IAM

Integration:

from diagrams.aws.integration import SQS, SNS, Eventbridge, StepFunctions

Note: Use Eventbridge (not EventBridge)

Analytics:

from diagrams.aws.analytics import Kinesis, Athena, Glue, EMR, Quicksight

Management:

from diagrams.aws.management import Cloudwatch, CloudwatchAlarm, Cloudtrail

General (for unknown services):

from diagrams.aws.general import General

External/Users:

from diagrams.onprem.network import Internet
from diagrams.onprem.client import Users

Connections

# Left to right flow
node1 >> node2
node1 >> Edge(label="HTTPS") >> node2

# Multiple targets
node1 >> [node2, node3]

Clusters (for grouping)

with Cluster("VPC"):
    with Cluster("Public Subnet"):
        alb = ALB("Load Balancer")
    with Cluster("Private Subnet"):
        app = Fargate("App")

Diagram Types

Architecture Diagram

Show overall infrastructure:

  • Internet/Users connecting to load balancers
  • Load balancers to compute (ECS, Lambda, EC2)
  • Compute to databases (RDS, DynamoDB, ElastiCache)
  • Storage services (S3)
  • Group by VPC and subnet types

Security Diagram

Show security controls:

  • WAF protecting load balancers
  • Cognito for authentication
  • ACM certificates
  • Security boundaries (VPC, subnets)
  • Traffic flow from external to internal
  • KMS, Secrets Manager

Network Diagram

Show network topology:

  • VPC with CIDR
  • Subnets grouped by availability zone
  • Internet Gateway and NAT Gateways
  • Transit Gateway connections
  • VPC Endpoints

Data Flow Diagram

Show data movement:

  • How data enters (API, events)
  • Processing pipeline (compute services)
  • Data storage destinations
  • Caching layers
  • Event flows (SQS, SNS, EventBridge)

Output Files

Use these filenames:

  • aws_architecture.png
  • aws_security.png
  • aws_network.png
  • aws_data_flow.png

Guidelines

  1. Set show=False in Diagram constructor
  2. Create meaningful labels from the JSON data
  3. Draw connections based on logical relationships
  4. Use Clusters to group related resources
  5. Limit displayed items to 3-5 per category for readability
  6. For services not in the library, use General
  7. Always use the exact import names (case-sensitive)

Example Generated Code

from diagrams import Diagram, Cluster
from diagrams.aws.compute import Fargate
from diagrams.aws.database import RDS, ElastiCache
from diagrams.aws.network import ALB, InternetGateway
from diagrams.aws.storage import S3
from diagrams.onprem.network import Internet

with Diagram("AWS Architecture - MyProject (PROD)", filename="aws_architecture", outformat="png", show=False):
    internet = Internet("Users")

    with Cluster("VPC: 10.0.0.0/16"):
        igw = InternetGateway("IGW")

        with Cluster("Public Subnet"):
            alb = ALB("Public ALB")

        with Cluster("Private Subnet"):
            with Cluster("ECS Cluster"):
                svc1 = Fargate("api")
                svc2 = Fargate("worker")

            db = RDS("Aurora")
            cache = ElastiCache("Redis")

    s3 = S3("Assets")

    internet >> igw >> alb >> [svc1, svc2]
    svc1 >> [db, cache, s3]
    svc2 >> [db, s3]

After Generation

Tell the user:

  1. Which diagram files were created
  2. They can open PNG/SVG directly or import into documentation

Source

git clone https://github.com/mpuig/claude-cloud-diagrams/blob/main/skills/aws-diagram/SKILL.mdView on GitHub

Overview

aws-diagram generates AWS architecture diagrams from aws_infrastructure.json using the diagrams Python library. It supports multiple diagram types—architecture, security, network, data-flow, or all—and can output PNG, SVG, or PDF for sharing with stakeholders.

How This Skill Works

The tool reads aws_infrastructure.json, builds Python code with the diagrams library to represent the AWS resources, writes the code to a temporary file, and executes it to render the diagram. It uses AWS icon modules (compute, database, network, etc.) and can group resources with Clusters to reflect VPCs and subnets.

When to Use It

  • You have an infrastructure JSON file and need a clear architecture overview for stakeholders.
  • You want to illustrate security controls and traffic flow in a dedicated diagram.
  • You need a network topology view showing VPCs, subnets, gateways, and endpoints.
  • You want to map data flows between API gateways, compute services, and storage.
  • You are preparing diagrams in PNG, SVG, or PDF formats for documentation.

Quick Start

  1. Step 1: Ensure aws_infrastructure.json exists in the current directory.
  2. Step 2: Decide the diagram type (architecture, security, network, data-flow, or all).
  3. Step 3: Run the tool to generate diagrams and review outputs (e.g., aws_architecture.png, aws_security.png).

Best Practices

  • Keep aws_infrastructure.json up to date with all resources and relationships.
  • Choose the diagram type that best matches your audience (architecture, security, network, or data-flow).
  • Use meaningful labels derived from the JSON data to improve readability.
  • Leverage Clusters to group resources by VPCs, subnets, or deployment zones.
  • Verify output filenames align with the diagram type (e.g., aws_architecture.png, aws_security.png).

Example Use Cases

  • Architecture diagram for a multi-tier web app showing ALB, ECS, RDS, and S3.
  • Security diagram highlighting WAF, IAM roles, KMS, and Secrets Manager boundaries.
  • Network diagram detailing VPCs, CIDRs, subnets, Internet Gateways, and NAT Gateways.
  • Data flow diagram tracing API calls from API Gateway to Lambda and DynamoDB.
  • Comprehensive set generating architecture, security, network, and data-flow diagrams in multiple formats.

Frequently Asked Questions

Add this skill to your agents
Sponsor this space

Reach thousands of developers