security

Create security architecture diagrams using PlantUML syntax with identity, encryption, firewall, and compliance stencil icons. Best for IAM flows, zero-trust models, encryption pipelines, and threat detection architectures.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "security" with this command: npx skills add markdown-viewer/skills/markdown-viewer-skills-security

Security Architecture Diagram Generator

Quick Start: Define trust boundaries → Place identity/encryption/firewall icons → Connect with access flows → Group into security zones → Wrap in ```plantuml fence.

⚠️ IMPORTANT: Always use ```plantuml or ```puml code fence. NEVER use ```text — it will NOT render as a diagram.

Critical Rules

  • Every diagram starts with @startuml and ends with @enduml
  • Use left to right direction for access flows (User → AuthN → AuthZ → Resource)
  • Use mxgraph.aws4.* stencil syntax for security service icons
  • Default colors are applied automatically — you do NOT need to specify fillColor or strokeColor
  • Use rectangle "Trust Boundary" { ... } for security zones
  • Directed flows use -->, audit/async flows use ..> (dashed)

Full stencil reference: See stencils/README.md for 9500+ available icons.

Mxgraph Stencil Syntax

mxgraph.aws4.<icon> "Label" as <alias>

Identity & Access Stencils

CategoryStencilsPurpose
IAMidentity_and_access_management, identity_access_management_iam_roles_anywhereIdentity policies & roles
SSO/Directorycognito, ad_connector, directory_service, cloud_directoryUser authentication & federation
STSsts, sts_alternateTemporary security credentials
Organizationsorganizations, organizations_account, organizations_organizational_unitMulti-account governance

Encryption & Secrets Stencils

CategoryStencilsPurpose
KMSkey_management_service, key_management_service_external_key_storeKey management & encryption
Secretssecrets_managerSecrets rotation & storage
Certificatescertificate_manager, private_certificate_authorityTLS certificate lifecycle
HSMcloudhsmHardware security module
Encryptionencrypted_dataEncrypted data at rest

Network Security Stencils

CategoryStencilsPurpose
Firewallnetwork_firewall, network_firewall_endpoints, firewall_managerNetwork traffic filtering
WAFgeneric_firewallWeb application firewall
Shieldshield, shield_shield_advanced, shield2DDoS protection
Security Groupsecurity_group, group_security_groupInstance-level firewall

Threat Detection & Compliance Stencils

CategoryStencilsPurpose
Detectionguardduty, detective, inspectorThreat detection & investigation
Data ProtectionmacieSensitive data discovery
Compliancesecurity_hub, security_hub_finding, audit_manager, configCompliance posture & audit
Loggingcloudtrail, cloudtrail_cloudtrail_lake, security_lakeAudit trail & log aggregation
Governancecontrol_tower, organizationsMulti-account governance
Incidentsecurity_incident_responseIncident management

Connection Types

SyntaxMeaningUse Case
A --> BSolid arrowAuth flow / access request
A ..> BDashed arrowAudit event / async detection
A -- BSolid lineTrust relationship
A --> B : "label"Labeled connectionDescribe protocol or credential

Quick Example

@startuml
left to right direction
mxgraph.aws4.users "Users" as users
mxgraph.aws4.cognito "Cognito" as auth
mxgraph.aws4.identity_and_access_management "IAM" as iam

rectangle "Protected Resources" {
  mxgraph.aws4.s3 "Data (S3)" as s3
  mxgraph.aws4.encrypted_data "Encrypted" as enc
}

users --> auth : "login"
auth --> iam : "token"
iam --> s3
s3 --> enc
@enduml

Security Architecture Types

TypePurposeKey StencilsExample
IAM & AuthNIdentity and authenticationcognito, identity_and_access_management, stsiam-authn.md
Encryption PipelineData encryption at rest/in-transitkey_management_service, certificate_manager, secrets_managerencryption-pipeline.md
Network SecurityPerimeter defense & firewallsnetwork_firewall, shield, security_groupnetwork-security.md
Threat DetectionAutomated threat responseguardduty, detective, security_hubthreat-detection.md
Compliance AuditGovernance & audit trailconfig, audit_manager, cloudtrail, security_lakecompliance-audit.md
Zero TrustZero-trust access modelcognito, identity_and_access_management, network_firewallzero-trust.md
Data ProtectionSensitive data classificationmacie, encrypted_data, key_management_servicedata-protection.md
Multi-account GovOrganization-wide securityorganizations, control_tower, security_hubmulti-account-governance.md

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

architecture

No summary provided by upstream source.

Repository SourceNeeds Review
843-markdown-viewer
General

uml

No summary provided by upstream source.

Repository SourceNeeds Review
803-markdown-viewer
General

infographic

No summary provided by upstream source.

Repository SourceNeeds Review
794-markdown-viewer
General

graphviz

No summary provided by upstream source.

Repository SourceNeeds Review
771-markdown-viewer