원클릭으로
aws
AWS services including Lambda, S3, DynamoDB, CloudFormation, CDK, IAM, and serverless architecture patterns
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
AWS services including Lambda, S3, DynamoDB, CloudFormation, CDK, IAM, and serverless architecture patterns
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Unified design foundations — design system architecture, tokens, component specs, visual principles, creative vision, figma integration, plus brand design system loader (66 real brands via DESIGN.md). Absorbs design, design-system, design-systems, design-principles, design-router, creative-vision, figma, design-md.
Render, summarize, and present markdown documents and structured content in multiple output modes
Ultra UI skill - combines Google's DESIGN.md spec (machine-readable design tokens) with the ui-ux-pro-max knowledge base (91 styles, 161 palettes, 73 font pairings, 161 products, 104 UX guidelines, 25 chart types). Generates lint-clean DESIGN.md files, validates token references and WCAG contrast, exports Tailwind/DTCG tokens, and diffs design systems version-over-version.
Initialize UltraThink capabilities in the current project directory
Org-Bench Google-bipartite winning mechanism — the 4-section design-doc gate that every non-trivial change passes through. Use when the Director defines new work, when an Integrator reviews a lane (code/quality/devops), when the Director approves, or when a Worker is about to start coding and needs the spec. Tools live in the `design-doc` MCP server. Triggers on phrases like "design doc", "design review", "approve revision", "lane verdict", "what does this issue require", "is this approved yet".
Web scraping with anti-bot bypass (Cloudflare Turnstile etc.), stealth headless browsing, adaptive selectors, and concurrent crawls. Use when the user asks to scrape, crawl, or extract data from websites; the built-in WebFetch fails; the target has anti-bot protections; or the work needs JavaScript rendering. Prefers the registered MCP tools (mcp__scrapling__*) over raw Python so token cost stays low.
| name | aws |
| description | AWS services including Lambda, S3, DynamoDB, CloudFormation, CDK, IAM, and serverless architecture patterns |
| layer | domain |
| category | devops |
| triggers | ["aws","lambda","s3","dynamodb","cloudformation","cdk","api gateway","ecs","fargate","sqs","sns"] |
| inputs | ["architecture requirements","scaling needs","cost constraints","compliance requirements"] |
| outputs | ["CDK stacks","CloudFormation templates","Lambda functions","IAM policies","architecture diagrams"] |
| linksTo | ["terraform","kubernetes","monitoring","docker","cicd"] |
| linkedFrom | ["ship","plan","infrastructure"] |
| preferredNextSkills | ["monitoring","terraform","cicd"] |
| fallbackSkills | ["cloudflare","vercel"] |
| riskLevel | medium |
| memoryReadPolicy | selective |
| memoryWritePolicy | none |
| sideEffects | ["resource provisioning","IAM changes","deployments"] |
Design and implement scalable, cost-effective, and secure AWS architectures. This skill covers Lambda, S3, DynamoDB, ECS/Fargate, API Gateway, IAM, CDK, CloudFormation, and serverless-first design patterns.
import * as cdk from "aws-cdk-lib";
import * as lambda from "aws-cdk-lib/aws-lambda";
import * as apigateway from "aws-cdk-lib/aws-apigateway";
import * as dynamodb from "aws-cdk-lib/aws-dynamodb";
import { NodejsFunction } from "aws-cdk-lib/aws-lambda-nodejs";
import { Construct } from "constructs";
export class ApiStack extends cdk.Stack {
constructor(scope: Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// DynamoDB table
const table = new dynamodb.Table(this, "ItemsTable", {
tableName: `${id}-items`,
partitionKey: { name: "pk", type: dynamodb.AttributeType.STRING },
sortKey: { name: "sk", type: dynamodb.AttributeType.STRING },
billingMode: dynamodb.BillingMode.PAY_PER_REQUEST,
pointInTimeRecovery: true,
removalPolicy: cdk.RemovalPolicy.RETAIN,
timeToLiveAttribute: "ttl",
});
table.addGlobalSecondaryIndex({
indexName: "GSI1",
partitionKey: { name: "gsi1pk", type: dynamodb.AttributeType.STRING },
sortKey: { name: "gsi1sk", type: dynamodb.AttributeType.STRING },
projectionType: dynamodb.ProjectionType.ALL,
});
// Lambda function
const handler = new NodejsFunction(this, "ApiHandler", {
entry: "lambda/api/index.ts",
handler: "handler",
runtime: lambda.Runtime.NODEJS_20_X,
architecture: lambda.Architecture.ARM_64,
memorySize: 256,
timeout: cdk.Duration.seconds(30),
environment: {
TABLE_NAME: table.tableName,
NODE_OPTIONS: "--enable-source-maps",
},
bundling: {
minify: true,
sourceMap: true,
treeshaking: true,
},
tracing: lambda.Tracing.ACTIVE,
});
table.grantReadWriteData(handler);
// API Gateway
const api = new apigateway.RestApi(this, "Api", {
restApiName: `${id}-api`,
deployOptions: {
stageName: "v1",
throttlingRateLimit: 1000,
throttlingBurstLimit: 500,
},
defaultCorsPreflightOptions: {
allowOrigins: apigateway.Cors.ALL_ORIGINS,
allowMethods: apigateway.Cors.ALL_METHODS,
},
});
const items = api.root.addResource("items");
items.addMethod("GET", new apigateway.LambdaIntegration(handler));
items.addMethod("POST", new apigateway.LambdaIntegration(handler));
const item = items.addResource("{id}");
item.addMethod("GET", new apigateway.LambdaIntegration(handler));
item.addMethod("PUT", new apigateway.LambdaIntegration(handler));
item.addMethod("DELETE", new apigateway.LambdaIntegration(handler));
new cdk.CfnOutput(this, "ApiUrl", { value: api.url });
}
}
// Key schema for single-table design
interface DynamoItem {
pk: string; // Partition key
sk: string; // Sort key
gsi1pk?: string;
gsi1sk?: string;
type: string;
ttl?: number;
[key: string]: unknown;
}
// User: pk=USER#<id>, sk=PROFILE
// Order: pk=USER#<id>, sk=ORDER#<orderId>
// Product: pk=PRODUCT#<id>, sk=METADATA
// GSI1: gsi1pk=ORDER#<status>, gsi1sk=<createdAt>
import { DynamoDBClient } from "@aws-sdk/client-dynamodb";
import { DynamoDBDocumentClient, QueryCommand, PutCommand } from "@aws-sdk/lib-dynamodb";
const client = DynamoDBDocumentClient.from(new DynamoDBClient({}));
async function getUserWithOrders(userId: string) {
const result = await client.send(new QueryCommand({
TableName: process.env.TABLE_NAME,
KeyConditionExpression: "pk = :pk AND sk BETWEEN :profile AND :orders",
ExpressionAttributeValues: {
":pk": `USER#${userId}`,
":profile": "ORDER#",
":orders": "ORDER#~",
},
}));
return result.Items;
}
import { APIGatewayProxyHandlerV2 } from "aws-lambda";
// Cold start optimization: initialize outside handler
const db = DynamoDBDocumentClient.from(new DynamoDBClient({}));
export const handler: APIGatewayProxyHandlerV2 = async (event) => {
try {
const { httpMethod, pathParameters, body } = event;
switch (httpMethod) {
case "GET":
return await getItem(pathParameters?.id);
case "POST":
return await createItem(JSON.parse(body || "{}"));
default:
return { statusCode: 405, body: "Method Not Allowed" };
}
} catch (error) {
console.error("Lambda error:", error);
return {
statusCode: 500,
body: JSON.stringify({ error: "Internal Server Error" }),
};
}
};
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:Query",
"dynamodb:UpdateItem",
"dynamodb:DeleteItem"
],
"Resource": [
"arn:aws:dynamodb:us-east-1:123456789012:table/my-table",
"arn:aws:dynamodb:us-east-1:123456789012:table/my-table/index/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::my-bucket/uploads/*"
}
]
}
| Pitfall | Fix |
|---|---|
| Overly broad IAM policies | Use least privilege; specify resource ARNs |
| Lambda cold starts | Use provisioned concurrency for latency-sensitive paths |
| DynamoDB hot partitions | Distribute keys evenly; avoid sequential IDs |
| S3 public buckets | Block public access at account level |
| Missing CloudWatch alarms | Set alarms on errors, latency, throttling |
| Hardcoded region/account | Use Aws.REGION and Aws.ACCOUNT_ID in CDK |
import { S3Client, PutObjectCommand } from "@aws-sdk/client-s3";
import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
const s3 = new S3Client({});
async function getUploadUrl(key: string, contentType: string) {
const command = new PutObjectCommand({
Bucket: process.env.UPLOAD_BUCKET,
Key: key,
ContentType: contentType,
});
return getSignedUrl(s3, command, { expiresIn: 3600 });
}
import { SQSHandler } from "aws-lambda";
export const handler: SQSHandler = async (event) => {
const failedIds: string[] = [];
for (const record of event.Records) {
try {
const body = JSON.parse(record.body);
await processMessage(body);
} catch (error) {
console.error(`Failed to process ${record.messageId}:`, error);
failedIds.push(record.messageId);
}
}
// Partial batch failure reporting
if (failedIds.length > 0) {
return {
batchItemFailures: failedIds.map((id) => ({ itemIdentifier: id })),
};
}
};