jonesy1234/gist:b70bab864302992d360ba13573fe434d

## gistfile1.txt
#!/usr/bin/env python

from diagrams import Cluster, Diagram
from diagrams.aws.network import Route53
from diagrams.aws.management import Cloudwatch, SSM, Cloudtrail, Config
from diagrams.aws.analytics import Analytics
from diagrams.aws.security import Detective, Guardduty, IAMAccessAnalyzer, SecurityHub, Inspector
from diagrams.aws.integration import Eventbridge

with Diagram("AWS Security Services Data Flow", show=False, direction="TB"):
    # Investigation
    detective = Detective("Detective")

    # Data Sources
    dns_logs = Route53("DNS Logs")
    vpc_flow_logs = Cloudwatch("VPC Flow Logs")
    cloudtrail = Cloudtrail("Cloudtrail")
    eventbridge = Eventbridge("Eventbridge")
    config = Config("Config")
    scanning = Inspector("Inspector")

    # Aggregation
    security_hub = SecurityHub("Security Hub")
    systems_manager = SSM("Systems Manager OpsCenter")

    # Monitoring
    guard_duty = Guardduty("GuardDuty")
    access_analyzer = IAMAccessAnalyzer("Access Analyzer")

    # Reporting
    audit_manager = Analytics("Audit Manager")

    # Data Source Outputs
    detective << dns_logs >> guard_duty
    detective << vpc_flow_logs >> guard_duty
    detective << cloudtrail >> guard_duty
    cloudtrail >> eventbridge
    config >> security_hub
    config >> audit_manager
    config >> eventbridge
    scanning >> security_hub
    scanning >> audit_manager

    # Monitoring
    guard_duty >> eventbridge
    guard_duty >> security_hub
    guard_duty >> systems_manager
    access_analyzer >> security_hub

    # Aggregation
    security_hub >> systems_manager
    security_hub >> audit_manager
	#!/usr/bin/env python

	from diagrams import Cluster, Diagram
	from diagrams.aws.network import Route53
	from diagrams.aws.management import Cloudwatch, SSM, Cloudtrail, Config
	from diagrams.aws.analytics import Analytics
	from diagrams.aws.security import Detective, Guardduty, IAMAccessAnalyzer, SecurityHub, Inspector
	from diagrams.aws.integration import Eventbridge

	with Diagram("AWS Security Services Data Flow", show=False, direction="TB"):
	# Investigation
	detective = Detective("Detective")

	# Data Sources
	dns_logs = Route53("DNS Logs")
	vpc_flow_logs = Cloudwatch("VPC Flow Logs")
	cloudtrail = Cloudtrail("Cloudtrail")
	eventbridge = Eventbridge("Eventbridge")
	config = Config("Config")
	scanning = Inspector("Inspector")

	# Aggregation
	security_hub = SecurityHub("Security Hub")
	systems_manager = SSM("Systems Manager OpsCenter")

	# Monitoring
	guard_duty = Guardduty("GuardDuty")
	access_analyzer = IAMAccessAnalyzer("Access Analyzer")

	# Reporting
	audit_manager = Analytics("Audit Manager")

	# Data Source Outputs
	detective << dns_logs >> guard_duty
	detective << vpc_flow_logs >> guard_duty
	detective << cloudtrail >> guard_duty
	cloudtrail >> eventbridge
	config >> security_hub
	config >> audit_manager
	config >> eventbridge
	scanning >> security_hub
	scanning >> audit_manager

	# Monitoring
	guard_duty >> eventbridge
	guard_duty >> security_hub
	guard_duty >> systems_manager
	access_analyzer >> security_hub

	# Aggregation
	security_hub >> systems_manager
	security_hub >> audit_manager