一键在 Manus 中运行任何 Skill

aws-cli-beast

Provides advanced AWS CLI patterns for managing EC2, Lambda, S3, DynamoDB, RDS, VPC, IAM, and CloudWatch. Generates bulk operation scripts, automates cross-service workflows, validates security configurations, and executes JMESPath queries for complex filtering. Triggers on "aws cli help", "aws command line", "aws scripting", "aws automation", "aws batch operations", "aws bulk operations", "aws cli pagination", "aws multi-region", "aws profiles", "aws cli troubleshooting".

在 Manus 中运行

星标279

分支32

更新时间2026年3月24日 08:27

来源

giuseppe-trisciuoglio

giuseppe-trisciuoglio/developer-kit

打开 GitHub 仓库查看创作者相关仓库

安装命令

下载

在 Manus 中运行

适用职业SOC

网络与计算机系统管理员计算机与数学类职业15-1244L4

文件资源管理器

7 个文件

SKILL.md

readonly

name	aws-cli-beast
description	Provides advanced AWS CLI patterns for managing EC2, Lambda, S3, DynamoDB, RDS, VPC, IAM, and CloudWatch. Generates bulk operation scripts, automates cross-service workflows, validates security configurations, and executes JMESPath queries for complex filtering. Triggers on "aws cli help", "aws command line", "aws scripting", "aws automation", "aws batch operations", "aws bulk operations", "aws cli pagination", "aws multi-region", "aws profiles", "aws cli troubleshooting".
allowed-tools	Read, Write, Bash

AWS CLI Beast Mode

Overview

Advanced AWS CLI patterns for speed, precision, and security-first automation. Covers JMESPath queries, bulk operations, waiters, cross-account access, and destructive operation safety.

When to Use

Bulk operations across thousands of AWS resources
Advanced JMESPath filtering and output transformation
Automated scripts for AWS routines
Multi-profile and multi-region management
Security auditing and compliance checks
CLI-driven infrastructure-as-code workflows

Instructions

Step 1: Categorize the Request

Category	Services	Commands
Compute	EC2, Lambda	describe-instances, invoke, publish-version
Storage	S3	sync, cp, mb, rb, presign
Database	DynamoDB, RDS	query, scan, batch-write-item
Networking	VPC, Route53	describe-vpcs, describe-security-groups
Security	IAM	simulate-principal-policy, get-policy-version
Observability	CloudWatch	get-metric-statistics, filter-log-events

Step 2: Apply Beast Mode Principles

Dry-run first: Always validate with --dryrun or --dry-run
Query server-side: Use --query with JMESPath to filter before transfer
Batch intelligently: Paginate with --max-results and parallelize with xargs
Wait properly: Use built-in waiters or exponential backoff polling
Switch contexts: Use --profile and --region for multi-account operations

Step 3: Validate Destructive Operations

MANDATORY for any destructive operation:

# S3 sync with delete - MUST dry-run first
aws s3 sync s3://source/ s3://dest/ --delete --dryrun
# Review output, then remove --dryrun only if satisfied

# Bulk EC2 stop - validate targets first
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
  --query 'Reservations[].Instances[?State.Name==`running`].InstanceId' \
  --output text
# Confirm list, then pipe to stop command

# IAM policy attachment - simulate first
aws iam simulate-principal-policy \
  --policy-source-arn arn:aws:iam::123456789012:user/myuser \
  --action-names s3:DeleteObject \
  --resource-arns arn:aws:s3:::my-bucket/*

Step 4: Reference Detailed Guides

compute-mastery.md - EC2, Lambda, Spot Fleets, ASG
data-ops-beast.md - S3 multipart, DynamoDB batch, RDS snapshots
networking-security-hardened.md - VPC Flow Logs, IAM policies, security groups
automation-patterns.md - Shell aliases, JMESPath templates, CI/CD integration

Examples

Example 1: Bulk EC2 Stop

"Stop all development instances"

# 1. Dry-run: identify targets
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
           "Name=instance-state-name,Values=running" \
  --query 'Reservations[].Instances[].InstanceId' \
  --output text

# 2. Confirm IDs, then execute
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
           "Name=instance-state-name,Values=running" \
  --query 'Reservations[].Instances[].InstanceId' \
  --output text | xargs aws ec2 stop-instances --instance-ids

Example 2: S3 Migration with Encryption

"Migrate data between buckets with SSE"

# 1. Dry-run migration
aws s3 sync s3://source-bucket/ s3://dest-bucket/ \
  --sse AES256 \
  --storage-class GLACIER \
  --exclude "*.tmp" \
  --dryrun

# 2. Enable versioning on destination
aws s3api put-bucket-versioning \
  --bucket dest-bucket \
  --versioning-configuration Status=Enabled

# 3. Execute after review
aws s3 sync s3://source-bucket/ s3://dest-bucket/ \
  --sse AES256 \
  --storage-class GLACIER \
  --exclude "*.tmp"

Example 3: IAM Security Audit

"Find overprivileged IAM users"

aws iam list-users --query 'Users[].UserName' --output text | \
while read user; do
  echo "Checking $user..."
  aws iam simulate-principal-policy \
    --policy-source-arn "arn:aws:iam::123456789012:user/$user" \
    --action-names DeleteItem,DeleteTable,DeleteFunction \
    --resource-arns "*" \
    --query 'EvaluationResults[?EvalDecision==`allowed`]'
done

Example 4: Multi-Region Lambda Deployment

"Deploy Lambda to all regions"

for region in us-east-1 us-west-2 eu-west-1; do
  echo "Deploying to $region..."
  aws lambda update-function-code \
    --function-name my-function \
    --zip-file fileb://function.zip \
    --region $region \
    --publish
  aws lambda wait function-active \
    --function-name my-function \
    --region $region
done

Example 5: JMESPath Advanced Filtering

"Get running instances with specific tags as table"

aws ec2 describe-instances \
  --query 'Reservations[].Instances[?State.Name==`running`].[InstanceId,Tags[?Key==`Name`].Value[0]|[0],PrivateIpAddress]' \
  --output table

Best Practices

Use --output json for programmatic processing
Filter with JMESPath server-side before transfer
Implement retry logic with exponential backoff
Use waiters instead of manual polling loops
Tag all resources for cost allocation and automation
Separate dev/staging/prod with AWS profiles
Enable CloudTrail for audit compliance
Validate IAM policies with simulate-principal-policy before attachment
Use --dry-run on every state-modifying operation
Enable MFA for security-sensitive operations

Constraints and Warnings

Rate Limiting

AWS API throttling applies; use --max-throttle and exponential backoff
Check aws service-quotas for current limits

Pagination

Default page size is variable; use --max-results for consistency
Use --no-paginate with jq for full dataset processing

Destructive Operations

S3 sync --delete: Irreversibly removes files not in source
EC2 terminate-instances: Cannot be undone; validate instance IDs first
IAM detach/policy: May break existing access; simulate before applying
RDS delete-db-instance: Snapshots do not protect all scenarios; verify retention

Security

Never commit AWS credentials; use aws configure or environment variables
Rotate access keys regularly with aws iam create-access-key
Use least-privilege: simulate before granting permissions

同仓库更多 Skills

同仓库

typescript-security-review

giuseppe-trisciuoglio/developer-kit

Provides security review capability for TypeScript/Node.js applications, validates code against XSS, injection, CSRF, JWT/OAuth2 flaws, dependency CVEs, and secrets exposure. Use when performing security audits, before deployment, reviewing authentication/authorization implementations, or ensuring OWASP compliance for Express, NestJS, and Next.js. Triggers on "security review", "check for security issues", "TypeScript security audit".

2026-06-05279

constitution

giuseppe-trisciuoglio/developer-kit

Creates, updates, validates, and displays the architectural DNA of a project through two shared documents: docs/specs/architecture.md (technology stack, architectural rules, security constraints, AI guardrails) and docs/specs/ontology.md (domain glossary / Ubiquitous Language). Use BEFORE brainstorm as a project setup step, or at any point in the SDD lifecycle to validate specs/tasks against architecture principles. Triggers on 'create constitution', 'update constitution', 'constitution check', 'validate against constitution', 'project principles', 'architectural guardrails', 'setup project architecture', 'define ontology'.

2026-05-22279

ralph-loop

giuseppe-trisciuoglio/developer-kit

Ralph Wiggum-inspired automation loop for specification-driven development. Orchestrates task implementation, review, cleanup, and synchronization using a Python script. Use when: user runs /loop command, user asks to automate task implementation, user wants to iterate through spec tasks step-by-step, or user wants to run development workflow automation with context window management. One step per invocation. State machine: init → choose_task → implementation → review → fix → cleanup → sync → update_done. Supports --from-task and --to-task for task range filtering. State persisted in fix_plan.json.

2026-05-10279

specs-code-cleanup

giuseppe-trisciuoglio/developer-kit

Provides final code cleanup after task review approval. Removes debug logs, temporary comments, dead code, optimizes imports, and improves readability. Use when asked to clean up code, polish, finalize, tidy up, remove technical debt, or prepare code for completion after review. Not for refactoring logic or fixing bugs—focused solely on cosmetic and hygiene cleanup.

2026-05-09279

bug-fix-brief

giuseppe-trisciuoglio/developer-kit

Generates a structured Bug Fix Brief (BFB) to document issue corrections. Includes root cause analysis, repro steps, fix options, and fix checklist. Use when user asks to create a BFB, document a bug fix, or generate a bug correction document.

2026-05-02279

create-pr-from-spec

giuseppe-trisciuoglio/developer-kit

Create GitHub Pull Request from specification using pull_request_template.md. Use when: spec needs to be converted to PR, spec is ready for review/merge, need to automate PR creation from specification file with template-based body and title.

2026-05-01279

name	aws-cli-beast
description	Provides advanced AWS CLI patterns for managing EC2, Lambda, S3, DynamoDB, RDS, VPC, IAM, and CloudWatch. Generates bulk operation scripts, automates cross-service workflows, validates security configurations, and executes JMESPath queries for complex filtering. Triggers on "aws cli help", "aws command line", "aws scripting", "aws automation", "aws batch operations", "aws bulk operations", "aws cli pagination", "aws multi-region", "aws profiles", "aws cli troubleshooting".
allowed-tools	Read, Write, Bash

AWS CLI Beast Mode

Overview

Advanced AWS CLI patterns for speed, precision, and security-first automation. Covers JMESPath queries, bulk operations, waiters, cross-account access, and destructive operation safety.

When to Use

Bulk operations across thousands of AWS resources
Advanced JMESPath filtering and output transformation
Automated scripts for AWS routines
Multi-profile and multi-region management
Security auditing and compliance checks
CLI-driven infrastructure-as-code workflows

Instructions

Step 1: Categorize the Request

Category	Services	Commands
Compute	EC2, Lambda	describe-instances, invoke, publish-version
Storage	S3	sync, cp, mb, rb, presign
Database	DynamoDB, RDS	query, scan, batch-write-item
Networking	VPC, Route53	describe-vpcs, describe-security-groups
Security	IAM	simulate-principal-policy, get-policy-version
Observability	CloudWatch	get-metric-statistics, filter-log-events

Step 2: Apply Beast Mode Principles

Dry-run first: Always validate with --dryrun or --dry-run
Query server-side: Use --query with JMESPath to filter before transfer
Batch intelligently: Paginate with --max-results and parallelize with xargs
Wait properly: Use built-in waiters or exponential backoff polling
Switch contexts: Use --profile and --region for multi-account operations

Step 3: Validate Destructive Operations

MANDATORY for any destructive operation:

# S3 sync with delete - MUST dry-run first
aws s3 sync s3://source/ s3://dest/ --delete --dryrun
# Review output, then remove --dryrun only if satisfied

# Bulk EC2 stop - validate targets first
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
  --query 'Reservations[].Instances[?State.Name==`running`].InstanceId' \
  --output text
# Confirm list, then pipe to stop command

# IAM policy attachment - simulate first
aws iam simulate-principal-policy \
  --policy-source-arn arn:aws:iam::123456789012:user/myuser \
  --action-names s3:DeleteObject \
  --resource-arns arn:aws:s3:::my-bucket/*

Step 4: Reference Detailed Guides

compute-mastery.md - EC2, Lambda, Spot Fleets, ASG
data-ops-beast.md - S3 multipart, DynamoDB batch, RDS snapshots
networking-security-hardened.md - VPC Flow Logs, IAM policies, security groups
automation-patterns.md - Shell aliases, JMESPath templates, CI/CD integration

Examples

Example 1: Bulk EC2 Stop

"Stop all development instances"

# 1. Dry-run: identify targets
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
           "Name=instance-state-name,Values=running" \
  --query 'Reservations[].Instances[].InstanceId' \
  --output text

# 2. Confirm IDs, then execute
aws ec2 describe-instances \
  --filters "Name=tag:Environment,Values=development" \
           "Name=instance-state-name,Values=running" \
  --query 'Reservations[].Instances[].InstanceId' \
  --output text | xargs aws ec2 stop-instances --instance-ids

Example 2: S3 Migration with Encryption

"Migrate data between buckets with SSE"

# 1. Dry-run migration
aws s3 sync s3://source-bucket/ s3://dest-bucket/ \
  --sse AES256 \
  --storage-class GLACIER \
  --exclude "*.tmp" \
  --dryrun

# 2. Enable versioning on destination
aws s3api put-bucket-versioning \
  --bucket dest-bucket \
  --versioning-configuration Status=Enabled

# 3. Execute after review
aws s3 sync s3://source-bucket/ s3://dest-bucket/ \
  --sse AES256 \
  --storage-class GLACIER \
  --exclude "*.tmp"

Example 3: IAM Security Audit

"Find overprivileged IAM users"

aws iam list-users --query 'Users[].UserName' --output text | \
while read user; do
  echo "Checking $user..."
  aws iam simulate-principal-policy \
    --policy-source-arn "arn:aws:iam::123456789012:user/$user" \
    --action-names DeleteItem,DeleteTable,DeleteFunction \
    --resource-arns "*" \
    --query 'EvaluationResults[?EvalDecision==`allowed`]'
done

Example 4: Multi-Region Lambda Deployment

"Deploy Lambda to all regions"

for region in us-east-1 us-west-2 eu-west-1; do
  echo "Deploying to $region..."
  aws lambda update-function-code \
    --function-name my-function \
    --zip-file fileb://function.zip \
    --region $region \
    --publish
  aws lambda wait function-active \
    --function-name my-function \
    --region $region
done

Example 5: JMESPath Advanced Filtering

"Get running instances with specific tags as table"

aws ec2 describe-instances \
  --query 'Reservations[].Instances[?State.Name==`running`].[InstanceId,Tags[?Key==`Name`].Value[0]|[0],PrivateIpAddress]' \
  --output table

Best Practices

Use --output json for programmatic processing
Filter with JMESPath server-side before transfer
Implement retry logic with exponential backoff
Use waiters instead of manual polling loops
Tag all resources for cost allocation and automation
Separate dev/staging/prod with AWS profiles
Enable CloudTrail for audit compliance
Validate IAM policies with simulate-principal-policy before attachment
Use --dry-run on every state-modifying operation
Enable MFA for security-sensitive operations

Constraints and Warnings

Rate Limiting

AWS API throttling applies; use --max-throttle and exponential backoff
Check aws service-quotas for current limits

Pagination

Default page size is variable; use --max-results for consistency
Use --no-paginate with jq for full dataset processing

Destructive Operations

S3 sync --delete: Irreversibly removes files not in source
EC2 terminate-instances: Cannot be undone; validate instance IDs first
IAM detach/policy: May break existing access; simulate before applying
RDS delete-db-instance: Snapshots do not protect all scenarios; verify retention

Security

Never commit AWS credentials; use aws configure or environment variables
Rotate access keys regularly with aws iam create-access-key
Use least-privilege: simulate before granting permissions