Architecture AWS couvrant EC2, Lambda, S3, RDS, VPC, IAM et CloudFormation. Se déclenche avec "AWS", "Amazon Web Services", "Lambda", "EC2", "S3", "CloudFormation", "arch — from…
Expert knowledge for deploying, managing, and troubleshooting AWS Elastic Beanstalk applications with production best practices
Analyze AWS costs, find savings, manage budgets, evaluate Savings Plans and Reserved Instances, right-size EC2/Lambda/RDS/EBS with Compute Optimizer, look up service pricing,…
Assess AWS change impact using change sets, deployment blast radius, rollback readiness, dependency mapping, risk, go/no-go context, approval context, and stakeholder…
Troubleshoots and debugs AWS Clean Rooms collaboration issues related to IAM roles, S3 bucket policies, KMS keys, Lake Formation permissions, and CloudWatch logging for custom ML…
AWS cloud patterns for Lambda, ECS, S3, DynamoDB, and Infrastructure as Code with CDK/Terraform
Comprehensive AWS cloud services skill covering S3, Lambda, DynamoDB, EC2, RDS, IAM, CloudFormation, and enterprise cloud architecture patterns with AWS SDK
Distribute content globally using CloudFront with caching, security headers, WAF integration, and origin configuration. Use for low-latency content delivery.
Normalizes and enriches AWS CloudTrail JSON logs into OCSF (Open Cybersecurity Schema Framework) format.
Creates and manages CloudWatch alarms using the AWS SDK for JavaScript v3 (@aws-sdk/client-cloudwatch).
Diagnoses firing AWS CloudWatch alarms by querying CloudWatch Metrics, alarm history, and related AWS Config resource snapshots via the AWS SDK.
Automates incident response for AWS CloudWatch alarms using boto3, the CloudWatch GetMetricData API, and AWS Systems Manager runbook documents.
Triages AWS CloudWatch alarms using boto3 CloudWatch.describe_alarms, CloudWatch Logs Insights queries, and AWS X-Ray trace analysis via the xray-sdk.
Triages AWS CloudWatch alarms using the CloudWatch DescribeAlarms API, GetMetricData for historical analysis, and CloudTrail LookupEvents for root cause correlation.
Triages AWS CloudWatch alarms by correlating alarm state changes with CloudTrail events and EC2 instance health using boto3.
Uses AWS CloudWatch SDK (boto3) to configure anomaly detection bands on metrics via PutAnomalyDetector API.
Investigates CloudWatch metric anomalies using the AWS SDK CloudWatch.getMetricData and Logs.filterLogEvents APIs.
Executes structured diagnostic runbooks when CloudWatch Anomaly Detection triggers alarms. Uses the AWS SDK CloudWatch client (GetMetricData, DescribeAlarms) to gather context and…
Creates and manages AWS CloudWatch composite alarms using the CloudWatch PutCompositeAlarm API. Builds alarm rule expressions from existing metric alarms with AND/OR/NOT logic for…
Runs CloudWatch Logs Insights queries via AWS SDK for JavaScript v3. Analyzes Lambda cold starts, API Gateway latency, and ECS container logs.
Builds CloudWatch Logs Insights queries and metric alarms using AWS SDK v3 (@aws-sdk/client-cloudwatch-logs, @aws-sdk/client-cloudwatch).
Analyzes AWS CloudWatch Logs using the CloudWatch Logs API and Logs Insights query syntax. Identifies error patterns, calculates error rates, and generates metric filters from log…
Investigates anomalous patterns in AWS CloudWatch Logs using the CloudWatch Logs Insights API and CloudWatch Anomaly Detection.
Scans AWS CloudWatch Logs using the CloudWatch Logs Insights API and CloudWatch Anomaly Detection API.
Uses AWS SDK CloudWatchClient GetMetricData and CloudWatch Logs Insights StartQueryExecution to automate incident triage.
Manages AWS CodePipeline stages and actions using AWS SDK for JavaScript (CodePipeline, CodeBuild, CodeDeploy APIs).
AWS 인프라 정보 수집 도구. ECS 상태·CloudWatch 로그·메트릭스를 가져온다. Use when: ECS 상태 확인, CloudWatch 오류 로그 조사, 메트릭스 조회, AWS 리소스 모니터링이 필요할 때.
Map AWS compliance evidence for audits across Security Hub controls, AWS Config rules/conformance packs, Audit Manager assessments, evidence folders, manual evidence, AWS Artifact…
Deploys and operates containerized workloads on ECS, Fargate, and ECR. Covers task definitions, Fargate services, ECR repository setup and lifecycle policies, ECS Exec debugging,…
Review AWS cost anomalies using Cost Explorer, Cost Anomaly Detection, Budgets, usage spikes, commitments, and tagging gaps.
AWS cost optimization - EC2 Reserved Instances, Savings Plans, Spot, Lambda optimization, Cost Explorer, Trusted Advisor.
Provides structured AWS cost optimization guidance using five pillars (right-sizing, elasticity, pricing models, storage optimization, monitoring) and twelve actionable best…
Review AWS cost optimization and FinOps posture across Cost Explorer, Budgets, Cost Optimization Hub, Compute Optimizer, Savings Plans, Reserved Instances, tagging, showback, idle…
Comprehensive AWS cost analysis and optimization recommendations using AWS CLI and Cost Explorer
Prepare AWS daily operations briefings using CloudWatch, Personal Health Dashboard, Trusted Advisor, cost signals, deployment timelines, incidents, risks, and action backlog.
Review AWS backup and data protection implementation across AWS Backup, EBS/RDS/EFS/S3 recovery patterns, vaults, vault lock, retention, encryption, cross-account/cross-Region…
AWS development best practices for Lambda, SAM, CDK, DynamoDB, IAM, and serverless architecture using Infrastructure as Code.
Generate AWS architecture diagrams from infrastructure JSON. Use when user asks to "generate diagram", "create AWS diagram", "visualize infrastructure", or "draw architecture".
Discover AWS infrastructure and save to JSON. Use when user asks to "discover AWS", "explore AWS account", "scan AWS infrastructure", or "create infrastructure JSON".
Use when designing and rehearsing AWS disaster-recovery and multi-region posture for a workload after the runtime and observability exist and reliability and operations have…
Review Amazon EC2 compute operations across instances, Auto Scaling groups, Launch Templates, AMIs, Systems Manager, Patch Manager, Session Manager, EBS volumes, snapshots, health…
Launch and configure EC2 instances with security groups, IAM roles, key pairs, AMIs, and auto-scaling. Use for virtual servers and managed infrastructure.
Review Amazon ECS and Fargate platform operations across services, task definitions, task roles, execution roles, capacity providers, load balancers, deployment circuit breakers,…
Correct AWS ECS and Fargate service definitions, task definition config, deployment parameters, health checks, environment settings, and rollout wiring in-repo.
Amazon Elastic Kubernetes Service (EKS) for running Kubernetes on AWS. Use for container orchestration, deploying applications, managing clusters, and Kubernetes workloads on AWS.
Review Amazon EKS Kubernetes platform operations across cluster access, IRSA, IAM roles for service accounts, pod identity, node groups, Karpenter, autoscaling, CNI/network…
AWS 인증시험 기반 스킬 자율학습 파이프라인 v2.1. 시험 출제 → DKR-blind 응답 → 스킬체인 실행 → 이중 트랙 채점 → 반성 → regression 추적 → 인간 승인 루프. SAP-C02 인증 문제은행 지원.
Build Amazon Bedrock and serverless generative AI applications using Lambda, API Gateway, Step Functions, EventBridge, S3, DynamoDB, SQS, Guardrails, and IAM.
Review AWS infrastructure-as-code changes across CDK, CloudFormation, SAM, Terraform, Serverless Framework, generated templates, plans, stack updates, change sets, and drift.
Edit AWS IaC files including CloudFormation, SAM, CDK config, and Terraform to patch defects, prepare change set review, or unblock rollout work.
Review AWS IAM identity policies, trust policies, resource policies, permission boundaries, SCPs, session policies, role design, pass-role, federation, and Access Analyzer…
AWS IAM 权限提升专项方法论。当已获取 AWS 凭据并需要提升权限、发现当前 IAM 用户/角色权限有限需要横向或纵向提权、或需要分析 IAM Policy 寻找提权路径时使用。覆盖 46 个 AWS 服务的提权技术,包括 PassRole 滥用、AssumeRole 链式提权、Lambda/EC2/ECS 计算服务提权、以及 NotAction…
Uses boto3 and the AWS IAM Access Analyzer API to enumerate all roles, policies, and users, then flags permission combinations that could allow privilege escalation to…
Chat-based AWS infrastructure assistance using AWS CLI and console context. Use for querying, auditing, and monitoring AWS resources (EC2, S3, IAM, Lambda, ECS/EKS, RDS,…
AWS infrastructure as code with Terraform and CDK, including VPC design, EKS cluster setup, S3 bucket configuration, RDS databases, DynamoDB tables, Lambda functions, API Gateway,…
Design and implement AWS infrastructure using IaC (CloudFormation, CDK, Terraform) with boto3 expertise and Well-Architected Framework guidance.
Expertise in evaluating AWS accounts for compliance — what checks are meaningful, which SCF controls they map to, and how to interpret aws CLI output.
Review AWS KMS and Secrets Manager lifecycle posture across key policies, grants, rotation, multi-Region keys, imported key material, aliases, secret rotation, replication,…
Build serverless applications with AWS Lambda and TypeScript. Covers handler patterns, API Gateway integration, DynamoDB operations, SQS/S3/DynamoDB Streams event sources, SAM…
Build resilient, long-running, multi-step applications with AWS Lambda durable functions with automatic state persistence, retry logic, and orchestration for long-running…