Skill279 estrellas del repoactualizado 7d ago

aws-cloudformation-rds

This Claude Code skill provides AWS CloudFormation patterns for deploying and managing Amazon RDS databases, including single instances (MySQL, PostgreSQL), Aurora clusters, multi-AZ configurations, parameter groups, and subnet groups. Use it when building production-ready database infrastructure that requires infrastructure-as-code templates, cross-stack references, or integration with AWS Secrets Manager for credential management.

Ver fuente Repositorio: developer-kit

Instalar en Claude Code

Copiar

git clone --depth 1 https://github.com/giuseppe-trisciuoglio/developer-kit /tmp/aws-cloudformation-rds && cp -r /tmp/aws-cloudformation-rds/plugins/developer-kit-aws/skills/aws-cloudformation/aws-cloudformation-rds ~/.claude/skills/aws-cloudformation-rds

Después abre una sesión nueva de Claude Code; el skill carga automáticamente.

Definición

SKILL.md

# AWS CloudFormation RDS Database

## Overview

Create production-ready Amazon RDS infrastructure using AWS CloudFormation templates. Covers RDS instances (MySQL, PostgreSQL, Aurora), DB clusters, multi-AZ deployments, parameter groups, subnet groups, security groups, and cross-stack references.

## When to Use

- Creating RDS instances (MySQL, PostgreSQL, Aurora) or DB clusters with read replicas
- Setting up multi-AZ deployments or configuring parameter/subnet groups
- Integrating with Secrets Manager or implementing cross-stack references

## Quick Reference

| Component | CloudFormation Type | Use Case |
|-----------|-------------------|----------|
| DB Instance | `AWS::RDS::DBInstance` | Single database instance |
| DB Cluster | `AWS::RDS::DBCluster` | Aurora cluster |
| DB Subnet Group | `AWS::RDS::DBSubnetGroup` | VPC deployment |
| Parameter Group | `AWS::RDS::DBParameterGroup` | Database configuration |
| Security Group | `AWS::EC2::SecurityGroup` | Network access control |
| Secrets Manager | `AWS::SecretsManager::Secret` | Credential storage |

## Instructions

### Step 1 — Define Database Parameters

Use AWS-specific parameter types for validation.

```yaml
Parameters:
  DBInstanceClass:
    Type: AWS::RDS::DBInstance::InstanceType
    Default: db.t3.micro
    AllowedValues: [db.t3.micro, db.t3.small, db.t3.medium]

  Engine:
    Type: String
    Default: mysql
    AllowedValues: [mysql, postgres, aurora-mysql, aurora-postgresql]

  MasterUsername:
    Type: String
    Default: admin
    AllowedPattern: "^[a-zA-Z][a-zA-Z0-9]*$"
    MinLength: 1
    MaxLength: 16

  MasterUserPassword:
    Type: String
    NoEcho: true
    MinLength: 8
    MaxLength: 41
```

See [template-structure.md](references/template-structure.md) for advanced parameter patterns, mappings, conditions, and cross-stack references.

### Step 2 — Create DB Subnet Group

Required for VPC deployment with subnets in different AZs.

```yaml
DBSubnetGroup:
  Type: AWS::RDS::DBSubnetGroup
  Properties:
    DBSubnetGroupDescription: Subnet group for RDS
    SubnetIds:
      - !Ref PrivateSubnet1
      - !Ref PrivateSubnet2
```

See [database-components.md](references/database-components.md) for parameter groups, option groups, and engine-specific configurations.

### Step 3 — Configure Security Group

Restrict access to application tier only.

```yaml
DBSecurityGroup:
  Type: AWS::EC2::SecurityGroup
  Properties:
    GroupDescription: Security group for RDS
    VpcId: !Ref VpcId
    SecurityGroupIngress:
      - IpProtocol: tcp
        FromPort: 3306
        ToPort: 3306
        SourceSecurityGroupId: !Ref AppSecurityGroup
```

See [security-secrets.md](references/security-secrets.md) for VPC security groups, encryption, Secrets Manager integration, and IAM authentication.

### Step 4 — Launch RDS Instance

Configure instance with subnet group, security group, and settings.

```yaml
DBInstance:
  Type: AWS::RDS::DBInstance
  Properties:
    DBInstanceIdentifier: !Sub "${AWS::StackName}-mysql"
    DBInstanceClass: !Ref DBInstanceClass
    Engine: !Ref Engine
    MasterUsername: !Ref MasterUsername
    MasterUserPassword: !Ref MasterUserPassword
    AllocatedStorage: 20
    StorageType: gp3
    DBSubnetGroupName: !Ref DBSubnetGroup
    VPCSecurityGroups: [!Ref DBSecurityGroup]
    StorageEncrypted: true
    MultiAZ: true
    BackupRetentionPeriod: 7
    DeletionProtection: false
```

See [database-components.md](references/database-components.md) for MySQL, PostgreSQL, Aurora cluster configurations, and parameter groups.

### Step 5 — Enable High Availability

Configure multi-AZ deployment for production.

```yaml
Conditions:
  IsProduction: !Equals [!Ref Environment, production]

Resources:
  DBInstance:
    Type: AWS::RDS::DBInstance
    Properties:
      MultiAZ: !If [IsProduction, true, false]
      BackupRetentionPeriod: !If [IsProduction, 35, 7]
      DeletionProtection: !If [IsProduction, true, false]
      EnablePerformanceInsights: !If [IsProduction, true, false]
```

See [high-availability.md](references/high-availability.md) for multi-AZ deployments, read replicas, Aurora auto-scaling, enhanced monitoring, and disaster recovery.

### Step 6 — Define Outputs

Export connection details for application stacks.

```yaml
Outputs:
  DBInstanceEndpoint:
    Description: Database endpoint address
    Value: !GetAtt DBInstance.Endpoint.Address
    Export:
      Name: !Sub ${AWS::StackName}-DBEndpoint

  DBInstancePort:
    Description: Database port
    Value: !GetAtt DBInstance.Endpoint.Port
    Export:
      Name: !Sub ${AWS::StackName}-DBPort

  DBConnectionString:
    Description: Connection string
    Value: !Sub jdbc:mysql://${DBInstance.Endpoint.Address}:${DBInstance.Endpoint.Port}/${DBName}
```

See [template-structure.md](references/template-structure.md) for cross-stack reference patterns and import/export strategies.

### Validation Steps

Always validate before deploying, especially to production.

```bash
# Validate the template syntax
aws cloudformation validate-template --template-body file://template.yaml

# Review the change set before applying updates
aws cloudformation create-change-set \
  --stack-name my-rds-stack \
  --template-body file://template.yaml \
  --change-set-type UPDATE

aws cloudformation describe-change-set --change-set-name <arn>

# Execute the change set if the preview looks correct
aws cloudformation execute-change-set --change-set-name <arn>
```

## Best Practices

| Category | Practice | Implementation |
|----------|----------|----------------|
| Security | Encryption at rest | `StorageEncrypted: true` with KMS key |
| Security | Credential management | Use Secrets Manager integration |
| Security | Network isolation | Private subnets, restrictive SG rules |
| Security | IAM authentication | Enable `IAMDatabaseAuthentication` |
| HA | Multi-AZ deployment | `MultiAZ: true` for production |
| HA | Deletion protection | `DeletionProtection: true` for production |
| HA | Backup

Del mismo repositorio

chunking-strategySkill

Provides chunking strategies for RAG systems. Generates chunk size recommendations (256-1024 tokens), overlap percentages (10-20%), and semantic boundary detection methods. Validates semantic coherence and evaluates retrieval precision/recall metrics. Use when building retrieval-augmented generation systems, vector databases, or processing large documents.

prompt-engineeringSkill

ragSkill

Implements document chunking, embedding generation, vector storage, and retrieval pipelines for Retrieval-Augmented Generation systems. Use when building RAG applications, creating document Q&A systems, or integrating AI with knowledge bases.

aws-cloudformation-auto-scalingSkill

Provides AWS CloudFormation patterns for Auto Scaling including EC2, ECS, and Lambda. Use when creating Auto Scaling groups, launch configurations, launch templates, scaling policies, lifecycle hooks, and predictive scaling. Covers template structure with Parameters, Outputs, Mappings, Conditions, cross-stack references, and best practices for high availability and cost optimization.

aws-cloudformation-bedrockSkill

Provides AWS CloudFormation patterns for Amazon Bedrock resources including agents, knowledge bases, data sources, guardrails, prompts, flows, and inference profiles. Use when creating Bedrock agents with action groups, implementing RAG with knowledge bases, configuring vector stores, setting up content moderation guardrails, managing prompts, orchestrating workflows with flows, and configuring inference profiles for model optimization.

aws-cloudformation-cloudfrontSkill

Provides AWS CloudFormation patterns for CloudFront distributions, origins (ALB, S3, Lambda@Edge, VPC Origins), CacheBehaviors, Functions, SecurityHeaders, parameters, Outputs and cross-stack references. Use when creating CloudFront distributions with CloudFormation, configuring multiple origins, implementing caching strategies, managing custom domains with ACM, configuring WAF, and optimizing performance.

aws-cloudformation-cloudwatchSkill

Provides AWS CloudFormation patterns for CloudWatch monitoring, metrics, alarms, dashboards, logs, and observability. Use when creating CloudWatch metrics, alarms, dashboards, log groups, log subscriptions, anomaly detection, synthesized canaries, Application Signals, and implementing template structure with Parameters, Outputs, Mappings, Conditions, cross-stack references, and CloudWatch best practices for monitoring production infrastructure.

aws-cloudformation-dynamodbSkill

Provides AWS CloudFormation patterns for DynamoDB tables, GSIs, LSIs, auto-scaling, and streams. Use when creating DynamoDB tables with CloudFormation, configuring primary keys, local/global secondary indexes, capacity modes (on-demand/provisioned), point-in-time recovery, encryption, TTL, and implementing template structure with Parameters, Outputs, Mappings, Conditions, cross-stack references.