Skip to main content
Alison Aquinas logoAlison's LLM Skills Marketplace

aws

Included in skill bundleci-cdView on GitHub ↗

Files

SKILL.mdagentsreferencesscripts

Install

Install only this skill with npx skills
npx skills add alisonaquinas/llm-ci-dev --skill 'aws' -g -y
Install the containing skill bundle
/plugin install ci-cd@llm-skills
Download aws-skill.zip
This skill is bundled inside ci-cd. Use npx skills when you only want this skill, or install the bundle once to make every included skill available through the plugin marketplace flow. Browse the full skill bundle repository at github.com/alisonaquinas/llm-ci-dev.

Invoke

Invoke this skill after installation
/ci-cd:aws

SKILL.md

name: aws description: Operate AWS CLI (aws) for authentication checks, profile and region context inspection, service command planning, and safe command execution. Use when tasks mention AWS CLI commands, profiles/regions, STS identity checks, or AWS service operations from terminal workflows.

AWS CLI

Intent Router

RequestReferenceLoad When
Install tool, first-time setupreferences/install-and-setup.mdUser needs to install AWS CLI or do initial configuration
Command patterns, JMESPathreferences/command-cookbook.mdUser needs S3/EC2/IAM/Lambda patterns, query syntax, or command examples
Authentication, credentials, SSOreferences/auth-and-config.mdUser needs credential chain info, SSO setup, MFA, or troubleshooting auth errors

Workflow

  1. Run preflight before AWS CLI workflows.
  2. Check authentication and identity (sts get-caller-identity).
  3. Confirm active profile and region context.
  4. Choose a service command track and inspect first.
  5. Require explicit confirmation before mutating commands.
# Verify identity, list profiles, and confirm S3 access
aws sts get-caller-identity
aws configure list-profiles
aws s3 ls

Preflight

Use bundled scripts:

  • scripts/aws-preflight.sh
  • scripts/aws-auth-status.sh
  • scripts/aws-context.sh
  • scripts/aws-diagnostics.sh [--json] [--out <file>]

Core Command Tracks

  • Identity and context: aws sts get-caller-identity, aws configure list-profiles, aws configure get region
  • Service inspection: aws <service> list-*, aws <service> describe-*, aws <service> get-*
  • Output and filtering: Use --query (JMESPath) and --output json|table|yaml.
  • Profile and region targeting: Use --profile and --region explicitly for multi-account workflows.

Safety Guardrails

  • Inspect commands first, then propose mutations.
  • Ask for explicit confirmation before create, put, update, delete, terminate, or policy changes.
  • Avoid exposing credential values or sensitive account details.
  • Use the narrowest scope possible (resource ARN/ID, profile, and region).

Troubleshooting

  • If identity checks fail, verify credentials/profile and re-run scripts/aws-auth-status.sh.
  • If region is missing, set AWS_REGION or configure region for the active profile.
  • If endpoint/network calls fail, capture diagnostics first and retry when connectivity is available.
# Diagnose auth failures: show current credentials and active profile config
aws configure list
aws sts get-caller-identity --profile default

References

← Back to marketplace