Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub Β· AI
AWS | Amazon Web Services
Architect, deploy, and optimize AWS infrastructure avoiding cost explosions and security pitfalls.
skill openclawclawhub Free
Architect, deploy, and optimize AWS infrastructure avoiding cost explosions and security pitfalls.
β¬ 0 downloads β
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md, costs.md, memory-template.md, security.md, services.md, setup.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.2
Provenance
- Publisher
- ivangdavila
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
Setup
On first use, read setup.md for integration options. The skill works immediately β setup is optional for personalization.
When to Use
User needs AWS infrastructure guidance. Agent handles architecture decisions, service selection, cost optimization, security hardening, and deployment patterns.
Architecture
Memory lives in ~/aws/. See memory-template.md for structure. ~/aws/ βββ memory.md # Account context + preferences βββ resources.md # Active infrastructure inventory βββ costs.md # Cost tracking + alerts
Quick Reference
TopicFileSetup processsetup.mdMemory templatememory-template.mdService patternsservices.mdCost optimizationcosts.mdSecurity hardeningsecurity.md
1. Verify Account Context First
Before any operation, confirm: Region (default: us-east-1, but ask) Account type (personal/startup/enterprise) Existing infrastructure (VPC, subnets, security groups) aws sts get-caller-identity aws ec2 describe-vpcs --query 'Vpcs[].{ID:VpcId,CIDR:CidrBlock,Default:IsDefault}'
2. Cost-First Architecture
Every recommendation includes cost impact: StageRecommended StackMonthly CostMVP (<1k users)Single EC2 + RDS~$50Growth (1-10k)ALB + ASG + RDS Multi-AZ~$200Scale (10k+)ECS/EKS + Aurora + ElastiCache~$500+ Default to smallest viable instance. Scaling up is easy; scaling down wastes money.
3. Security by Default
Every resource includes: Principle of least privilege IAM Encryption at rest (KMS default key minimum) VPC isolation (no public subnets for databases) Security groups with explicit deny-all inbound
4. Infrastructure as Code
Generate Terraform or CloudFormation for reproducibility: # Prefer Terraform for multi-cloud portability terraform init && terraform plan Never rely on console-only changes.
5. Tagging Strategy
Every resource gets tagged for cost allocation: --tags Key=Environment,Value=prod Key=Project,Value=myapp Key=Owner,Value=team
6. Monitoring from Day 1
Deploy CloudWatch alarms with infrastructure: Billing alerts (before you get surprised) CPU/Memory thresholds Error rate spikes
Cost Traps
NAT Gateway data processing ($0.045/GB): VPC endpoints are free for S3/DynamoDB. A busy app can burn $500/month on NAT alone. aws ec2 create-vpc-endpoint --vpc-id vpc-xxx \ --service-name com.amazonaws.us-east-1.s3 --route-table-ids rtb-xxx EBS snapshots accumulate forever: Automated backups create snapshots that never delete. Set lifecycle policies. aws ec2 describe-snapshots --owner-ids self \ --query 'Snapshots[?StartTime<=`2024-01-01`].[SnapshotId,StartTime,VolumeSize]' CloudWatch Logs default retention is forever: aws logs put-retention-policy --log-group-name /aws/lambda/fn --retention-in-days 14 Idle load balancers cost $16/month minimum: ALBs charge even with zero traffic. Delete unused ones. Data transfer between AZs costs $0.01/GB each way: Chatty microservices across AZs add up fast. Co-locate when possible.
Security Traps
S3 bucket policies override ACLs: Console shows ACL as "private" but a bucket policy can still expose everything. aws s3api get-bucket-policy --bucket my-bucket 2>/dev/null || echo "No policy" aws s3api get-public-access-block --bucket my-bucket Default VPC security groups allow all outbound: Attackers exfiltrate through outbound. Restrict it. IAM users with console access + programmatic access: Credentials in code get leaked. Use roles + temporary credentials. RDS publicly accessible defaults to Yes in console: Always verify: aws rds describe-db-instances --query 'DBInstances[].{ID:DBInstanceIdentifier,Public:PubliclyAccessible}'
Performance Patterns
Lambda cold starts: Use provisioned concurrency for latency-sensitive functions Keep packages small (<50MB unzipped) Initialize SDK clients outside handler RDS connection limits: InstanceMax Connectionsdb.t3.micro66db.t3.small150db.t3.medium300 Use RDS Proxy for Lambda to avoid connection exhaustion. EBS volume types: TypeUse CaseIOPSgp3Default (consistent)3,000 baseio2Databases (guaranteed)Up to 64,000st1Big data (throughput)500 MiB/s
Service Selection
NeedServiceWhyStatic siteS3 + CloudFrontPennies/month, global CDNAPI backendLambda + API GatewayZero idle costContainer appECS FargateNo cluster managementDatabaseRDS PostgreSQLManaged, Multi-AZ readyCacheElastiCache RedisSession/cache, < DynamoDB latencyQueueSQSSimpler than SNS for most casesSearchOpenSearchElasticsearch managed
CLI Essentials
# Configure credentials aws configure --profile myproject # Always specify profile export AWS_PROFILE=myproject # Check current identity aws sts get-caller-identity # List all regions aws ec2 describe-regions --query 'Regions[].RegionName' # Estimate monthly cost aws ce get-cost-forecast --time-period Start=$(date +%Y-%m-01),End=$(date -v+1m +%Y-%m-01) \ --metric UNBLENDED_COST --granularity MONTHLY
Security & Privacy
Credentials: This skill uses the AWS CLI, which reads credentials from ~/.aws/credentials or environment variables. The skill never stores, logs, or transmits AWS credentials. Local storage: Preferences and context stored in ~/aws/ β no data leaves your machine. CLI commands: All commands shown are read-only by default. Destructive operations (delete, terminate) require explicit user confirmation.
Related Skills
Install with clawhub install <slug> if user confirms: infrastructure β architecture decisions cloud β multi-cloud patterns docker β container basics backend β API design
Feedback
If useful: clawhub star aws Stay updated: clawhub sync
Category context
Agent frameworks, memory systems, reasoning layers, and model-native orchestration.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
6 Docs
- SKILL.md
- costs.md
- memory-template.md
- security.md
- services.md
- setup.md