AWS Architecture

You can import your AWS architecture right into Cacoo to automatically generate completed AWS network diagrams.

Services you can import

You can import the following services:

  • EC2
  • VPC
  • CloudFront
  • Availability Zone
  • Subnet
  • ELB
  • ElastiCache
  • RDS
  • S3
  • SNS
  • SQS
  • Route Tables
  • NAT gateway

Did you know?

Services you can import may change in the future. If the services are changed, the required permissions may change accordingly.

Importing AWS architecture

To import your AWS architecture, click the Import icon from the tool menu and select AWS Architecture.

There are two ways to integrate with AWS

  • Using an IAM Role
  • Using an IAM user account

Using an IAM Role

You will need to have an IAM Role, and use the information we provide.

Please refer to this article for more details. Please note that do not select the “Require MFA’” option.

After creating a role, enter your role ARN here.

Did you know?

Cacoo will not store your Role ARN detials after importing your AWS architecture.

Select a "Region" and confirm the "Layout options" which has the option to add lines to show connections. Click the OK button to import your AWS architecture accordingly.

Using an IAM user account

You will need to have an AWS Identity and Access Management (IAM) user account to use this feature. IAM is a feature in AWS that allows you to manage your AWS users and groups. If you do not have one, you can create an IAM user here if you do not have one.

The top of the popup contains the necessary permissions.

You have to create a new IAM user or attach it to an existing IAM user. You can copy the policy by selecting Copy button.

Please refer to this article for more details.

Enter your AWS Access Key and AWS Secret Key from the IAM account that you have created.

Did you know?

Cacoo will not store your IAM user credentials after importing your AWS architecture.

Select a "Region" and confirm the "Layout options" which has the option to add lines to show connections. Click the OK button to import your AWS architecture accordingly.

Adding line to show connection

When you import your AWS architecture, you can connect each service with lines by the “Layout options.”

Condition of line connection

Services are connected to each other by a line if the following conditions are met:

  • ELB to each EC2 instance of the target
  • ELB and S3 buckets set as the origin from CloudFront
  • All EC2 instances between security groups to which access is permitted

Resource Positioning

When importing with "Add line to show connection" enabled

If the resources are in the same parent-child hierarchy, a line of the same length will be drawn. If they are in different hierarchies, a line of slightly longer length will be drawn.

When importing with "Add line to show connection" disabled

Each resource is arranged in a grid starting from the upper left corner without considering the type of service while maintaining the parent-child relationship.

Did you know?

Services other than VPC, Subnet, EC2, ELB, CloudFront, ElastiCache, and RDS will be placed in the lower right corner regardless of whether the Layout options are enabled or disabled.
0 people think that it is helpful. Was this helpful for you?

Have a question we didn't answer?

Contact support