aws-cli
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseAWS CLI Skill
AWS CLI 技能
This skill enables comprehensive AWS cloud infrastructure management using the AWS CLI tool.
此Skill支持使用AWS CLI工具全面管理AWS云基础设施。
Environment
环境
- Default Region:
us-east-1 - AWS CLI: Pre-configured with full account permissions
- Account: SimplexAI AWS account (ID: 830101142436)
- 默认区域:
us-east-1 - AWS CLI:已预配置完整账户权限
- 账户:SimplexAI AWS账户(ID:830101142436)
Safety Protocol
安全协议
Dangerous Operations Requiring Confirmation
需要确认的危险操作
Before executing any of the following operations, explicitly confirm with the user:
- Delete operations: ,
delete-*,remove-*,terminate-*deregister-* - Destructive modifications: on production resources,
modify-*that changes critical settingsupdate-* - State changes: ,
stop-*on production instancesreboot-* - Security changes: IAM policy modifications, security group rule changes
- Cost implications: Creating expensive resources (large EC2 instances, NAT gateways, etc.)
在执行以下任何操作之前,需明确与用户确认:
- 删除操作:、
delete-*、remove-*、terminate-*deregister-* - 破坏性修改:对生产资源执行、更改关键设置的
modify-*update-* - 状态变更:对生产实例执行、
stop-*reboot-* - 安全变更:IAM策略修改、安全组规则变更
- 成本影响操作:创建高成本资源(大型EC2实例、NAT网关等)
Confirmation Format
确认格式
⚠️ 危险操作确认
操作: [具体操作描述]
影响: [潜在影响说明]
资源: [受影响的资源标识]
是否继续执行?⚠️ 危险操作确认
操作: [具体操作描述]
影响: [潜在影响说明]
资源: [受影响的资源标识]
是否继续执行?Common Operations Reference
常用操作参考
Compute Services
计算服务
EC2
EC2
bash
undefinedbash
undefinedList instances
列出实例
aws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId,State.Name,InstanceType,Tags[?Key==].Value|[0]]' --output table
Nameaws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId,State.Name,InstanceType,Tags[?Key==].Value|[0]]' --output table
NameInstance state management
实例状态管理
aws ec2 start-instances --instance-ids <id>
aws ec2 stop-instances --instance-ids <id>
aws ec2 reboot-instances --instance-ids <id>
undefinedaws ec2 start-instances --instance-ids <id>
aws ec2 stop-instances --instance-ids <id>
aws ec2 reboot-instances --instance-ids <id>
undefinedECS
ECS
bash
undefinedbash
undefinedList clusters and services
列出集群和服务
aws ecs list-clusters
aws ecs list-services --cluster <cluster-name>
aws ecs describe-services --cluster <cluster-name> --services <service-name>
aws ecs list-clusters
aws ecs list-services --cluster <cluster-name>
aws ecs describe-services --cluster <cluster-name> --services <service-name>
View running tasks
查看运行中的任务
aws ecs list-tasks --cluster <cluster-name> --service-name <service-name>
aws ecs describe-tasks --cluster <cluster-name> --tasks <task-arn>
aws ecs list-tasks --cluster <cluster-name> --service-name <service-name>
aws ecs describe-tasks --cluster <cluster-name> --tasks <task-arn>
Force new deployment
强制重新部署
aws ecs update-service --cluster <cluster-name> --service <service-name> --force-new-deployment
undefinedaws ecs update-service --cluster <cluster-name> --service <service-name> --force-new-deployment
undefinedEKS
EKS
bash
undefinedbash
undefinedList clusters
列出集群
aws eks list-clusters
aws eks describe-cluster --name <cluster-name>
aws eks list-clusters
aws eks describe-cluster --name <cluster-name>
Update kubeconfig
更新kubeconfig
aws eks update-kubeconfig --name <cluster-name> --region us-east-1
undefinedaws eks update-kubeconfig --name <cluster-name> --region us-east-1
undefinedLambda
Lambda
bash
undefinedbash
undefinedList functions
列出函数
aws lambda list-functions --query 'Functions[].[FunctionName,Runtime,LastModified]' --output table
aws lambda list-functions --query 'Functions[].[FunctionName,Runtime,LastModified]' --output table
Invoke function
调用函数
aws lambda invoke --function-name <name> --payload '{}' response.json
aws lambda invoke --function-name <name> --payload '{}' response.json
View logs
查看日志
aws logs tail /aws/lambda/<function-name> --follow
undefinedaws logs tail /aws/lambda/<function-name> --follow
undefinedStorage Services
存储服务
S3
S3
bash
undefinedbash
undefinedList buckets and objects
列出存储桶和对象
aws s3 ls
aws s3 ls s3://<bucket-name>/ --recursive --human-readable
aws s3 ls
aws s3 ls s3://<bucket-name>/ --recursive --human-readable
Copy and sync
复制和同步
aws s3 cp <local-file> s3://<bucket>/<key>
aws s3 sync <local-dir> s3://<bucket>/<prefix>
aws s3 cp <local-file> s3://<bucket>/<key>
aws s3 sync <local-dir> s3://<bucket>/<prefix>
Bucket info
存储桶信息
aws s3api get-bucket-location --bucket <bucket-name>
aws s3api get-bucket-versioning --bucket <bucket-name>
undefinedaws s3api get-bucket-location --bucket <bucket-name>
aws s3api get-bucket-versioning --bucket <bucket-name>
undefinedECR
ECR
bash
undefinedbash
undefinedList repositories
列出仓库
aws ecr describe-repositories --query 'repositories[].[repositoryName,repositoryUri]' --output table
aws ecr describe-repositories --query 'repositories[].[repositoryName,repositoryUri]' --output table
List images in repository
列出仓库中的镜像
aws ecr describe-images --repository-name simplexai/<service> --query 'imageDetails | sort_by(@, &imagePushedAt) | [-10:].[imageTags[0],imagePushedAt]' --output table
aws ecr describe-images --repository-name simplexai/<service> --query 'imageDetails | sort_by(@, &imagePushedAt) | [-10:].[imageTags[0],imagePushedAt]' --output table
Get login token
获取登录令牌
aws ecr get-login-password --region us-east-1
undefinedaws ecr get-login-password --region us-east-1
undefinedDatabase Services
数据库服务
RDS
RDS
bash
undefinedbash
undefinedList instances
列出实例
aws rds describe-db-instances --query 'DBInstances[].[DBInstanceIdentifier,DBInstanceClass,Engine,DBInstanceStatus]' --output table
aws rds describe-db-instances --query 'DBInstances[].[DBInstanceIdentifier,DBInstanceClass,Engine,DBInstanceStatus]' --output table
Instance details
实例详情
aws rds describe-db-instances --db-instance-identifier <id>
aws rds describe-db-instances --db-instance-identifier <id>
Snapshots
快照
aws rds describe-db-snapshots --db-instance-identifier <id>
undefinedaws rds describe-db-snapshots --db-instance-identifier <id>
undefinedDynamoDB
DynamoDB
bash
undefinedbash
undefinedList tables
列出表
aws dynamodb list-tables
aws dynamodb list-tables
Table info
表信息
aws dynamodb describe-table --table-name <table>
aws dynamodb describe-table --table-name <table>
Query/scan
查询/扫描
aws dynamodb scan --table-name <table> --limit 10
undefinedaws dynamodb scan --table-name <table> --limit 10
undefinedElastiCache
ElastiCache
bash
undefinedbash
undefinedList clusters
列出集群
aws elasticache describe-cache-clusters
aws elasticache describe-replication-groups
undefinedaws elasticache describe-cache-clusters
aws elasticache describe-replication-groups
undefinedNetwork Services
网络服务
VPC
VPC
bash
undefinedbash
undefinedList VPCs and subnets
列出VPC和子网
aws ec2 describe-vpcs --query 'Vpcs[].[VpcId,CidrBlock,Tags[?Key==].Value|[0]]' --output table
aws ec2 describe-subnets --query 'Subnets[].[SubnetId,VpcId,CidrBlock,AvailabilityZone]' --output table
Nameaws ec2 describe-vpcs --query 'Vpcs[].[VpcId,CidrBlock,Tags[?Key==].Value|[0]]' --output table
aws ec2 describe-subnets --query 'Subnets[].[SubnetId,VpcId,CidrBlock,AvailabilityZone]' --output table
NameSecurity groups
安全组
aws ec2 describe-security-groups --query 'SecurityGroups[].[GroupId,GroupName,VpcId]' --output table
undefinedaws ec2 describe-security-groups --query 'SecurityGroups[].[GroupId,GroupName,VpcId]' --output table
undefinedRoute53
Route53
bash
undefinedbash
undefinedList hosted zones
列出托管区域
aws route53 list-hosted-zones
aws route53 list-hosted-zones
List records
列出记录
aws route53 list-resource-record-sets --hosted-zone-id <zone-id>
undefinedaws route53 list-resource-record-sets --hosted-zone-id <zone-id>
undefinedCloudFront
CloudFront
bash
undefinedbash
undefinedList distributions
列出分发
aws cloudfront list-distributions --query 'DistributionList.Items[].[Id,DomainName,Status]' --output table
aws cloudfront list-distributions --query 'DistributionList.Items[].[Id,DomainName,Status]' --output table
Invalidate cache
清除缓存
aws cloudfront create-invalidation --distribution-id <id> --paths "/*"
undefinedaws cloudfront create-invalidation --distribution-id <id> --paths "/*"
undefinedMonitoring & Logging
监控与日志
CloudWatch
CloudWatch
bash
undefinedbash
undefinedList log groups
列出日志组
aws logs describe-log-groups --query 'logGroups[].[logGroupName,storedBytes]' --output table
aws logs describe-log-groups --query 'logGroups[].[logGroupName,storedBytes]' --output table
Tail logs
实时查看日志
aws logs tail <log-group-name> --follow --since 1h
aws logs tail <log-group-name> --follow --since 1h
Get metrics
获取指标
aws cloudwatch get-metric-statistics
--namespace AWS/EC2
--metric-name CPUUtilization
--dimensions Name=InstanceId,Value=<instance-id>
--start-time $(date -u -v-1H +%Y-%m-%dT%H:%M:%SZ)
--end-time $(date -u +%Y-%m-%dT%H:%M:%SZ)
--period 300
--statistics Average
--namespace AWS/EC2
--metric-name CPUUtilization
--dimensions Name=InstanceId,Value=<instance-id>
--start-time $(date -u -v-1H +%Y-%m-%dT%H:%M:%SZ)
--end-time $(date -u +%Y-%m-%dT%H:%M:%SZ)
--period 300
--statistics Average
undefinedaws cloudwatch get-metric-statistics
--namespace AWS/EC2
--metric-name CPUUtilization
--dimensions Name=InstanceId,Value=<instance-id>
--start-time $(date -u -v-1H +%Y-%m-%dT%H:%M:%SZ)
--end-time $(date -u +%Y-%m-%dT%H:%M:%SZ)
--period 300
--statistics Average
--namespace AWS/EC2
--metric-name CPUUtilization
--dimensions Name=InstanceId,Value=<instance-id>
--start-time $(date -u -v-1H +%Y-%m-%dT%H:%M:%SZ)
--end-time $(date -u +%Y-%m-%dT%H:%M:%SZ)
--period 300
--statistics Average
undefinedCost & Billing
成本与账单
bash
undefinedbash
undefinedGet current month costs
获取当月成本
aws ce get-cost-and-usage
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity MONTHLY
--metrics BlendedCost
--group-by Type=DIMENSION,Key=SERVICE
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity MONTHLY
--metrics BlendedCost
--group-by Type=DIMENSION,Key=SERVICE
aws ce get-cost-and-usage
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity MONTHLY
--metrics BlendedCost
--group-by Type=DIMENSION,Key=SERVICE
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity MONTHLY
--metrics BlendedCost
--group-by Type=DIMENSION,Key=SERVICE
Cost by service
按服务查看成本
aws ce get-cost-and-usage
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity DAILY
--metrics UnblendedCost
--group-by Type=DIMENSION,Key=SERVICE
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity DAILY
--metrics UnblendedCost
--group-by Type=DIMENSION,Key=SERVICE
undefinedaws ce get-cost-and-usage
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity DAILY
--metrics UnblendedCost
--group-by Type=DIMENSION,Key=SERVICE
--time-period Start=$(date +%Y-%m-01),End=$(date +%Y-%m-%d)
--granularity DAILY
--metrics UnblendedCost
--group-by Type=DIMENSION,Key=SERVICE
undefinedAI Services (Bedrock)
AI服务(Bedrock)
bash
undefinedbash
undefinedList models
列出模型
aws bedrock list-foundation-models --query 'modelSummaries[].[modelId,providerName]' --output table
aws bedrock list-foundation-models --query 'modelSummaries[].[modelId,providerName]' --output table
List custom models
列出自定义模型
aws bedrock list-custom-models
undefinedaws bedrock list-custom-models
undefinedSupport
支持服务
bash
undefinedbash
undefinedCreate support case
创建支持工单
aws support create-case
--subject "Issue description"
--communication-body "Detailed description"
--service-code amazon-ec2
--category-code general-info
--severity-code low
--subject "Issue description"
--communication-body "Detailed description"
--service-code amazon-ec2
--category-code general-info
--severity-code low
aws support create-case
--subject "Issue description"
--communication-body "Detailed description"
--service-code amazon-ec2
--category-code general-info
--severity-code low
--subject "Issue description"
--communication-body "Detailed description"
--service-code amazon-ec2
--category-code general-info
--severity-code low
List cases
列出工单
aws support describe-cases
undefinedaws support describe-cases
undefinedIAM
IAM
bash
undefinedbash
undefinedList users and roles
列出用户和角色
aws iam list-users --query 'Users[].[UserName,CreateDate]' --output table
aws iam list-roles --query 'Roles[].[RoleName,CreateDate]' --output table
aws iam list-users --query 'Users[].[UserName,CreateDate]' --output table
aws iam list-roles --query 'Roles[].[RoleName,CreateDate]' --output table
Get current identity
获取当前身份
aws sts get-caller-identity
undefinedaws sts get-caller-identity
undefinedOutput Formatting Guidelines
输出格式指南
For Query Operations
查询操作
- Use with JMESPath to filter relevant fields
--query - Use for human-readable output
--output table - Use when detailed data is needed
--output json
- 使用和JMESPath过滤相关字段
--query - 使用生成易读的人类友好型输出
--output table - 需要详细数据时使用
--output json
For Status Checks
状态检查
Provide concise summaries:
✅ EC2 实例状态
┌─────────────────┬──────────┬────────────┐
│ 实例 ID │ 状态 │ 类型 │
├─────────────────┼──────────┼────────────┤
│ i-0abc123... │ running │ t3.medium │
└─────────────────┴──────────┴────────────┘提供简洁的摘要:
✅ EC2 实例状态
┌─────────────────┬──────────┬────────────┐
│ 实例 ID │ 状态 │ 类型 │
├─────────────────┼──────────┼────────────┤
│ i-0abc123... │ running │ t3.medium │
└─────────────────┴──────────┴────────────┘For Modification Operations
修改操作
Report the action taken and result:
✅ 操作完成
- 操作: 停止 EC2 实例
- 实例: i-0abc123def456
- 之前状态: running
- 当前状态: stopping报告执行的操作和结果:
✅ 操作完成
- 操作: 停止 EC2 实例
- 实例: i-0abc123def456
- 之前状态: running
- 当前状态: stoppingError Handling
错误处理
When AWS CLI commands fail:
- Parse the error message to identify the issue
- Suggest possible solutions
- Check IAM permissions if access denied
- Verify resource exists and is in the correct region
当AWS CLI命令执行失败时:
- 解析错误消息以确定问题
- 建议可能的解决方案
- 如果出现权限拒绝,检查IAM权限
- 验证资源是否存在且位于正确区域
Integration with GitOps
与GitOps集成
This skill integrates with the SimplexAI GitOps workflow:
- ECR Registry:
830101142436.dkr.ecr.us-east-1.amazonaws.com/simplexai/* - EKS Clusters: Production and Staging in us-east-1
- Namespaces: for prod,
productionfor stagingstaging
Reference for kubectl cluster aliases:
CLAUDE.md- - AWS Production (EKS)
k1 - - AWS Staging (EKS)
k2
此Skill与SimplexAI GitOps工作流集成:
- ECR 镜像仓库:
830101142436.dkr.ecr.us-east-1.amazonaws.com/simplexai/* - EKS 集群:us-east-1区域的生产和预发布集群
- 命名空间:用于生产环境,
production用于预发布环境staging
参考获取kubectl集群别名:
CLAUDE.md- - AWS生产环境(EKS)
k1 - - AWS预发布环境(EKS)
k2