sam/dev_arc_aws
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dev_arc_aws/docs/aws-architecture/generate_diagram.py
Samuel James 04d491c277
All checks were successful
CI / validate (push) Successful in 48s
Details
System design, CloudFormation, theming assets (#3)
2026-06-24 13:55:04 +00:00

73 lines
2.3 KiB
Python
Raw Blame History

from diagrams import Diagram, Cluster, Edge
from diagrams.aws.security import Cognito, SecretsManager
from diagrams.aws.storage import S3
from diagrams.aws.network import Route53
from diagrams.aws.compute import Lambda
from diagrams.aws.engagement import SES
from diagrams.onprem.container import Docker
from diagrams.onprem.compute import Server
from diagrams.onprem.database import PostgreSQL
from diagrams.onprem.inmemory import Redis
from diagrams.onprem.network import Nginx
from diagrams.onprem.client import User
from diagrams.generic.storage import Storage
with Diagram("ArchNest SaaS - Hybrid Architecture", show=False, filename="/tmp/archnest-hybrid", direction="TB", outformat="png"):
users = User("Tenants")
with Cluster("Akamai Cloud"):
lb = Nginx("NodeBalancer\nHTTPS/WSS")
with Cluster("G7 Dedicated (4GB, 2 vCPU, ARM)"):
backend = Server("Fastify\nBackend API")
websocket = Server("Fastify\nWebSocket Service")
guacd = Docker("guacd\n(RDP/VNC)")
with Cluster("Data (Self-Managed)"):
postgres = PostgreSQL("PostgreSQL\n(RLS Enabled)")
redis = Redis("Redis\n(Sessions/Cache)")
static = Storage("Object Storage\n(React SPA)")
with Cluster("AWS (Managed Services Only)"):
cognito = Cognito("Cognito\nUser Pools + SSO")
pre_token = Lambda("Pre-Token\nLambda")
secrets = SecretsManager("Secrets Manager\nSSH Keys")
s3 = S3("S3\nBackups + Logs")
route53 = Route53("Route 53")
ses = SES("SES\nEmail")
stripe_lambda = Lambda("Stripe\nWebhook Lambda")
with Cluster("Tenant Infrastructure"):
host1 = Server("SSH Host A")
host2 = Server("SSH Host B")
docker_host = Docker("Docker Host")
# User flow
users >> route53 >> lb
lb >> static
lb >> backend
lb >> websocket
# Backend connections
backend >> postgres
backend >> redis
backend >> secrets
backend >> s3
websocket >> redis
websocket >> guacd
# Auth
cognito >> pre_token
backend >> cognito
stripe_lambda >> cognito
# Outbound to tenant hosts (direct, no NAT needed)
backend >> host1
backend >> host2
websocket >> host1
websocket >> docker_host
# Email
backend >> ses
Reference in a new issue View git blame Copy permalink