aws-infra
Chat-based AWS infrastructure assistance using AWS CLI and console context. Use for querying, auditing, and monitoring AWS resources (EC2, S3, IAM, Lambda, ECS/EKS, RDS, CloudWatch, billing, etc.), and for proposing safe changes with explicit confirmation before any write/destructive action.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/bmdhodl/aws-infraWhat This Skill Does
The aws-infra skill provides an intelligent, secure interface for managing AWS environments through the OpenClaw agent. By leveraging the local AWS CLI configuration, it allows users to perform audits, query resource status, analyze billing data, and troubleshoot complex infrastructure issues directly through a natural language chat interface. The skill is architected as a read-first tool, ensuring that your cloud environment remains stable while empowering you to perform deep diagnostics on services like EC2, RDS, Lambda, and EKS. It acts as a safety-conscious bridge between human intent and the powerful, yet potentially dangerous, capabilities of the AWS CLI.
Installation
To integrate this skill into your environment, use the OpenClaw package manager:
clawhub install openclaw/skills/skills/bmdhodl/aws-infra
Ensure you have the AWS CLI installed on your host machine and that your credentials are appropriately configured in ~/.aws/credentials or ~/.aws/config. The agent will inherit your existing local permissions, so adhere to the principle of least privilege in your IAM policies.
Use Cases
- Cloud Auditing: Quickly identify public S3 buckets, overly permissive Security Group rules, or IAM users with long-unused access keys.
- Operational Troubleshooting: Query CloudWatch logs and metrics to find the root cause of 5xx errors in Lambda functions or high latency in RDS instances.
- Cost Governance: Run read-only Cost Explorer queries to identify high-spending services or unexpected cost spikes without navigating the complex AWS Billing console.
- Inventory Management: Generate structured reports of resources across multiple regions to ensure compliance with tag policies.
Example Prompts
- "Check the current region and list all running EC2 instances along with their public IP addresses."
- "Can you audit the security group settings for our production RDS instance and tell me if any ports are open to the entire internet?"
- "Show me the top 3 services contributing to our AWS bill this month and compare them to the last 30 days."
Tips & Limitations
- Safety First: Never proceed with an destructive command (like 'terminate' or 'delete') without verifying the resource ID and confirming with the agent.
- Context Awareness: Always mention the region explicitly if your infrastructure spans multiple AWS regions to avoid ambiguity in query results.
- Security: Do not ask the agent to echo or log secret values, such as raw IAM access keys or database credentials; rely on IAM roles for service-to-service authentication.
- Dry Runs: Utilize the
--dry-runflag wherever possible before executing changes to simulate the outcome and prevent accidental service disruptions.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-bmdhodl-aws-infra": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: external-api, code-execution