InfraMap
beginnerVisualizing Your AWS Infrastructure with InfraMap
Generate interactive architecture diagrams from your live AWS environment. Keep documentation automatically up-to-date.
check_circlePrerequisites
- check_circleAWS account
- check_circleIAM permissions for resource discovery
menu_bookIn This Guide
1.Introduction
InfraMap automatically generates architecture diagrams from your live AWS infrastructure. Instead of manually maintaining Visio or Draw.io diagrams that go stale, InfraMap keeps your documentation in sync with reality.
Features: - Auto-discovery of AWS resources and relationships - Interactive diagrams with resource details on hover - Multiple views (network, security, cost) - Export to PNG, SVG, or embed in Notion/Confluence - Drift detection between diagram and IaC
2.Step 1: Connect Your AWS Account
InfraMap needs read-only access to discover your resources. Create an IAM role with the AWS-managed `ReadOnlyAccess` policy, or use our more restrictive custom policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "InfraMapDiscovery",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"rds:Describe*",
"elasticloadbalancing:Describe*",
"lambda:List*",
"lambda:GetFunction",
"apigateway:GET",
"s3:ListAllMyBuckets",
"s3:GetBucketLocation",
"dynamodb:ListTables",
"dynamodb:DescribeTable",
"ecs:List*",
"ecs:Describe*",
"eks:List*",
"eks:Describe*",
"cloudfront:List*",
"route53:List*",
"elasticache:Describe*",
"sns:List*",
"sqs:List*"
],
"Resource": "*"
}
]
}3.Step 2: Run Discovery
Once connected, InfraMap scans your account and builds a graph of resources and their relationships. The initial scan takes 2-5 minutes depending on the size of your infrastructure.
InfraMap discovers: - VPCs, subnets, and security groups - EC2 instances and their network connections - Load balancers and target groups - RDS databases and read replicas - Lambda functions and their triggers - S3 buckets and access patterns - ECS/EKS clusters and services - And 50+ other AWS service types
4.Step 3: Explore Your Diagram
The generated diagram is interactive:
- **Click** a resource to see its details (ID, tags, configuration) - **Hover** over connections to see the relationship type - **Filter** by VPC, tag, or resource type - **Search** for specific resources by name or ID - **Zoom** in/out and pan to navigate large infrastructures
Use the "Views" dropdown to switch between: - **Network View**: VPCs, subnets, security groups, connections - **Security View**: IAM roles, policies, encryption status - **Cost View**: Resources sized by monthly cost
5.Step 4: Set Up Auto-Refresh
Keep your diagrams up-to-date automatically by enabling scheduled scans:
# inframap.yml
accounts:
- name: production
account_id: "123456789012"
role_arn: arn:aws:iam::123456789012:role/InfraMapRole
regions:
- us-east-1
- us-west-2
- name: staging
account_id: "987654321098"
role_arn: arn:aws:iam::987654321098:role/InfraMapRole
regions:
- us-east-1
schedule:
frequency: daily
time: "06:00"
timezone: UTC
notifications:
on_change:
slack: "#infrastructure"
message: "Infrastructure changes detected"6.Step 5: Export and Share
Export your diagrams for documentation:
**Static Export** - PNG/SVG for presentations and docs - PDF for compliance documentation
**Embed** - Notion embed block - Confluence macro - Custom iframe for internal wikis
**API Access** Get diagram data programmatically for custom integrations:
# Get diagram as JSON
curl -H "Authorization: Bearer $INFRAMAP_TOKEN" \
"https://api.morphlix.com/inframap/v1/diagrams/prod-main" \
-o diagram.json
# Get as SVG
curl -H "Authorization: Bearer $INFRAMAP_TOKEN" \
"https://api.morphlix.com/inframap/v1/diagrams/prod-main?format=svg" \
-o architecture.svgNeed Help?
Our team is here to help you get set up.
Get expert guidance on implementing InfraMap for your infrastructure.
Contact Supportarrow_forward