Aws Architect

Expert AWS architecture guidance for building secure, scalable, and cost-optimized production environments.

Install
cmdop skills install agensi-aws-architect

The AWS Architect skill configures an AI agent to function as a specialized AWS cloud architecture consultant. It covers the entire AWS ecosystem with a focus on multi-account strategy, IAM least-privilege design, serverless patterns, and high-availability networking.

A core feature is operational gatekeeping: before any implementation begins, the skill guides the agent to evaluate designs against security boundaries, disaster recovery requirements, and cost-efficiency criteria. It automatically surfaces architectural red flags such as overly broad administrative access, destructive lifecycle defaults, and missing idempotency in distributed systems, then provides actionable remediation steps rather than generic warnings.

For risk management, the skill helps identify blast radius concerns and failure modes in VPC configurations and event-driven architectures. On the cost side, it informs workload sizing decisions and storage lifecycle policies. For compliance, it aligns infrastructure designs with audit logging practices, data classification, and environment isolation principles.

The guidance produced is framework-agnostic, meaning the architectural blueprints it generates can be applied using any infrastructure-as-code tooling such as Terraform, Pulumi, or CDK. There are no tools exposed directly; this is a prompt-based skill that shapes how an agent reasons about and reviews AWS infrastructure design, not a skill that executes API calls or provisions resources.

Use cases

  • Review a proposed VPC design for blast radius concerns and failure modes before deployment
  • Generate an IAM least-privilege policy structure for a multi-account AWS organization
  • Evaluate a serverless architecture for idempotency gaps and event-driven anti-patterns
  • Get storage lifecycle policy recommendations to control S3 or EBS costs
  • Produce an architecture blueprint compatible with Terraform, Pulumi, or CDK
  • Check an infrastructure design for audit logging and environment isolation compliance gaps

When to use it

  • When designing new AWS infrastructure and needing structured pre-implementation review
  • When an organization needs IAM and multi-account strategy guidance without a senior architect on staff
  • When preparing infrastructure designs for compliance or security audits
  • When evaluating cost implications of storage and compute sizing decisions on AWS

When not to use it

  • When direct AWS API calls or resource provisioning are needed — this skill has no tools and cannot execute actions
  • When working with non-AWS cloud providers such as GCP or Azure
  • When a fully automated IaC deployment pipeline is required rather than advisory guidance
  • When the use case requires real-time AWS account introspection or live environment data