AWS Skill

Provides comprehensive AWS cloud capabilities for the Golden Armada AI Agent Fleet Platform.

为Golden Armada AI Agent Fleet Platform提供全面的AWS云服务能力。

When to Use This Skill

何时使用该Skill

Activate this skill when working with:

AWS infrastructure provisioning
EKS cluster management
S3 storage operations
Lambda functions
IAM and security

在以下场景中激活该Skill：

AWS基础设施配置
EKS集群管理
S3存储操作
Lambda函数管理
IAM与安全管控

AWS CLI Quick Reference

AWS CLI快速参考

Configuration

配置

```bash

bash

undefined

Configure credentials

aws configure

Check identity

aws sts get-caller-identity

Set profile

export AWS_PROFILE=production aws s3 ls --profile production ```

export AWS_PROFILE=production aws s3 ls --profile production

undefined

EC2

```bash

bash

undefined

List instances

aws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId,State.Name,Tags[?Key==

Name

].Value]'

aws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId,State.Name,Tags[?Key==

Name

].Value]'

Start/Stop

aws ec2 start-instances --instance-ids i-1234567890 aws ec2 stop-instances --instance-ids i-1234567890

Create instance

aws ec2 run-instances
--image-id ami-12345678
--instance-type t3.medium
--key-name my-key
--security-group-ids sg-12345678
--subnet-id subnet-12345678
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=my-instance}]' ```

aws ec2 run-instances
--image-id ami-12345678
--instance-type t3.medium
--key-name my-key
--security-group-ids sg-12345678
--subnet-id subnet-12345678
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=my-instance}]'

undefined

EKS

```bash

bash

undefined

List clusters

aws eks list-clusters

Update kubeconfig

aws eks update-kubeconfig --name golden-armada-cluster --region us-west-2

Describe cluster

aws eks describe-cluster --name golden-armada-cluster

Create cluster (with eksctl)

eksctl create cluster
--name golden-armada-cluster
--region us-west-2
--nodegroup-name workers
--node-type t3.medium
--nodes 3
--managed ```

eksctl create cluster
--name golden-armada-cluster
--region us-west-2
--nodegroup-name workers
--node-type t3.medium
--nodes 3
--managed

undefined

S3

```bash

bash

undefined

List buckets

aws s3 ls

List objects

aws s3 ls s3://bucket-name/

Copy files

aws s3 cp file.txt s3://bucket-name/ aws s3 cp s3://bucket-name/file.txt . aws s3 sync ./local-dir s3://bucket-name/prefix/

Presigned URL

aws s3 presign s3://bucket-name/file.txt --expires-in 3600 ```

aws s3 presign s3://bucket-name/file.txt --expires-in 3600

undefined

Lambda

```bash

bash

undefined

List functions

aws lambda list-functions

Invoke function

aws lambda invoke
--function-name my-function
--payload '{"key": "value"}'
response.json

Update function code

aws lambda update-function-code
--function-name my-function
--zip-file fileb://function.zip

View logs

aws logs filter-log-events
--log-group-name /aws/lambda/my-function
--start-time $(date -d '1 hour ago' +%s000) ```

aws logs filter-log-events
--log-group-name /aws/lambda/my-function
--start-time $(date -d '1 hour ago' +%s000)

undefined

RDS

```bash

bash

undefined

List instances

aws rds describe-db-instances

Create snapshot

aws rds create-db-snapshot
--db-instance-identifier golden-armada-db
--db-snapshot-identifier snapshot-$(date +%Y%m%d)

Modify instance

aws rds modify-db-instance
--db-instance-identifier golden-armada-db
--db-instance-class db.t3.large
--apply-immediately ```

aws rds modify-db-instance
--db-instance-identifier golden-armada-db
--db-instance-class db.t3.large
--apply-immediately

undefined

IAM

```bash

bash

undefined

List users

aws iam list-users

Create role

aws iam create-role
--role-name agent-role
--assume-role-policy-document file://trust-policy.json

Attach policy

aws iam attach-role-policy
--role-name agent-role
--policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess ```

aws iam attach-role-policy
--role-name agent-role
--policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess

undefined

Boto3 Python SDK

```python import boto3

python

import boto3

S3 operations

s3 = boto3.client('s3')

Upload file

s3.upload_file('local.txt', 'bucket-name', 'remote.txt')

Download file

s3.download_file('bucket-name', 'remote.txt', 'local.txt')

List objects

response = s3.list_objects_v2(Bucket='bucket-name', Prefix='prefix/') for obj in response.get('Contents', []): print(obj['Key'])

EC2 operations

ec2 = boto3.resource('ec2')

Get all running instances

instances = ec2.instances.filter( Filters=[{'Name': 'instance-state-name', 'Values': ['running']}] ) for instance in instances: print(f"{instance.id}: {instance.instance_type}")

Lambda invocation

lambda_client = boto3.client('lambda') response = lambda_client.invoke( FunctionName='my-function', InvocationType='RequestResponse', Payload=json.dumps({'key': 'value'}) ) result = json.loads(response['Payload'].read()) ```

lambda_client = boto3.client('lambda') response = lambda_client.invoke( FunctionName='my-function', InvocationType='RequestResponse', Payload=json.dumps({'key': 'value'}) ) result = json.loads(response['Payload'].read())

undefined

Terraform AWS Resources

```hcl

hcl

undefined

VPC

resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" enable_dns_hostnames = true enable_dns_support = true

tags = { Name = "golden-armada-vpc" } }

resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" enable_dns_hostnames = true enable_dns_support = true

tags = { Name = "golden-armada-vpc" } }

EKS Cluster

resource "aws_eks_cluster" "main" { name = "golden-armada-cluster" role_arn = aws_iam_role.cluster.arn version = "1.28"

vpc_config { subnet_ids = aws_subnet.private[*].id } }

resource "aws_eks_cluster" "main" { name = "golden-armada-cluster" role_arn = aws_iam_role.cluster.arn version = "1.28"

vpc_config { subnet_ids = aws_subnet.private[*].id } }

RDS Instance

resource "aws_db_instance" "main" { identifier = "golden-armada-db" engine = "postgres" engine_version = "15" instance_class = "db.t3.medium" allocated_storage = 20

db_name = "golden_armada" username = var.db_username password = var.db_password

vpc_security_group_ids = [aws_security_group.db.id] db_subnet_group_name = aws_db_subnet_group.main.name

skip_final_snapshot = true } ```

resource "aws_db_instance" "main" { identifier = "golden-armada-db" engine = "postgres" engine_version = "15" instance_class = "db.t3.medium" allocated_storage = 20

db_name = "golden_armada" username = var.db_username password = var.db_password

vpc_security_group_ids = [aws_security_group.db.id] db_subnet_group_name = aws_db_subnet_group.main.name

skip_final_snapshot = true }

undefined

Best Practices

最佳实践

Use IAM Roles instead of access keys
Enable CloudTrail for audit logging
Tag all resources for cost tracking
Use VPC for network isolation
Enable encryption at rest and in transit
Implement least privilege IAM policies

使用IAM角色而非访问密钥
启用CloudTrail以实现审计日志记录
为所有资源添加标签便于成本追踪
使用VPC实现网络隔离
启用加密包括静态数据和传输中数据
实施最小权限原则的IAM策略

aws

Original

Translation

AWS Skill

AWS Skill

When to Use This Skill

何时使用该Skill

AWS CLI Quick Reference

AWS CLI快速参考

Configuration

配置

Configure credentials

Configure credentials

Check identity

Check identity

Set profile

Set profile

EC2

EC2

List instances

List instances

Start/Stop

Start/Stop

Create instance

Create instance

EKS

EKS

List clusters

List clusters

Update kubeconfig

Update kubeconfig

Describe cluster

Describe cluster

Create cluster (with eksctl)

Create cluster (with eksctl)

S3

S3

List buckets

List buckets

List objects

List objects

Copy files

Copy files

Presigned URL

Presigned URL

Lambda

Lambda

List functions

List functions

Invoke function

Invoke function

Update function code

Update function code

View logs

View logs

RDS

RDS

List instances

List instances

Create snapshot

Create snapshot

Modify instance

Modify instance

IAM

IAM

List users

List users

Create role

Create role

Attach policy

Attach policy

Boto3 Python SDK

Boto3 Python SDK

S3 operations

S3 operations

Upload file

Upload file

Download file

Download file

List objects