You're right, neither Mermaid nor D2 really nail AWS architecture diagrams out of the box. Mermaid lacks icons entirely, and D2's AWS pack is more 'icons exist' than 'architecture patterns are easy.'
Honestly, this is a gap in the ecosystem. For now, most people either:
- Use draw.io/Excalidraw despite the pain
- Build diagrams programmatically (Diagrams-as-code Python library has good AWS support)
- Just accept text-based flowcharts without icons
If I add custom icon/shape support to Ferrite's Mermaid renderer (v0.3.0+), AWS icons could be a good test case. No promises, but I hear the frustration.
A few thoughts:
What might work today: - Sequence diagrams can model service-to-service flows (API calls, auth handoffs)
- Flowcharts with subgraphs can represent VPC boundaries, security groups
- C4-style (context, container, component) is sometimes modeled with flowcharts
What would make it better:
- Custom shapes/icons (AWS service icons)
- Annotations for security boundaries, trust zones
- Data flow direction markers
Alternative you might try now:
D2 (https://d2lang.com) has better icon support and was designed for architecture diagrams. It has an AWS icon pack. Structurizr also does C4 well.
That said, if there's demand for architecture-specific diagrams in Ferrite's Mermaid renderer, I could look at:
1. Custom icon/shape support via external SVGs
2. A dedicated "architecture" diagram type with security-relevant annotations
Would a template or example for modeling security flows in Mermaid's current syntax help as a starting point?