Created
December 10, 2020 03:41
-
-
Save jonesy1234/b70bab864302992d360ba13573fe434d to your computer and use it in GitHub Desktop.
AWS Security Services Data Flow - https://diagrams.mingrammer.com/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from diagrams import Cluster, Diagram | |
from diagrams.aws.network import Route53 | |
from diagrams.aws.management import Cloudwatch, SSM, Cloudtrail, Config | |
from diagrams.aws.analytics import Analytics | |
from diagrams.aws.security import Detective, Guardduty, IAMAccessAnalyzer, SecurityHub, Inspector | |
from diagrams.aws.integration import Eventbridge | |
with Diagram("AWS Security Services Data Flow", show=False, direction="TB"): | |
# Investigation | |
detective = Detective("Detective") | |
# Data Sources | |
dns_logs = Route53("DNS Logs") | |
vpc_flow_logs = Cloudwatch("VPC Flow Logs") | |
cloudtrail = Cloudtrail("Cloudtrail") | |
eventbridge = Eventbridge("Eventbridge") | |
config = Config("Config") | |
scanning = Inspector("Inspector") | |
# Aggregation | |
security_hub = SecurityHub("Security Hub") | |
systems_manager = SSM("Systems Manager OpsCenter") | |
# Monitoring | |
guard_duty = Guardduty("GuardDuty") | |
access_analyzer = IAMAccessAnalyzer("Access Analyzer") | |
# Reporting | |
audit_manager = Analytics("Audit Manager") | |
# Data Source Outputs | |
detective << dns_logs >> guard_duty | |
detective << vpc_flow_logs >> guard_duty | |
detective << cloudtrail >> guard_duty | |
cloudtrail >> eventbridge | |
config >> security_hub | |
config >> audit_manager | |
config >> eventbridge | |
scanning >> security_hub | |
scanning >> audit_manager | |
# Monitoring | |
guard_duty >> eventbridge | |
guard_duty >> security_hub | |
guard_duty >> systems_manager | |
access_analyzer >> security_hub | |
# Aggregation | |
security_hub >> systems_manager | |
security_hub >> audit_manager |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment