Skip to main content

Infrastructure Wizard Overview

The Infrastructure Wizard is Guardian Pro's AI-powered infrastructure generation tool. It takes your requirements -- expressed as a natural language conversation or detected from an existing codebase -- and produces production-ready infrastructure templates that follow AWS best practices out of the box.

Whether you are building a new application from scratch or migrating an existing project to AWS, the Wizard eliminates the manual effort of writing infrastructure definitions by hand. It handles networking, compute, databases, storage, security, and monitoring, all configured with encryption, least-privilege access, and observability baked in.

Two Paths to Your Infrastructure

The Wizard offers two distinct starting points, depending on where you are in your project.

Path 1: Describe Your Requirements

Start a conversation with the AI architect and describe what you need in plain English. The Wizard asks clarifying questions to understand your workload, then generates a complete infrastructure template tailored to your answers.

This path is ideal when you are:

  • Starting a new project and know what you want to build
  • Exploring infrastructure options before committing to a design
  • Prototyping quickly without writing any infrastructure code

See Describe Your Requirements for a detailed walkthrough.

Path 2: Scan an Existing Repository

Connect your GitHub or GitLab repository and let the Wizard analyse your codebase. It automatically detects your programming languages, frameworks, databases, storage requirements, and workload patterns, then generates an infrastructure template that matches your application.

This path is ideal when you:

  • Have an existing application you want to deploy to AWS
  • Want infrastructure that precisely matches your application's technology stack
  • Prefer an automated approach over manually describing requirements

See Repository Scanning for setup and usage instructions.

What the Wizard Generates

Regardless of which path you choose, the Wizard produces a comprehensive infrastructure template that includes:

ComponentWhat Is Included
NetworkingVPC with public and private subnets across multiple Availability Zones, NAT gateways, route tables, and security groups
ComputeThe right compute service for your workload -- containers, serverless functions, or EC2 instances with auto-scaling
DatabasesManaged database services matched to your data requirements, with encryption at rest and automated backups
StorageObject storage, file systems, or container registries as needed, with appropriate access policies
SecurityEncryption keys, secrets management, IAM roles with least-privilege policies, and web application firewalls where appropriate
MonitoringLogging, metrics, alarms, and tracing configured for all deployed services
tip

Every template the Wizard generates follows AWS Well-Architected best practices. Encryption is enabled by default, IAM roles use least-privilege permissions, and monitoring is configured for all resources.

Wizard Workflow

The end-to-end workflow follows four stages, regardless of which starting path you choose:

Choose Path --> Define Requirements --> Review Template --> Deploy
  (describe       (conversation or        (inspect and       (preflight check
   or scan)        repo analysis)          customise)         and deploy)
  1. Choose your path -- Describe requirements or scan a repository.
  2. Define requirements -- Through a multi-turn AI conversation or automated codebase analysis.
  3. Review the template -- Inspect the generated resources, modify configurations, and verify the design meets your needs.
  4. Deploy -- Run preflight validation, then deploy directly from Guardian Pro or download the template for manual deployment.

Each stage is covered in its own documentation page. See the links in the Next Steps section below.

Built-In Best Practices

Templates generated by the Wizard are not just functional -- they are production-grade. Every template includes:

  • Encryption everywhere -- Data at rest and in transit is encrypted using managed encryption keys.
  • Least-privilege IAM -- Each service gets only the permissions it needs, nothing more.
  • Multi-AZ resilience -- Resources are distributed across Availability Zones for high availability.
  • Monitoring and alerting -- Logging, metrics, and alarms are configured so you have visibility from day one.
  • Cost-aware defaults -- The Wizard selects appropriately sized resources based on your described workload, avoiding over-provisioning.
  • Stack protection -- Stateful resources like databases and file systems are protected against accidental deletion.
info

The Wizard adapts its recommendations based on your described environment tier. A production workload receives multi-AZ databases, NAT gateways, and full monitoring. A development environment gets cost-optimised, single-AZ configurations.

Supported Services

The Wizard supports a wide range of AWS services across all major categories:

  • Compute -- Containers (Fargate), serverless functions, EC2 with auto-scaling, App Runner, Batch
  • Databases -- Relational (Aurora, RDS), NoSQL (DynamoDB), caching (ElastiCache), search (OpenSearch), data warehousing (Redshift)
  • Storage -- Object storage (S3), file systems (EFS), container registries (ECR)
  • Networking -- VPC, subnets, NAT gateways, load balancers, VPC endpoints, CDN (CloudFront)
  • Security -- Encryption (KMS), secrets management, WAF, certificates (ACM)
  • Serverless -- Event buses, message queues, notification topics, orchestration workflows, data streams
  • AI/ML -- AI model access, machine learning endpoints, ETL pipelines
  • DevOps -- CI/CD pipelines, build projects, deployment automation
  • Observability -- Logging, metrics, tracing, audit trails, flow logs
  • Identity -- User pools, authentication, API authorization (GraphQL and REST)

Integration with Guardian Pro

After deploying infrastructure through the Wizard, it becomes part of your monitored environment:

  • Resource Discovery automatically picks up the new resources in the next scan.
  • Security Scanning evaluates them against hundreds of automated checks.
  • Cost Intelligence tracks the spending impact of the new infrastructure.
  • Architecture Advisor incorporates the resources into your dependency graph and risk analysis.

This means you get immediate governance coverage for anything the Wizard deploys, with no additional setup required.

Subscription Tier Availability

The Infrastructure Wizard is available on all Guardian Pro subscription tiers. The number of templates you can generate and deploy per month varies by tier. Check your Subscription page for your current limits.

Next Steps

  • Describe Your Requirements -- Start a conversation with the AI architect to generate infrastructure from a description.
  • Scan a Repository -- Connect a Git repository and let the Wizard detect your requirements automatically.
  • Review Your Template -- Understand and customise the generated infrastructure template.
  • Deploy -- Validate and deploy your template to AWS.