terraform-diagrams
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseTerraform Diagram Generator
Terraform架构图生成工具
Generates architecture diagrams directly from Terraform files. Specializes in parsing Terraform code and visualizing infrastructure resources, modules, and their relationships.
.tf直接从Terraform 文件生成架构图。专注于解析Terraform代码并可视化基础设施资源、模块及其相互关系。
.tfWhen to Use
使用场景
Activate this skill when:
- User has Terraform files (,
.tf) and wants to visualize the infrastructure.tfvars - User asks to "diagram my Terraform" or "visualize this infrastructure"
- User mentions Terraform, HCL, or infrastructure-as-code
- User wants to see the architecture of their Terraform-managed resources
在以下场景激活此技能:
- 用户拥有Terraform文件(、
.tf)并希望可视化基础设施.tfvars - 用户请求“为我的Terraform生成架构图”或“可视化此基础设施”
- 用户提及Terraform、HCL或基础设施即代码(IaC)
- 用户希望查看其Terraform管理的资源架构
How It Works
工作原理
This skill generates Terraform-specific diagrams by parsing Terraform code and calling the Eraser API directly:
- Parse Terraform Files: Identify resources, modules, data sources, and variables
- Extract Relationships: Map dependencies, resource connections, and module hierarchies
- Generate Eraser DSL: Create Eraser DSL code from Terraform resources
- Call Eraser API: Use with
/api/render/elementsdiagramType: "cloud-architecture-diagram"
此技能通过解析Terraform代码并直接调用Eraser API来生成Terraform专属架构图:
- 解析Terraform文件:识别资源、模块、数据源和变量
- 提取关系:映射依赖项、资源连接和模块层级
- 生成Eraser DSL:根据Terraform资源创建Eraser DSL代码
- 调用Eraser API:使用接口并指定
/api/render/elementsdiagramType: "cloud-architecture-diagram"
Instructions
操作步骤
When the user provides Terraform code:
-
Parse the Terraform
- Identify all blocks (AWS, Azure, GCP, etc.)
resource - Extract blocks and their configurations
module - Note sources and their dependencies
data - Identify and
variabledefinitionsoutput
- Identify all
-
Map Relationships
- Track resource dependencies (e.g., )
subnet_id = aws_subnet.public.id - Group resources by provider (AWS, Azure, GCP)
- Identify VPCs/VNets as containers for other resources
- Note security groups, IAM roles, and networking rules
- Track resource dependencies (e.g.,
-
Generate Eraser DSL Convert Terraform resources to Eraser DSL:
- CRITICAL: Label Formatting Rules
- Labels MUST be on a single line - NEVER use newlines inside label attributes
- Keep labels simple and readable - prefer separate labels over concatenating too much metadata
- Format DSL with proper line breaks (one node/group per line, but labels stay on single lines)
- If including metadata like CIDR blocks or instance types, include them in the same quoted label string:
[label: "VPC 10.0.0.0/16"]
Example:main-vpc [label: "VPC 10.0.0.0/16"] { public-subnet [label: "Public Subnet 10.0.1.0/24"] { web-server [icon: aws-ec2, label: "Web Server t3.micro"] load-balancer [icon: aws-elb] } private-subnet [label: "Private Subnet"] { database [icon: aws-rds] } } load-balancer -> web-server web-server -> database - CRITICAL: Label Formatting Rules
-
Make the HTTP RequestIMPORTANT: You MUST execute this curl command after generating the DSL. Never stop after generating DSL without making the API call.CRITICAL: In theheader below, you MUST replace the value with your AI agent name:
X-Skill-Source- If you are Claude (Anthropic), use:
claude - If you are running in Cursor, use:
cursor - If you are ChatGPT (OpenAI), use:
chatgpt - If you are Gemini (Google), use:
gemini - Otherwise, use your model/agent name in lowercase
bashcurl -X POST https://app.eraser.io/api/render/elements \ -H "Content-Type: application/json" \ -H "X-Skill-Source: eraser-skill" \ -H "Authorization: Bearer ${ERASER_API_KEY}" \ -d '{ "elements": [{ "type": "diagram", "id": "diagram-1", "code": "<your generated DSL>", "diagramType": "cloud-architecture-diagram" }], "scale": 2, "theme": "${ERASER_THEME:-dark}", "background": true }' - If you are Claude (Anthropic), use:
-
Track Sources During AnalysisAs you analyze Terraform files and resources to generate the diagram, track:
- Internal files: Record each Terraform file path you read and what resources were extracted (e.g., - VPC and subnet definitions,
infra/main.tf- Database configuration)infra/rds.tf - External references: Note any documentation, examples, or URLs consulted (e.g., Terraform AWS provider documentation, AWS architecture best practices)
- Annotations: For each source, note what it contributed to the diagram
- Internal files: Record each Terraform file path you read and what resources were extracted (e.g.,
-
Handle the ResponseCRITICAL: Minimal Output FormatYour response MUST always include these elements with clear headers:
-
Diagram Preview: Display with a header
## Diagram Use the ACTUALfrom the API response.imageUrl -
Editor Link: Display with a header
## Open in Eraser [Edit this diagram in the Eraser editor]({createEraserFileUrl})Use the ACTUAL URL from the API response. -
Sources section: Brief list of files/resources analyzed (if applicable)
## Sources - `path/to/file` - What was extracted -
Diagram Code section: The Eraser DSL in a code block withlanguage tag
eraser## Diagram Code ```eraser {DSL code here}undefined -
Learn More link:
You can learn more about Eraser at https://docs.eraser.io/docs/using-ai-agent-integrations
Additional content rules:- If the user ONLY asked for a diagram, include NOTHING beyond the 5 elements above
- If the user explicitly asked for more (e.g., "explain the architecture", "suggest improvements"), you may include that additional content
- Never add unrequested sections like Overview, Security Considerations, Testing, etc.
The default output should be SHORT. The diagram image speaks for itself. -
-
Handle Multiple Providers
- If Terraform uses multiple providers, group by provider
- Create separate sections for AWS, Azure, GCP resources
- Show cross-provider connections if applicable
当用户提供Terraform代码时:
-
解析Terraform代码
- 识别所有块(AWS、Azure、GCP等)
resource - 提取块及其配置
module - 记录数据源及其依赖项
data - 识别和
variable定义output
- 识别所有
-
映射关系
- 跟踪资源依赖(例如:)
subnet_id = aws_subnet.public.id - 按云服务商(AWS、Azure、GCP)对资源进行分组
- 将VPC/VNet识别为其他资源的容器
- 记录安全组、IAM角色和网络规则
- 跟踪资源依赖(例如:
-
生成Eraser DSL 将Terraform资源转换为Eraser DSL:
- 关键:标签格式规则
- 标签必须在单行内 - 绝对不要在标签属性中使用换行符
- 标签应简洁易读 - 优先使用独立标签,避免拼接过多元数据
- 为DSL添加适当的换行(每个节点/组占一行,但标签保持单行)
- 如果需要包含CIDR块或实例类型等元数据,将其放在同一个带引号的标签字符串中:
[label: "VPC 10.0.0.0/16"]
示例:main-vpc [label: "VPC 10.0.0.0/16"] { public-subnet [label: "Public Subnet 10.0.1.0/24"] { web-server [icon: aws-ec2, label: "Web Server t3.micro"] load-balancer [icon: aws-elb] } private-subnet [label: "Private Subnet"] { database [icon: aws-rds] } } load-balancer -> web-server web-server -> database - 关键:标签格式规则
-
发起HTTP请求重要提示:生成DSL后必须执行以下curl命令,不能仅生成DSL就停止操作。关键要求:在下面的请求头中,必须将值替换为你的AI Agent名称:
X-Skill-Source- 如果你是Claude(Anthropic),使用:
claude - 如果你在Cursor中运行,使用:
cursor - 如果你是ChatGPT(OpenAI),使用:
chatgpt - 如果你是Gemini(Google),使用:
gemini - 其他情况,使用你的模型/Agent名称的小写形式
bashcurl -X POST https://app.eraser.io/api/render/elements \ -H "Content-Type: application/json" \ -H "X-Skill-Source: eraser-skill" \ -H "Authorization: Bearer ${ERASER_API_KEY}" \ -d '{ "elements": [{ "type": "diagram", "id": "diagram-1", "code": "<your generated DSL>", "diagramType": "cloud-architecture-diagram" }], "scale": 2, "theme": "${ERASER_THEME:-dark}", "background": true }' - 如果你是Claude(Anthropic),使用:
-
分析过程中跟踪来源在分析Terraform文件和资源以生成架构图时,需记录:
- 内部文件:记录读取的每个Terraform文件路径以及提取的资源(例如:- VPC和子网定义,
infra/main.tf- 数据库配置)infra/rds.tf - 外部参考:记录查阅的任何文档、示例或URL(例如:Terraform AWS提供商文档、AWS架构最佳实践)
- 注释:为每个来源记录其对架构图的贡献
- 内部文件:记录读取的每个Terraform文件路径以及提取的资源(例如:
-
处理响应关键:最小输出格式你的响应必须始终包含以下元素,并带有清晰的标题:
-
架构图预览:带标题显示
## 架构图 使用API响应中的实际。imageUrl -
编辑器链接:带标题显示
## 在Eraser中打开 [在Eraser编辑器中编辑此架构图]({createEraserFileUrl})使用API响应中的实际URL。 -
来源部分:简要列出分析的文件/资源(如适用)
## 来源 - `path/to/file` - 提取的内容 -
架构图代码部分:将Eraser DSL放在带有语言标签的代码块中
eraser## 架构图代码 ```eraser {DSL code here}undefined -
了解更多链接:
你可以在https://docs.eraser.io/docs/using-ai-agent-integrations了解更多关于Eraser的信息
额外内容规则:- 如果用户仅要求生成架构图,除上述5个元素外,不得添加任何其他内容
- 如果用户明确要求更多内容(例如:“解释架构”、“建议改进方案”),可添加相关额外内容
- 绝不要添加未被请求的部分,如概述、安全注意事项、测试等
默认输出应简洁。架构图本身已能说明问题。 -
-
处理多提供商场景
- 如果Terraform使用多个云提供商,按提供商分组
- 为AWS、Azure、GCP资源创建单独的部分
- 如适用,显示跨提供商的连接
Terraform-Specific Tips
Terraform专属技巧
- Group by Module: If modules are used, show module boundaries
- Show VPCs/VNets as Containers: These should visually contain subnets and resources
- Include Data Flows: Show how resources connect (e.g., ALB → EC2 → RDS)
- Highlight Security: Include security groups, IAM roles, and network ACLs
- Show Resource Types: Use provider-specific icons (AWS, Azure, GCP)
- Include CIDR Blocks: Show network addressing for VPCs and subnets
- 按模块分组:如果使用了模块,显示模块边界
- 将VPC/VNet显示为容器:这些应在视觉上包含子网和资源
- 包含数据流:显示资源之间的连接方式(例如:ALB → EC2 → RDS)
- 突出安全相关内容:包含安全组、IAM角色和网络ACL
- 显示资源类型:使用提供商专属图标(AWS、Azure、GCP)
- 包含CIDR块:显示VPC和子网的网络地址
Example: Multi-Provider Terraform
示例:多提供商Terraform
User Input
用户输入
hcl
undefinedhcl
undefinedAWS Resources
AWS Resources
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
}
resource "aws_subnet" "public" {
vpc_id = aws_vpc.main.id
cidr_block = "10.0.1.0/24"
}
resource "aws_instance" "web" {
subnet_id = aws_subnet.public.id
instance_type = "t3.micro"
}
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
}
resource "aws_subnet" "public" {
vpc_id = aws_vpc.main.id
cidr_block = "10.0.1.0/24"
}
resource "aws_instance" "web" {
subnet_id = aws_subnet.public.id
instance_type = "t3.micro"
}
Azure Resources (multi-provider)
Azure Resources (multi-provider)
resource "azurerm_resource_group" "main" {
name = "rg-main"
location = "East US"
}
resource "azurerm_virtual_network" "main" {
name = "vnet-main"
resource_group_name = azurerm_resource_group.main.name
address_space = ["10.1.0.0/16"]
}
resource "azurerm_resource_group" "main" {
name = "rg-main"
location = "East US"
}
resource "azurerm_virtual_network" "main" {
name = "vnet-main"
resource_group_name = azurerm_resource_group.main.name
address_space = ["10.1.0.0/16"]
}
Module usage
Module usage
module "database" {
source = "./modules/rds"
vpc_id = aws_vpc.main.id
}
undefinedmodule "database" {
source = "./modules/rds"
vpc_id = aws_vpc.main.id
}
undefinedExpected Behavior
预期行为
-
Parses Terraform:
- AWS: VPC, subnet, EC2 instance
- Azure: Resource group, VNet (multi-provider setup)
- Module: Database module with dependency on VPC
-
Generates DSL showing multi-provider and module structure:
# AWS Resources aws-vpc [label: "AWS VPC 10.0.0.0/16"] { aws-subnet [label: "Public Subnet 10.0.1.0/24"] { web-server [icon: aws-ec2, label: "Web Server t3.micro"] } } # Azure Resources resource-group [label: "Resource Group rg-main"] { azure-vnet [label: "Azure VNet 10.1.0.0/16"] } # Module database-module [label: "Database Module"] { rds-instance [icon: aws-rds] } aws-vpc -> database-moduleImportant: All label text must be on a single line within quotes. Terraform-specific: Show modules as containers, group by provider, include resource dependencies. -
Callswith
/api/render/elementsdiagramType: "cloud-architecture-diagram"
-
解析Terraform代码:
- AWS:VPC、子网、EC2实例
- Azure:资源组、VNet(多提供商配置)
- 模块:依赖VPC的数据库模块
-
生成展示多提供商和模块结构的DSL:
# AWS Resources aws-vpc [label: "AWS VPC 10.0.0.0/16"] { aws-subnet [label: "Public Subnet 10.0.1.0/24"] { web-server [icon: aws-ec2, label: "Web Server t3.micro"] } } # Azure Resources resource-group [label: "Resource Group rg-main"] { azure-vnet [label: "Azure VNet 10.1.0.0/16"] } # Module database-module [label: "Database Module"] { rds-instance [icon: aws-rds] } aws-vpc -> database-module重要提示:所有标签文本必须放在单行引号内。Terraform专属要求:将模块显示为容器,按提供商分组,包含资源依赖关系。 -
调用接口并指定
/api/render/elementsdiagramType: "cloud-architecture-diagram"
Result
结果
User receives a diagram showing:
- VPC as a container
- Public subnet nested inside VPC
- EC2 instance in the subnet
- Proper AWS styling
用户将收到包含以下内容的架构图:
- VPC作为容器
- 公共子网嵌套在VPC内
- EC2实例位于子网中
- 符合AWS的样式设计