Alison Aquinas logoAlison's LLM Plugins

aws

Included in pluginci-cdView on GitHub ↗

Files

SKILL.mdagentsreferencesscripts

Install

Install the containing plugin
/plugin install ci-cd@llm-skills
Invoke this skill after installation
/ci-cd:aws
Download aws-skill.zip
This skill is bundled inside ci-cd. Install the plugin once, then Claude Code can use any of its included skills. Browse the full plugin repository at github.com/alisonaquinas/llm-ci-dev.

SKILL.md

name: aws description: Operate AWS CLI (aws) for authentication checks, profile and region context inspection, service command planning, and safe command execution. Use when tasks mention AWS CLI commands, profiles/regions, STS identity checks, or AWS service operations from terminal workflows.

AWS CLI

Intent Router

RequestReferenceLoad When
Install tool, first-time setupreferences/install-and-setup.mdUser needs to install AWS CLI or do initial configuration
Command patterns, JMESPathreferences/command-cookbook.mdUser needs S3/EC2/IAM/Lambda patterns, query syntax, or command examples
Authentication, credentials, SSOreferences/auth-and-config.mdUser needs credential chain info, SSO setup, MFA, or troubleshooting auth errors

Workflow

  1. Run preflight before AWS CLI workflows.
  2. Check authentication and identity (sts get-caller-identity).
  3. Confirm active profile and region context.
  4. Choose a service command track and inspect first.
  5. Require explicit confirmation before mutating commands.
# Verify identity, list profiles, and confirm S3 access
aws sts get-caller-identity
aws configure list-profiles
aws s3 ls

Preflight

Use bundled scripts:

  • scripts/aws-preflight.sh
  • scripts/aws-auth-status.sh
  • scripts/aws-context.sh
  • scripts/aws-diagnostics.sh [--json] [--out <file>]

Core Command Tracks

  • Identity and context: aws sts get-caller-identity, aws configure list-profiles, aws configure get region
  • Service inspection: aws <service> list-*, aws <service> describe-*, aws <service> get-*
  • Output and filtering: Use --query (JMESPath) and --output json|table|yaml.
  • Profile and region targeting: Use --profile and --region explicitly for multi-account workflows.

Safety Guardrails

  • Inspect commands first, then propose mutations.
  • Ask for explicit confirmation before create, put, update, delete, terminate, or policy changes.
  • Avoid exposing credential values or sensitive account details.
  • Use the narrowest scope possible (resource ARN/ID, profile, and region).

Troubleshooting

  • If identity checks fail, verify credentials/profile and re-run scripts/aws-auth-status.sh.
  • If region is missing, set AWS_REGION or configure region for the active profile.
  • If endpoint/network calls fail, capture diagnostics first and retry when connectivity is available.
# Diagnose auth failures: show current credentials and active profile config
aws configure list
aws sts get-caller-identity --profile default

References

← Back to marketplace