Agent skill

aws-specialist

Deliver AWS-first architectures with secure, cost-aware operations

View SKILL.md on GitHub Repository
Stars 163
Forks 31

Install this agent skill to your Project

npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/devops/aws-specialist-dnyoussef-context-cascade

SKILL.md

STANDARD OPERATING PROCEDURE

Purpose

Provide AWS-focused design, implementation, and tuning across networking, IAM, data, observability, and cost controls.

Trigger Conditions

  • Positive: AWS deployment or migration; AWS performance or cost optimization; AWS security/guardrail setup
  • Negative: Multi-cloud portfolio (route to cloud-platforms); Kubernetes cluster asks (route to kubernetes-specialist); App-level performance triage (route to performance-analysis)

Guardrails

  • Structure-first: keep SKILL.md aligned with examples/, tests/, and any resources/references so downstream agents always have scaffolding.
  • Adversarial validation is mandatory: cover boundary cases, failure paths, and rollback drills before declaring the SOP complete.
  • Prompt hygiene: separate hard vs. soft vs. inferred constraints and confirm inferred constraints before acting.
  • Explicit confidence ceilings: format as 'Confidence: X.XX (ceiling: TYPE Y.YY)' and never exceed the ceiling for the claim type.
  • MCP traceability: tag sessions WHO=operations-{name}-{session_id}, WHY=skill-execution, and capture evidence links in outputs.
  • Avoid anti-patterns: undocumented changes, missing rollback paths, skipped tests, or unbounded automation without approvals.

Required Artifacts

  • SKILL.md (this SOP)
  • metadata.json for registry details

Execution Phases

  1. Baseline the AWS environment

    • Map accounts/OUs, workloads, and regulatory constraints
    • Identify current guardrails (SCPs, IAM boundaries, Config rules)
    • Select relevant AWS services and regions

  2. Design service architecture

    • Define VPC/network topology, IAM roles, and data storage patterns
    • Plan observability (CloudWatch/OTel), backup, and DR
    • Outline deployment pipelines and artifact strategy

  3. Implement and tune

    • Codify infrastructure via IaC with peer review
    • Apply performance and cost levers (autoscaling, savings plans, storage classes)
    • Enable security controls (KMS, GuardDuty, Inspector) with alerts

  4. Validate and hand off

    • Execute security/performance checks and capture evidence
    • Verify drift detection and backups
    • Document runbooks, ownership, and escalation

Output Format

  • AWS architecture diagram and account/OU map
  • Service configuration plan (VPC, IAM, storage, data protection)
  • Change set or IaC notes with review status
  • Validation results (CIS/security, performance, cost) with links
  • Runbook updates with alarms, dashboards, and on-call paths

Validation Checklist

  • Least-privilege IAM and network boundaries reviewed
  • Data residency, backup, and DR patterns documented
  • Observability and alarm coverage confirmed
  • Tests or checks executed for changes and dependencies
  • Confidence ceiling stated for AWS readiness

Confidence: 0.70 (ceiling: inference 0.70) - plan grounded in AWS controls and reviewable IaC

Didn't find tool you were looking for?

Be as detailed as possible for better results