-
Notifications
You must be signed in to change notification settings - Fork 0
/
dhis2.d2
112 lines (97 loc) · 2.44 KB
/
dhis2.d2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
direction: right
text: |md
# DHIS2 system boundary
## date: 14-03-2024
| {near: top-left}
internet: The Internet {
icon: https://upload.wikimedia.org/wikipedia/commons/5/57/OpenMoji-black_2601.svg
shape: image
}
users: DHIS2 Administrators {
icon: https://upload.wikimedia.org/wikipedia/commons/f/f1/Toicon-icon-feather-study.svg
shape: image
}
gcp: "DTB Google Cloud" {
style: {
stroke: "#000000"
fill: "#f1f3f4"
}
gcpicon: "" {
icon: https://upload.wikimedia.org/wikipedia/commons/5/51/Google_Cloud_logo.svg
width: 300
shape: image
}
hc: HC folder {
project2: HC project1 RBAC boundary {
style: {
stroke: "#ffffff"
fill: "#e1f6fe"
}
}
project3: HC project2 RBAC boundary {
style: {
stroke: "#ffffff"
fill: "#e1f6fe"
}
}
}
dmia: DMIA folder {
authbounds: Authorization boundary {
style: {
stroke: "#ff0000"
}
project: DHIS2 Project RBAC boundary {
style: {
stroke: "#ffffff"
fill: "#e1f6fe"
}
vpc: Default VPC Network 10.1.0.0/16 {
style: {
stroke: blue
font-color: blue
stroke-dash: 3
fill: transparent
}
fw: "Firewall: open ports 80 (redirect), 443" {
style: {
stroke: black
font-color: black
stroke-dash: 3
fill: transparent
}
k8s: Google Managed PaaS/GKE Autopilot {
style: {
stroke: blue
font-color: blue
fill: transparent
}
ingress: Google Managed Ingress
dhis2: "" {
icon: https://dhis2.org/wp-content/uploads/dhis2-logo-rgb-positive.svg
}
pg: PostgreSQL Database Cluster {
icon: https://cloudnative-pg.io/images/hero_image.svg
}
ingress -> dhis2: mtls
dhis2 -> pg: mtls
}
}
}
}
}
project2: DMIA project2 RBAC boundary {
style: {
stroke: "#ffffff"
fill: "#e1f6fe"
}
}
project3: DMIA project3 RBAC boundary {
style: {
stroke: "#ffffff"
fill: "#e1f6fe"
}
}
}
}
internet -> gcp.dmia.authbounds.project.vpc.fw.k8s.ingress: TLS 1.3
users -> gcp.dmia.authbounds.project.vpc.fw.k8s.ingress: TLS 1.3