Aws Diagrams

Name: Aws Diagrams
Author: eraserlabs

eraserlabs/eraser-io·MIT

Turn CloudFormation templates, AWS CLI output, or plain-language AWS descriptions into cloud architecture diagrams via Eraser without hand-drawing VPCs and services.

Overview

aws-diagrams is an agent skill most often used in Build (also Operate infra, Ship security) that turns CloudFormation, AWS CLI output, or descriptions into Eraser-rendered AWS architecture diagrams.

Install

npx skills add https://github.com/eraserlabs/eraser-io --skill aws-diagrams

What is this skill?

Parses CloudFormation YAML/JSON Resources, AWS CLI output, or natural language AWS descriptions
Maps VPCs, subnets, security groups, IAM roles, and common services (EC2, S3, RDS, Lambda)
Generates Eraser DSL and calls Eraser /api/render/elements with diagramType cloud-architecture-diagram
Requires network access and curl-style API calls to Eraser (MIT-licensed Eraser Labs skill)
Calls Eraser API endpoint /api/render/elements with diagramType cloud-architecture-diagram

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Adoption & trust: 842 installs on skills.sh; 22 GitHub stars; 2/3 security scanners passed (skills.sh audits).

What problem does it solve?

You have AWS resources spread across templates and terminal output but no up-to-date diagram your agent or cofounder can read.

Who is it for?

Builders who already use AWS and want fast, API-generated architecture visuals from templates or CLI snapshots.

Skip if: Purely local diagramming with zero network, or non-AWS clouds without adapting the parsing workflow yourself.

When should I use this skill?

User has AWS CloudFormation templates, AWS CLI output, or wants to diagram EC2, VPC, S3, RDS, Lambda, or similar AWS infrastructure.

What do I get? / Deliverables

You receive Eraser DSL and a rendered cloud-architecture diagram that reflects parsed AWS resources and relationships.

Eraser DSL for AWS topology
Rendered cloud-architecture-diagram image or element payload

Recommended Skills

Azure Deploymicrosoft/azure-skills

Azure Deploy is a Microsoft agent skill that executes cloud releases for applications that are already planned and valid…374k installs·1.2k stars

Azure Preparemicrosoft/azure-skills

Azure Prepare is Microsoft's skill for getting applications ready to run on Azure—writing the deployment plan, generatin…374k installs·1.2k stars

Azure Storagemicrosoft/azure-skills

Azure Storage skill helps agents pick the right Azure storage service—Blob for objects, Files for SMB shares, Queues for…374k installs·1.2k stars

Azure Validatemicrosoft/azure-skills

Microsoft-guided preflight validation for Azure deployments including IaC, identity, and service-specific readiness.374k installs·1.2k stars

Appinsights Instrumentationmicrosoft/azure-skills

appinsights-instrumentation is a Microsoft Azure-skills package that walks solo builders through enabling Application In…374k installs·1.2k stars

Azure Resource Lookupmicrosoft/azure-skills

Azure Resource Lookup is a Microsoft agent skill that helps solo builders and small teams answer “what do I have in Azur…373k installs·1.2k stars

Journey fit

Spans multiple journey phases - primary shelf plus alternate fits below.

Primary fit

Architecture diagrams are first-class build artifacts that explain how backend and cloud pieces connect before and after deployment. The skill produces documentation-style visuals (Eraser DSL and rendered diagrams), so docs is the canonical shelf even when the source is live AWS inventory.

Also useful

OperateInfrastructure & cost

Also useful

ShipSecurity

Where it fits

Example use

BuildDocs & content

Render a diagram from a serverless stack CloudFormation template for your repo README.

Example use

OperateInfrastructure & cost

Paste fresh RDS and VPC CLI output after a scaling change to update the team runbook diagram.

Example use

ShipSecurity

Map security groups and IAM roles from a template before launch review.

How it compares

Agent-driven Eraser rendering from live AWS artifacts, not a static icon stencil pack in the repo.

Common Questions / FAQ

Who is aws-diagrams for?

Solo and indie developers on AWS who need architecture diagrams for READMEs, runbooks, or stakeholder updates without spending an afternoon in a diagram editor.

When should I use aws-diagrams?

Use it in Build when documenting stack design from CloudFormation, in Ship when reviewing VPC and security layout before launch, and in Operate when visualizing current infra from CLI output for incidents or handoffs.

Is aws-diagrams safe to install?

It reads local templates and can POST diagram data to Eraser over the network; scrub secrets from inputs and review the Security Audits panel on this page before enabling in production workflows.

SKILL.md

READMESKILL.md - Aws Diagrams

# AWS Diagram Generator

Generates architecture diagrams for AWS infrastructure from CloudFormation templates, AWS CLI output, or natural language descriptions.

## When to Use

Activate this skill when:

- User has AWS CloudFormation templates (YAML/JSON)
- User provides AWS CLI output (e.g., `aws ec2 describe-instances`)
- User wants to visualize AWS resources
- User mentions AWS services (EC2, S3, RDS, Lambda, VPC, etc.)
- User asks to "diagram my AWS infrastructure"

## How It Works

This skill generates AWS-specific diagrams by parsing AWS resources and calling the Eraser API directly:

1. **Parse AWS Resources**: Extract resources from CloudFormation, CLI output, or descriptions
2. **Map AWS Relationships**: Identify VPCs, subnets, security groups, IAM roles
3. **Generate Eraser DSL**: Create Eraser DSL code from AWS resources
4. **Call Eraser API**: Use `/api/render/elements` with `diagramType: "cloud-architecture-diagram"`

## Instructions

When the user provides AWS infrastructure information:

1. **Parse the Source**

   - **CloudFormation**: Extract `Resources` section, identify types (AWS::EC2::Instance, etc.)
   - **CLI Output**: Parse JSON output from `aws` commands
   - **Description**: Identify AWS service names and relationships

2. **Identify AWS Components**

   - **Networking**: VPCs, Subnets, Internet Gateways, NAT Gateways, Route Tables
   - **Compute**: EC2 Instances, Auto Scaling Groups, Lambda Functions, ECS Services
   - **Storage**: S3 Buckets, EBS Volumes, EFS File Systems
   - **Databases**: RDS Instances, DynamoDB Tables, ElastiCache Clusters
   - **Security**: Security Groups, IAM Roles, IAM Policies, NACLs
   - **Load Balancing**: ALB, NLB, CLB
   - **Other**: SQS Queues, SNS Topics, API Gateway, CloudFront

3. **Map Relationships**

   - EC2 instances in subnets
   - Subnets in VPCs
   - Security groups attached to instances
   - IAM roles attached to services
   - Load balancers targeting instances
   - Databases accessed by applications

4. **Generate Eraser DSL** Convert AWS resources to Eraser DSL:

   - **CRITICAL: Label Formatting Rules**
     - Labels MUST be on a single line - NEVER use newlines inside label attributes
     - Keep labels simple and readable - prefer separate labels over concatenating too much metadata
     - Format DSL with proper line breaks (one node/group per line, but labels stay on single lines)
     - If including metadata like CIDR blocks or instance types, include them in the same quoted label string: `[label: "VPC 10.0.0.0/16"]`

   Example:

   ```
   main-vpc [label: "VPC 10.0.0.0/16"] {
     public-subnet [label: "Public Subnet"] {
       web-server [icon: aws-ec2, label: "Web Server"]
       load-balancer [icon: aws-elb]
     }
     private-subnet [label: "Private Subnet"] {
       database [icon: aws-rds]
       cache [icon: aws-elasticache]
     }
   }
   data-bucket [icon: aws-s3]
   function [icon: aws-lambda]
   load-balancer -> web-server
   web-server -> database
   ```

5. **Make the HTTP Request**

   **IMPORTANT**: You MUST execute this curl command after generating the DSL. Never stop after generating DSL without making the API call.

   **CRITICAL**: In the `X-Skill-Source` header below, you MUST replace the value with your AI agent name:
   - If you are Claude (Anthropic), use: `claude`
   - If you are running in Cursor, use: `cursor`
   - If you are ChatGPT (OpenAI), use: `chatgpt`
   - If you are Gemini (Google), use: `gemini`
   - Otherwise, use your model/agent name in lowercase

   ```bash
   curl -X POST https://app.eraser.io/api/render/e

What is this skill?

Parses CloudFormation YAML/JSON Resources, AWS CLI output, or natural language AWS descriptions

Maps VPCs, subnets, security groups, IAM roles, and common services (EC2, S3, RDS, Lambda)

Generates Eraser DSL and calls Eraser /api/render/elements with diagramType cloud-architecture-diagram

Requires network access and curl-style API calls to Eraser (MIT-licensed Eraser Labs skill)

Calls Eraser API endpoint /api/render/elements with diagramType cloud-architecture-diagram

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Adoption & trust: 842 installs on skills.sh; 22 GitHub stars; 2/3 security scanners passed (skills.sh audits).

Journey fit

Spans multiple journey phases - primary shelf plus alternate fits below.

Primary fit

Also useful

OperateInfrastructure & cost

Also useful

ShipSecurity

Where it fits

Example use

BuildDocs & content

Render a diagram from a serverless stack CloudFormation template for your repo README.

Example use

OperateInfrastructure & cost

Paste fresh RDS and VPC CLI output after a scaling change to update the team runbook diagram.

Example use

ShipSecurity

Map security groups and IAM roles from a template before launch review.

SKILL.md

READMESKILL.md - Aws Diagrams

# AWS Diagram Generator

Generates architecture diagrams for AWS infrastructure from CloudFormation templates, AWS CLI output, or natural language descriptions.

## When to Use

Activate this skill when:

- User has AWS CloudFormation templates (YAML/JSON)
- User provides AWS CLI output (e.g., `aws ec2 describe-instances`)
- User wants to visualize AWS resources
- User mentions AWS services (EC2, S3, RDS, Lambda, VPC, etc.)
- User asks to "diagram my AWS infrastructure"

## How It Works

This skill generates AWS-specific diagrams by parsing AWS resources and calling the Eraser API directly:

1. **Parse AWS Resources**: Extract resources from CloudFormation, CLI output, or descriptions
2. **Map AWS Relationships**: Identify VPCs, subnets, security groups, IAM roles
3. **Generate Eraser DSL**: Create Eraser DSL code from AWS resources
4. **Call Eraser API**: Use `/api/render/elements` with `diagramType: "cloud-architecture-diagram"`

## Instructions

When the user provides AWS infrastructure information:

1. **Parse the Source**

   - **CloudFormation**: Extract `Resources` section, identify types (AWS::EC2::Instance, etc.)
   - **CLI Output**: Parse JSON output from `aws` commands
   - **Description**: Identify AWS service names and relationships

2. **Identify AWS Components**

   - **Networking**: VPCs, Subnets, Internet Gateways, NAT Gateways, Route Tables
   - **Compute**: EC2 Instances, Auto Scaling Groups, Lambda Functions, ECS Services
   - **Storage**: S3 Buckets, EBS Volumes, EFS File Systems
   - **Databases**: RDS Instances, DynamoDB Tables, ElastiCache Clusters
   - **Security**: Security Groups, IAM Roles, IAM Policies, NACLs
   - **Load Balancing**: ALB, NLB, CLB
   - **Other**: SQS Queues, SNS Topics, API Gateway, CloudFront

3. **Map Relationships**

   - EC2 instances in subnets
   - Subnets in VPCs
   - Security groups attached to instances
   - IAM roles attached to services
   - Load balancers targeting instances
   - Databases accessed by applications

4. **Generate Eraser DSL** Convert AWS resources to Eraser DSL:

   - **CRITICAL: Label Formatting Rules**
     - Labels MUST be on a single line - NEVER use newlines inside label attributes
     - Keep labels simple and readable - prefer separate labels over concatenating too much metadata
     - Format DSL with proper line breaks (one node/group per line, but labels stay on single lines)
     - If including metadata like CIDR blocks or instance types, include them in the same quoted label string: `[label: "VPC 10.0.0.0/16"]`

   Example:

   ```
   main-vpc [label: "VPC 10.0.0.0/16"] {
     public-subnet [label: "Public Subnet"] {
       web-server [icon: aws-ec2, label: "Web Server"]
       load-balancer [icon: aws-elb]
     }
     private-subnet [label: "Private Subnet"] {
       database [icon: aws-rds]
       cache [icon: aws-elasticache]
     }
   }
   data-bucket [icon: aws-s3]
   function [icon: aws-lambda]
   load-balancer -> web-server
   web-server -> database
   ```

5. **Make the HTTP Request**

   **IMPORTANT**: You MUST execute this curl command after generating the DSL. Never stop after generating DSL without making the API call.

   **CRITICAL**: In the `X-Skill-Source` header below, you MUST replace the value with your AI agent name:
   - If you are Claude (Anthropic), use: `claude`
   - If you are running in Cursor, use: `cursor`
   - If you are ChatGPT (OpenAI), use: `chatgpt`
   - If you are Gemini (Google), use: `gemini`
   - Otherwise, use your model/agent name in lowercase

   ```bash
   curl -X POST https://app.eraser.io/api/render/e

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Where it fits

Who is aws-diagrams for?

When should I use aws-diagrams?

Is aws-diagrams safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Where it fits

Who is aws-diagrams for?

When should I use aws-diagrams?

Is aws-diagrams safe to install?

SKILL.md