{"id":"c28960d8-f3aa-44de-94db-0d2b927eff2e","shortId":"pSqtm7","kind":"skill","title":"aws-discover","tagline":"Discover AWS infrastructure and save to JSON. Use when user asks to \"discover AWS\", \"explore AWS account\", \"scan AWS infrastructure\", or \"create infrastructure JSON\".","description":"# AWS Infrastructure Discovery\n\nExplore an AWS account and collect comprehensive information about its infrastructure.\n\n## Before Starting\n\nAsk the user for:\n1. **AWS Profile** - Which AWS profile to use (or use default)\n2. **AWS Region** - Which region to scan (or use default)\n\n## AWS CLI Configuration\n\nUse the profile and region flags with all AWS CLI commands:\n```bash\naws <command> --profile <profile> --region <region>\n```\n\n## Discovery Process\n\nExplore systematically. Start with basics, then dig deeper based on what you find.\n\n### 1. Account Identity\n```bash\naws sts get-caller-identity --profile <profile> --region <region>\n```\n\n### 2. Networking\n- VPCs: `aws ec2 describe-vpcs`\n- Subnets: `aws ec2 describe-subnets`\n- Internet Gateways: `aws ec2 describe-internet-gateways`\n- NAT Gateways: `aws ec2 describe-nat-gateways`\n- Transit Gateways: `aws ec2 describe-transit-gateways`\n- VPC Endpoints: `aws ec2 describe-vpc-endpoints`\n- Route Tables: `aws ec2 describe-route-tables`\n\n### 3. Compute\n- ECS Clusters: `aws ecs list-clusters` then `aws ecs describe-clusters`\n- ECS Services: `aws ecs list-services --cluster <name>` then `aws ecs describe-services`\n- Lambda: `aws lambda list-functions`\n- EC2: `aws ec2 describe-instances`\n- EKS: `aws eks list-clusters`\n\n### 4. Load Balancing\n- ALB/NLB: `aws elbv2 describe-load-balancers`\n- Listeners: `aws elbv2 describe-listeners --load-balancer-arn <arn>`\n- Target Groups: `aws elbv2 describe-target-groups`\n- Rules: `aws elbv2 describe-rules --listener-arn <arn>`\n\n### 5. Databases\n- RDS: `aws rds describe-db-instances`\n- Aurora: `aws rds describe-db-clusters`\n- DynamoDB: `aws dynamodb list-tables`\n- ElastiCache: `aws elasticache describe-cache-clusters`\n\n### 6. Storage\n- S3: `aws s3api list-buckets`\n- EFS: `aws efs describe-file-systems`\n- ECR: `aws ecr describe-repositories`\n\n### 7. Security\n- Security Groups: `aws ec2 describe-security-groups`\n- WAF: `aws wafv2 list-web-acls --scope REGIONAL`\n- Cognito: `aws cognito-idp list-user-pools --max-results 20`\n- ACM: `aws acm list-certificates`\n- Secrets Manager: `aws secretsmanager list-secrets`\n- KMS: `aws kms list-keys`\n\n### 8. Messaging\n- SQS: `aws sqs list-queues`\n- SNS: `aws sns list-topics`\n- EventBridge: `aws events list-rules`\n\n### 9. API & CDN\n- API Gateway: `aws apigateway get-rest-apis`\n- CloudFront: `aws cloudfront list-distributions`\n\n## Output Format\n\nCreate `aws_infrastructure.json` with this structure:\n\n```json\n{\n  \"metadata\": {\n    \"account_id\": \"...\",\n    \"region\": \"...\",\n    \"environment\": \"...\",\n    \"project\": \"...\",\n    \"discovered_at\": \"...\"\n  },\n  \"networking\": {\n    \"vpc\": {\"id\": \"...\", \"name\": \"...\", \"cidr\": \"...\"},\n    \"subnets\": {\n      \"public\": [{\"id\": \"...\", \"name\": \"...\", \"cidr\": \"...\", \"az\": \"...\"}],\n      \"private\": [{\"id\": \"...\", \"name\": \"...\", \"cidr\": \"...\", \"az\": \"...\"}]\n    },\n    \"internet_gateway\": {\"id\": \"...\"},\n    \"nat_gateways\": [...],\n    \"transit_gateway\": {\"id\": \"...\", \"routes\": [...]},\n    \"vpc_endpoints\": [{\"id\": \"...\", \"type\": \"...\", \"service\": \"...\"}]\n  },\n  \"load_balancers\": {\n    \"public\": {\"name\": \"...\", \"scheme\": \"internet-facing\", \"dns_name\": \"...\"},\n    \"private\": {\"name\": \"...\", \"scheme\": \"internal\"}\n  },\n  \"compute\": {\n    \"ecs_cluster\": {\"name\": \"...\"},\n    \"ecs_services\": [{\"name\": \"...\", \"launch_type\": \"FARGATE\"}],\n    \"lambda_functions\": [{\"name\": \"...\", \"runtime\": \"...\"}],\n    \"ec2_instances\": [...]\n  },\n  \"databases\": {\n    \"aurora_clusters\": [{\"database_name\": \"...\", \"engine\": \"...\"}],\n    \"dynamodb_tables\": [{\"name\": \"...\"}],\n    \"elasticache\": {\"engine\": \"redis\", \"num_cache_clusters\": 2}\n  },\n  \"storage\": {\n    \"s3_buckets\": [{\"name\": \"...\"}],\n    \"ecr_repositories\": [...]\n  },\n  \"security\": {\n    \"waf\": {\"web_acl\": {\"name\": \"...\"}},\n    \"acm_certificates\": [{\"domain\": \"...\"}],\n    \"cognito_pools\": [{\"name\": \"...\"}]\n  },\n  \"messaging\": {\n    \"sqs_queues\": [...],\n    \"sns_topics\": [...],\n    \"eventbridge_rules\": [...]\n  },\n  \"traffic_rules\": {\n    \"allowed_sources\": {\n      \"public_internet\": {\"cidrs\": [\"0.0.0.0/0\"], \"ports\": [443]},\n      \"corporate\": {\"cidrs\": [\"10.0.0.0/8\"], \"ports\": [80, 443]}\n    },\n    \"domains\": {\n      \"public\": [\"api.example.com\"],\n      \"private\": [\"internal.example.com\"]\n    }\n  }\n}\n```\n\n## Guidelines\n\n- Only include sections that have resources (omit empty sections)\n- Infer environment and project from resource names/tags\n- Infer traffic rules from security group ingress rules and load balancer configurations\n- For subnets, use \"az\" field (not \"availability_zone\")\n- Skip empty services quickly - if `list-*` returns empty, move on\n- Add new sections for services not listed (e.g., \"step_functions\", \"glue\", \"opensearch\")\n\n## After Discovery\n\nTell the user:\n1. What was discovered (summary of resources)\n2. That they can now generate diagrams with: \"generate AWS diagram\"","tags":["aws","discover","claude","cloud","diagrams","mpuig","agent-skills","claude-skills","genai"],"capabilities":["skill","source-mpuig","skill-aws-discover","topic-agent-skills","topic-claude-skills","topic-genai"],"categories":["claude-cloud-diagrams"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/mpuig/claude-cloud-diagrams/aws-discover","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add mpuig/claude-cloud-diagrams","source_repo":"https://github.com/mpuig/claude-cloud-diagrams","install_from":"skills.sh"}},"qualityScore":"0.453","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 7 github stars · SKILL.md body (4,826 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:14:00.824Z","embedding":null,"createdAt":"2026-05-18T13:21:30.822Z","updatedAt":"2026-05-18T19:14:00.824Z","lastSeenAt":"2026-05-18T19:14:00.824Z","tsv":"'/0':514 '/8':520 '0.0.0.0':513 '1':48,102,593 '10.0.0.0':519 '2':59,114,481,600 '20':333 '3':168 '4':215 '443':516,523 '5':252 '6':281 '7':302 '8':353 '80':522 '9':373 'account':20,34,103,399 'acl':318,491 'acm':334,336,493 'add':576 'alb/nlb':218 'allow':508 'api':374,376,383 'api.example.com':526 'apigateway':379 'arn':234,251 'ask':14,44 'aurora':261,467 'avail':564 'aw':2,5,17,19,22,28,33,49,52,60,69,80,84,106,117,123,130,138,146,154,162,172,178,185,192,198,204,210,219,226,237,244,255,262,269,275,284,290,297,306,313,322,335,342,348,356,362,368,378,385,609 'aws-discov':1 'aws_infrastructure.json':393 'az':416,421,561 'balanc':217,224,233,437,556 'base':97 'bash':83,105 'basic':93 'bucket':288,484 'cach':279,479 'caller':110 'cdn':375 'certif':339,494 'cidr':410,415,420,512,518 'cli':70,81 'cloudfront':384,386 'cluster':171,176,182,190,214,267,280,452,468,480 'cognito':321,324,496 'cognito-idp':323 'collect':36 'command':82 'comprehens':37 'comput':169,450 'configur':71,557 'corpor':517 'creat':25,392 'databas':253,466,469 'db':259,266 'deeper':96 'default':58,68 'describ':120,126,133,141,149,157,165,181,195,207,222,229,240,247,258,265,278,293,300,309 'describe-cache-clust':277 'describe-clust':180 'describe-db-clust':264 'describe-db-inst':257 'describe-file-system':292 'describe-inst':206 'describe-internet-gateway':132 'describe-listen':228 'describe-load-balanc':221 'describe-nat-gateway':140 'describe-repositori':299 'describe-route-t':164 'describe-rul':246 'describe-security-group':308 'describe-servic':194 'describe-subnet':125 'describe-target-group':239 'describe-transit-gateway':148 'describe-vpc':119 'describe-vpc-endpoint':156 'diagram':606,610 'dig':95 'discov':3,4,16,404,596 'discoveri':30,87,589 'distribut':389 'dns':444 'domain':495,524 'dynamodb':268,270,472 'e.g':583 'ec':170,173,179,183,186,193,451,454 'ec2':118,124,131,139,147,155,163,203,205,307,464 'ecr':296,298,486 'ef':289,291 'ek':209,211 'elasticach':274,276,475 'elbv2':220,227,238,245 'empti':537,567,573 'endpoint':153,159,432 'engin':471,476 'environ':402,540 'event':369 'eventbridg':367,504 'explor':18,31,89 'face':443 'fargat':459 'field':562 'file':294 'find':101 'flag':77 'format':391 'function':202,461,585 'gateway':129,135,137,143,145,151,377,423,426,428 'generat':605,608 'get':109,381 'get-caller-ident':108 'get-rest-api':380 'glue':586 'group':236,242,305,311,551 'guidelin':529 'id':400,408,413,418,424,429,433 'ident':104,111 'idp':325 'includ':531 'infer':539,546 'inform':38 'infrastructur':6,23,26,29,41 'ingress':552 'instanc':208,260,465 'intern':449 'internal.example.com':528 'internet':128,134,422,442,511 'internet-fac':441 'json':10,27,397 'key':352 'kms':347,349 'lambda':197,199,460 'launch':457 'list':175,188,201,213,272,287,316,327,338,345,351,359,365,371,388,571,582 'list-bucket':286 'list-certif':337 'list-clust':174,212 'list-distribut':387 'list-funct':200 'list-key':350 'list-queu':358 'list-rul':370 'list-secret':344 'list-servic':187 'list-tabl':271 'list-top':364 'list-user-pool':326 'list-web-acl':315 'listen':225,230,250 'listener-arn':249 'load':216,223,232,436,555 'load-balancer-arn':231 'manag':341 'max':331 'max-result':330 'messag':354,499 'metadata':398 'move':574 'name':409,414,419,439,445,447,453,456,462,470,474,485,492,498 'names/tags':545 'nat':136,142,425 'network':115,406 'new':577 'num':478 'omit':536 'opensearch':587 'output':390 'pool':329,497 'port':515,521 'privat':417,446,527 'process':88 'profil':50,53,74,85,112 'project':403,542 'public':412,438,510,525 'queue':360,501 'quick':569 'rds':254,256,263 'redi':477 'region':61,63,76,86,113,320,401 'repositori':301,487 'resourc':535,544,599 'rest':382 'result':332 'return':572 'rout':160,166,430 'rule':243,248,372,505,507,548,553 'runtim':463 's3':283,483 's3api':285 'save':8 'scan':21,65 'scheme':440,448 'scope':319 'secret':340,346 'secretsmanag':343 'section':532,538,578 'secur':303,304,310,488,550 'servic':184,189,196,435,455,568,580 'skill' 'skill-aws-discover' 'skip':566 'sns':361,363,502 'sourc':509 'source-mpuig' 'sqs':355,357,500 'start':43,91 'step':584 'storag':282,482 'structur':396 'sts':107 'subnet':122,127,411,559 'summari':597 'system':295 'systemat':90 'tabl':161,167,273,473 'target':235,241 'tell':590 'topic':366,503 'topic-agent-skills' 'topic-claude-skills' 'topic-genai' 'traffic':506,547 'transit':144,150,427 'type':434,458 'use':11,55,57,67,72,560 'user':13,46,328,592 'vpc':152,158,407,431 'vpcs':116,121 'waf':312,489 'wafv2':314 'web':317,490 'zone':565","prices":[{"id":"bee9540f-478f-412c-88dd-1441f63be2b1","listingId":"c28960d8-f3aa-44de-94db-0d2b927eff2e","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"mpuig","category":"claude-cloud-diagrams","install_from":"skills.sh"},"createdAt":"2026-05-18T13:21:30.822Z"}],"sources":[{"listingId":"c28960d8-f3aa-44de-94db-0d2b927eff2e","source":"github","sourceId":"mpuig/claude-cloud-diagrams/aws-discover","sourceUrl":"https://github.com/mpuig/claude-cloud-diagrams/tree/main/skills/aws-discover","isPrimary":false,"firstSeenAt":"2026-05-18T13:21:30.822Z","lastSeenAt":"2026-05-18T19:14:00.824Z"}],"details":{"listingId":"c28960d8-f3aa-44de-94db-0d2b927eff2e","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"mpuig","slug":"aws-discover","github":{"repo":"mpuig/claude-cloud-diagrams","stars":7,"topics":["agent-skills","claude-skills","genai"],"license":null,"html_url":"https://github.com/mpuig/claude-cloud-diagrams","pushed_at":"2025-12-21T15:18:52Z","description":"An AI agent that explores your AWS account and draws what it finds. Not a perfect map. A useful one.","skill_md_sha":"7f9c3f3b8bc3c69d2a5d9220c989b2ecc758d4f2","skill_md_path":"skills/aws-discover/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/mpuig/claude-cloud-diagrams/tree/main/skills/aws-discover"},"layout":"multi","source":"github","category":"claude-cloud-diagrams","frontmatter":{"name":"aws-discover","description":"Discover AWS infrastructure and save to JSON. Use when user asks to \"discover AWS\", \"explore AWS account\", \"scan AWS infrastructure\", or \"create infrastructure JSON\"."},"skills_sh_url":"https://skills.sh/mpuig/claude-cloud-diagrams/aws-discover"},"updatedAt":"2026-05-18T19:14:00.824Z"}}