Skip to content

How to generate an AWS architecture diagram from a description

A sentence like "a serverless API on AWS with Lambda, API Gateway, and DynamoDB" can become far more than a picture. With ArchGenie, that one description produces a clean AWS architecture diagram and everything that normally comes after it: validated Terraform (or Pulumi), an A–F security grade with automated fixes, a per-resource cost estimate, observability as code, and documentation — ready to export to a pull request and deploy. This guide walks through that full path, starting with the diagram.

The diagram is the fastest way to see and refine the architecture, so we start there — but it is the entry point, not the destination. By the end you will have a complete, deployable AWS solution built from the same description. You do not need a diagramming tool, a schema, or any AWS credentials to begin.

What you'll need

An ArchGenie account (free to start, no credit card) and a rough idea of the system you want to build. That is it — no AWS account or credentials are required to generate the diagram, the code, the security grade, or the cost estimate.

Step 1 — Describe the system in plain language

Start with one or two sentences that name the moving parts and how they connect. Be specific about the pieces that matter: the compute model, the data stores, the entry point, and anything about availability. For example:

  • "A serverless REST API on AWS with API Gateway, Lambda, and DynamoDB, an SQS queue for async work, and CloudWatch for logs and alarms."
  • "A three-tier web app on AWS: an Application Load Balancer in front of ECS Fargate, an RDS Postgres database across two Availability Zones, and an S3 bucket for static assets."

You can be terse or verbose. Anything you leave implicit gets a sensible default that you can correct in the next step. You can also start from a whiteboard photo, a screenshot of an existing diagram, or a template instead of text.

Step 2 — Get the diagram, mapped to real AWS services

ArchGenie reads the description and maps each component to a specific AWS managed service rather than a generic box. An "application server" resolves to Lambda, ECS Fargate, or EKS depending on the workload; a "database" resolves to RDS, Aurora, DynamoDB, or ElastiCache; and load balancing, IAM, networking, and observability nodes are placed where they belong. The result is an AWS architecture diagram with real service names on every node — the shared source of truth for everything that follows.

Step 3 — Refine the diagram interactively

Every node is interactive. Click a service to remove it, swap it for a different managed equivalent, or add high availability such as multi-AZ, replicas, or failover — or jump straight to that resource's infrastructure code, security finding, or cost line item. You can also keep the conversation going: ask for a read replica, a VPC with private subnets, or a CDN in front, and the diagram updates. Only the parts that depend on the change get re-derived, so the rest stays stable.

Step 4 — From the diagram to a complete AWS solution

This is where ArchGenie goes beyond a diagram tool. The same architecture drives every deliverable below — you are not re-describing the system in a different tool for each one.

Validated infrastructure code (Terraform or Pulumi)

Pick a format and ArchGenie generates the full infrastructure code for the architecture, organized into a sensible file and module structure rather than one giant file. Every file is validated and security-hardened before you see it, so you are not starting from a draft that fails on the first plan. Terraform and Pulumi (TypeScript or Python) are each first-class for AWS, so you can match your team's existing stack. (Bicep is available for Azure architectures.)

An A–F security grade with automated fixes

Every architecture is scored A–F, with per-resource findings that point to the exact resource and the exact issue — public access, missing encryption, over-broad IAM, and the like. Most findings can be fixed directly from the security report, and the grade updates as you harden the design. You see the security posture before anything is deployed, not after an incident in production.

A per-resource cost estimate

ArchGenie estimates the monthly cost per resource across the architecture, with on-demand, reserved, and spot comparisons and a savings calculator, so you can see what it will cost — and where to cut — before you commit. GPU and accelerator pricing is included for AI and ML workloads.

Observability as code

Alongside the infrastructure code, ArchGenie can generate observability as code — CloudWatch dashboards, alarms, and notification channels wired to the resources in your architecture — plus Grafana dashboard JSON on demand. Monitoring ships with the system from day one.

Documentation

The architecture ships with a generated README: what the system is, how the Terraform is laid out, and a step-by-step deployment guide. Because it is produced from the same architecture as the code, it matches what you designed — and you can regenerate it after changes so it stays in step.

Export to a pull request, then deploy

When the architecture is ready, export the whole solution — diagram, code, and README — to a GitHub, GitLab, or Bitbucket pull request, or open a Jira issue with the diagram attached to plan the work. From there you run your normal review and terraform plan (or pulumi up), and deploy.

On the free plan you get the diagram, Terraform, the A–F security grade, the cost estimate, and documentation, plus a couple of Git and Jira exports each month. Pulumi, observability as code, unlimited exports, and line-level security navigation are on the paid plans.

Tips for a good description

  • Name the compute model (serverless, containers, or VMs) so the diagram and code pick the right service.
  • Say how many Availability Zones or regions you want if high availability matters — it changes the diagram, the Terraform, and the cost.
  • Mention data stores by type (relational, key-value, cache, object) if you are unsure of the engine — ArchGenie picks a fit and you can change it.
  • Include the entry point (API Gateway, load balancer, or CDN) and any async pieces (queues, topics, or event buses).

Example — a three-tier web app on AWS

Take the three-tier web app from Step 1. From that one description, ArchGenie draws the diagram, then hands you: the Terraform for the VPC, Application Load Balancer, ECS Fargate service, multi-AZ RDS instance, and S3 bucket; an A–F security grade flagging, say, an over-permissive security group or an unencrypted bucket, most fixable right from the report; a monthly cost estimate broken down per resource with reserved and spot options; CloudWatch dashboards and alarms for the service; a README and a deployment guide; and a pull request you can open in your repo. What started as a sentence is now a reviewed, costed, documented, deployable stack.

Frequently asked questions

Does ArchGenie only make diagrams, or the infrastructure code too?

The diagram is the first output. From the same architecture you also get validated Terraform or Pulumi, an A–F security grade, a per-resource cost estimate, observability as code, and documentation — and you can export the whole thing to a pull request.

Can I trust the generated Terraform?

Every file is validated and security-hardened before you see it, and you get an A–F security grade with per-resource findings, most of them fixable right from the report. You still run your own review and a plan before deploying — ArchGenie gets you to a reviewed, hardened starting point far faster.

How do I get the result into my repo?

Export the diagram, code, and docs to a GitHub, GitLab, or Bitbucket pull request, or open a Jira issue, so it drops straight into your existing review and deploy workflow.

Is it free to start?

Yes — start free without a credit card and generate the diagram, the Terraform, the security grade, and the cost estimate from one description.

Does it work for Azure and Google Cloud too?

Yes. Describe the system for Azure or Google Cloud, or describe it once and compare the diagram, code, and cost across all three providers.

Turn your description into a complete AWS solution

Diagram, validated Terraform, security grade, cost, observability, and docs — from one description.