diagram {
title = "Webapp"
/* Some comment about this... */
description = `
No *particular* threats to consider at this point.
It's **extremely** safe.`
threats = [
"csrf",
"mitm"
]
boundary browser {
title = "Browser"
function client {
title = "Client"
}
}
boundary aws {
title = "Amazon AWS"
function server {
title = "Web Server"
}
database logs {
title = "Logs"
}
}
io analytics {
title = "Google Analytics"
}
client -> server {
operation = "Request /"
description = `User navigates with a browser to see some content.`
}
server -> logs {
operation = "Log"
data = [
"IP Addressuser",
"Timestamprequest",
"Geolocation"
]
description = `Logged to a ELK stack.`
}
server -> client {
operation = "Response"
data = ["User Profile"]
description = `The server responds with some HTML.`
}
analytics <- client {
operation = "Log"
data = ["Page Navigation"]
description = `The Google Analytics plugin sends navigation
data to Google.`
}
}