‹ 首页

aws-cli-beast

@giuseppe-trisciuoglio · 收录于 1 周前

Provides advanced AWS CLI patterns for managing EC2, Lambda, S3, DynamoDB, RDS, VPC, IAM, and CloudWatch. Generates bulk operation scripts, automates cross-service workflows, validates security configurations, and executes JMESPath queries for complex filtering. Triggers on "aws cli help", "aws command line", "aws scripting", "aws automation", "aws batch operations", "aws bulk operations", "aws cli pagination", "aws multi-region", "aws profiles", "aws cli troubleshooting".

适合你,如果经常用 AWS CLI 处理复杂云资源管理任务

/ 下载安装
aws-cli-beast.skill双击,或拖进 Claude 桌面版 / Cowork,即完成安装↓ .skill↓ .zip
用别的 agent?下载 .zip 解压,把文件夹放进它的技能目录
Claude Code~/.claude/skills/(项目级 .claude/skills/)
Codex CLI~/.codex/skills/
Cursor自动读取上面两处目录
其他工具见其文档的「skills」目录;两个下载是同一份文件,只是名字不同
/ 通过 npx 安装 校验哈希
npx oh-my-skill add giuseppe-trisciuoglio/developer-kit/aws-cli-beast
/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- giuseppe-trisciuoglio/developer-kit/aws-cli-beast
/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify giuseppe-trisciuoglio/developer-kit/aws-cli-beast
安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
303GitHub stars
~1.3K最小装载
~1.3K含声明引用
~11.8K文本包总量
镜像托管

怎么用

技能原文 SKILL.md作者撰写 · MIT · 306f428

AWS CLI Beast Mode

Overview

Advanced AWS CLI patterns for speed, precision, and security-first automation. Covers JMESPath queries, bulk operations, waiters, cross-account access, and destructive operation safety.

When to Use
  • Bulk operations across thousands of AWS resources
  • Advanced JMESPath filtering and output transformation
  • Automated scripts for AWS routines
  • Multi-profile and multi-region management
  • Security auditing and compliance checks
  • CLI-driven infrastructure-as-code workflows
Instructions
Step 1: Categorize the Request

| Category | Services | Commands | |----------|----------|----------| | Compute | EC2, Lambda | describe-instances, invoke, publish-version | | Storage | S3 | sync, cp, mb, rb, presign | | Database | DynamoDB, RDS | query, scan, batch-write-item | | Networking | VPC, Route53 | describe-vpcs, describe-security-groups | | Security | IAM | simulate-principal-policy, get-policy-version | | Observability | CloudWatch | get-metric-statistics, filter-log-events |

Step 2: Apply Beast Mode Principles
  1. Dry-run first: Always validate with --dryrun or --dry-run
  2. Query server-side: Use --query with JMESPath to filter before transfer
  3. Batch intelligently: Paginate with --max-results and parallelize with xargs
  4. Wait properly: Use built-in waiters or exponential backoff polling
  5. Switch contexts: Use --profile and --region for multi-account operations
Step 3: Validate Destructive Operations

MANDATORY for any destructive operation:

# S3 sync with delete - MUST dry-run first
aws s3 sync s3://source/ s3://dest/ --delete --dryrun
# Review output, then remove --dryrun only if satisfied

# Bulk EC2 stop - validate targets first
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
  --query 'Reservations[].Instances[?State.Name==`running`].InstanceId' \
  --output text
# Confirm list, then pipe to stop command

# IAM policy attachment - simulate first
aws iam simulate-principal-policy \
  --policy-source-arn arn:aws:iam::123456789012:user/myuser \
  --action-names s3:DeleteObject \
  --resource-arns arn:aws:s3:::my-bucket/*
Step 4: Reference Detailed Guides
  • compute-mastery.md - EC2, Lambda, Spot Fleets, ASG
  • data-ops-beast.md - S3 multipart, DynamoDB batch, RDS snapshots
  • networking-security-hardened.md - VPC Flow Logs, IAM policies, security groups
  • automation-patterns.md - Shell aliases, JMESPath templates, CI/CD integration
Examples
Example 1: Bulk EC2 Stop

"Stop all development instances"

# 1. Dry-run: identify targets
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
           "Name=instance-state-name,Values=running" \
  --query 'Reservations[].Instances[].InstanceId' \
  --output text

# 2. Confirm IDs, then execute
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
           "Name=instance-state-name,Values=running" \
  --query 'Reservations[].Instances[].InstanceId' \
  --output text | xargs aws ec2 stop-instances --instance-ids
Example 2: S3 Migration with Encryption

"Migrate data between buckets with SSE"

# 1. Dry-run migration
aws s3 sync s3://source-bucket/ s3://dest-bucket/ \
  --sse AES256 \
  --storage-class GLACIER \
  --exclude "*.tmp" \
  --dryrun

# 2. Enable versioning on destination
aws s3api put-bucket-versioning \
  --bucket dest-bucket \
  --versioning-configuration Status=Enabled

# 3. Execute after review
aws s3 sync s3://source-bucket/ s3://dest-bucket/ \
  --sse AES256 \
  --storage-class GLACIER \
  --exclude "*.tmp"
Example 3: IAM Security Audit

"Find overprivileged IAM users"

aws iam list-users --query 'Users[].UserName' --output text | \
while read user; do
  echo "Checking $user..."
  aws iam simulate-principal-policy \
    --policy-source-arn "arn:aws:iam::123456789012:user/$user" \
    --action-names DeleteItem,DeleteTable,DeleteFunction \
    --resource-arns "*" \
    --query 'EvaluationResults[?EvalDecision==`allowed`]'
done
Example 4: Multi-Region Lambda Deployment

"Deploy Lambda to all regions"

for region in us-east-1 us-west-2 eu-west-1; do
  echo "Deploying to $region..."
  aws lambda update-function-code \
    --function-name my-function \
    --zip-file fileb://function.zip \
    --region $region \
    --publish
  aws lambda wait function-active \
    --function-name my-function \
    --region $region
done
Example 5: JMESPath Advanced Filtering

"Get running instances with specific tags as table"

aws ec2 describe-instances \
  --query 'Reservations[].Instances[?State.Name==`running`].[InstanceId,Tags[?Key==`Name`].Value[0]|[0],PrivateIpAddress]' \
  --output table
Best Practices
  1. Use --output json for programmatic processing
  2. Filter with JMESPath server-side before transfer
  3. Implement retry logic with exponential backoff
  4. Use waiters instead of manual polling loops
  5. Tag all resources for cost allocation and automation
  6. Separate dev/staging/prod with AWS profiles
  7. Enable CloudTrail for audit compliance
  8. Validate IAM policies with simulate-principal-policy before attachment
  9. Use --dry-run on every state-modifying operation
  10. Enable MFA for security-sensitive operations
Constraints and Warnings
Rate Limiting
  • AWS API throttling applies; use --max-throttle and exponential backoff
  • Check aws service-quotas for current limits
Pagination
  • Default page size is variable; use --max-results for consistency
  • Use --no-paginate with jq for full dataset processing
Destructive Operations
  • S3 sync --delete: Irreversibly removes files not in source
  • EC2 terminate-instances: Cannot be undone; validate instance IDs first
  • IAM detach/policy: May break existing access; simulate before applying
  • RDS delete-db-instance: Snapshots do not protect all scenarios; verify retention
Security
  • Never commit AWS credentials; use aws configure or environment variables
  • Rotate access keys regularly with aws iam create-access-key
  • Use least-privilege: simulate before granting permissions
按 MIT 许可原样转载,未经改动 · 在 GitHub 查看 →

评论

登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。