Skill279 estrellas del repoactualizado 7d ago

aws-cloudformation-vpc

This Claude Code skill provides AWS CloudFormation templates for building VPC infrastructure foundations, including subnets, route tables, internet and NAT gateways, and VPC endpoints with structured guidance on addressing plans, layered resource creation, and stable outputs for downstream stacks. Use it when establishing new VPC stacks, segmenting public and private workloads across availability zones, configuring internet or private AWS service access, or preparing reusable networking foundations for application deployments on ECS, EKS, Lambda, EC2, or RDS.

Ver fuente Repositorio: developer-kit

Instalar en Claude Code

Copiar

git clone --depth 1 https://github.com/giuseppe-trisciuoglio/developer-kit /tmp/aws-cloudformation-vpc && cp -r /tmp/aws-cloudformation-vpc/plugins/developer-kit-aws/skills/aws-cloudformation/aws-cloudformation-vpc ~/.claude/skills/aws-cloudformation-vpc

Después abre una sesión nueva de Claude Code; el skill carga automáticamente.

Definición

SKILL.md

# AWS CloudFormation VPC Infrastructure

## Overview

Build a VPC foundation with CloudFormation that stays readable, reusable, and safe to evolve. Provides a clear subnet and routing model with predictable connectivity for public and private workloads, plus outputs that downstream stacks can consume without duplicating network logic.

Use the `references/` files for larger templates and extended service combinations.

## When to Use

- Creating a new VPC stack for an application or shared platform
- Adding public and private subnets across one or more Availability Zones
- Wiring internet access, NAT egress, or private endpoints
- Exporting VPC, subnet, route table, and security-group-adjacent identifiers for other stacks
- Preparing reusable infrastructure for ECS, EKS, Lambda, EC2, or RDS stacks

## Instructions

### 1. Start with the address plan

Before writing resources, define:
- VPC CIDR range
- Number of Availability Zones
- Public, private, and isolated subnet ranges
- Which workloads need internet ingress, NAT egress, or only private AWS service access

This prevents route-table sprawl and painful subnet replacement later.

### 2. Build the core network resources in layers

Create the stack in this order:
1. VPC and subnets
2. Internet Gateway for public ingress and egress
3. NAT gateways if private subnets need outbound internet access
4. Route tables and subnet associations
5. Optional VPC endpoints for private access to AWS services

Keep each layer easy to inspect in the template and avoid mixing unrelated application resources into the same stack.

### 3. Parameterize only the environment-dependent values

Useful parameters include:
- Environment name
- VPC CIDR and subnet CIDRs
- Number of AZs or explicit subnet IDs in nested-stack scenarios
- Flags for optional endpoints or NAT layout

Do not parameterize every route or tag unless it meaningfully changes between environments.

### 4. Export only what consumers really need

Typical outputs:
- VPC ID
- Public, private, and isolated subnet IDs
- Route table IDs when downstream stacks must attach routes
- Security boundaries or prefix-list references only when another stack consumes them

Stable outputs make application stacks easier to compose and migrate.

### 5. Validate before deployment

Run these commands to validate the template and verify routing:

```bash
# Validate CloudFormation template syntax
aws cloudformation validate-template --template-body file://vpc.yaml

# Review change set before applying
aws cloudformation create-change-set \
  --stack-name my-vpc \
  --template-body file://vpc.yaml \
  --change-set-type CREATE

# Verify route table associations
aws ec2 describe-route-tables \
  --filters "Name=vpc-id,Values=<vpc-id>"

# Check subnet to route table mappings
aws ec2 describe-route-tables \
  --filters "Name=association.subnet-id,Values=<subnet-id>"

# Verify internet gateway attachment
aws ec2 describe-internet-gateways \
  --filters "Name=attachment.vpc-id,Values=<vpc-id>"
```

## Examples

### Example 1: Complete two-tier VPC with routing

This template creates a VPC with public and private subnets, internet gateway, NAT gateway, and properly configured route tables.

```yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: "Two-tier VPC with public and private subnets"

Resources:
  # VPC
  MainVpc:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      EnableDnsHostnames: true
      EnableDnsSupport: true
      Tags:
        - Key: Name
          Value: !Sub "${AWS::StackName}-main"

  # Internet Gateway
  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: Name
          Value: !Sub "${AWS::StackName}-igw"

  # Attach IGW to VPC
  GatewayToInternet:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref MainVpc
      InternetGatewayId: !Ref InternetGateway

  # Public Subnet (AZ 1)
  PublicSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MainVpc
      CidrBlock: 10.0.1.0/24
      AvailabilityZone: !Select [0, !GetAZs ""]
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub "${AWS::StackName}-public-a"

  # Private Subnet (AZ 1)
  PrivateSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MainVpc
      CidrBlock: 10.0.11.0/24
      AvailabilityZone: !Select [0, !GetAZs ""]
      Tags:
        - Key: Name
          Value: !Sub "${AWS::StackName}-private-a"

  # Elastic IP for NAT Gateway
  NatEip:
    Type: AWS::EC2::EIP
    DependsOn: GatewayToInternet
    Properties:
      Domain: vpc

  # NAT Gateway
  NatGateway:
    Type: AWS::EC2::NatGateway
    Properties:
      SubnetId: !Ref PublicSubnetA
      AllocationId: !GetAtt NatEip.AllocationId

  # Public Route Table
  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref MainVpc
      Tags:
        - Key: Name
          Value: !Sub "${AWS::StackName}-public-rt"

  # Default route to IGW
  PublicDefaultRoute:
    Type: AWS::EC2::Route
    DependsOn: GatewayToInternet
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway

  # Associate public subnet
  PublicSubnetARouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PublicSubnetA
      RouteTableId: !Ref PublicRouteTable

  # Private Route Table
  PrivateRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref MainVpc
      Tags:
        - Key: Name
          Value: !Sub "${AWS::StackName}-private-rt"

  # Default route via NAT Gateway
  PrivateDefaultRoute:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref PrivateRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId: !Ref NatGateway

  # Associate private subnet
  PrivateSubnetARouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Re

Del mismo repositorio

chunking-strategySkill

Provides chunking strategies for RAG systems. Generates chunk size recommendations (256-1024 tokens), overlap percentages (10-20%), and semantic boundary detection methods. Validates semantic coherence and evaluates retrieval precision/recall metrics. Use when building retrieval-augmented generation systems, vector databases, or processing large documents.

prompt-engineeringSkill

ragSkill

Implements document chunking, embedding generation, vector storage, and retrieval pipelines for Retrieval-Augmented Generation systems. Use when building RAG applications, creating document Q&A systems, or integrating AI with knowledge bases.

aws-cloudformation-auto-scalingSkill

Provides AWS CloudFormation patterns for Auto Scaling including EC2, ECS, and Lambda. Use when creating Auto Scaling groups, launch configurations, launch templates, scaling policies, lifecycle hooks, and predictive scaling. Covers template structure with Parameters, Outputs, Mappings, Conditions, cross-stack references, and best practices for high availability and cost optimization.

aws-cloudformation-bedrockSkill

Provides AWS CloudFormation patterns for Amazon Bedrock resources including agents, knowledge bases, data sources, guardrails, prompts, flows, and inference profiles. Use when creating Bedrock agents with action groups, implementing RAG with knowledge bases, configuring vector stores, setting up content moderation guardrails, managing prompts, orchestrating workflows with flows, and configuring inference profiles for model optimization.

aws-cloudformation-cloudfrontSkill

Provides AWS CloudFormation patterns for CloudFront distributions, origins (ALB, S3, Lambda@Edge, VPC Origins), CacheBehaviors, Functions, SecurityHeaders, parameters, Outputs and cross-stack references. Use when creating CloudFront distributions with CloudFormation, configuring multiple origins, implementing caching strategies, managing custom domains with ACM, configuring WAF, and optimizing performance.

aws-cloudformation-cloudwatchSkill

Provides AWS CloudFormation patterns for CloudWatch monitoring, metrics, alarms, dashboards, logs, and observability. Use when creating CloudWatch metrics, alarms, dashboards, log groups, log subscriptions, anomaly detection, synthesized canaries, Application Signals, and implementing template structure with Parameters, Outputs, Mappings, Conditions, cross-stack references, and CloudWatch best practices for monitoring production infrastructure.

aws-cloudformation-dynamodbSkill

Provides AWS CloudFormation patterns for DynamoDB tables, GSIs, LSIs, auto-scaling, and streams. Use when creating DynamoDB tables with CloudFormation, configuring primary keys, local/global secondary indexes, capacity modes (on-demand/provisioned), point-in-time recovery, encryption, TTL, and implementing template structure with Parameters, Outputs, Mappings, Conditions, cross-stack references.