AgentSkillsCN

aws-deployment

采用“科研先行”的理念部署AWS基础设施。借助AWS MCP工具进行文档编写、区域可用性管理及资源统筹。在编写代码前务必先查阅AWS官方文档,清晰阐释各项服务与缩写含义,充分考量多种备选方案,保持aws/目录井然有序,并在测试完成后果断提出销毁资源的建议。对于任何AWS部署、Terraform、ECS、Fargate、Lambda、S3、RDS等云基础设施相关任务,都应积极主动地加以运用。尤其在原型开发或学习型项目中,更需严格遵循此流程,以有效规避意外成本。(项目)

SKILL.md
--- frontmatter
name: aws-deployment
description: Deploys AWS infrastructure with research-first approach. Uses AWS MCP tools for documentation, regional availability, and resource management. ALWAYS searches AWS documentation before writing code, explains services and abbreviations, considers alternatives, maintains organized aws/ folder, and CRITICALLY offers to destroy resources after testing. Use PROACTIVELY for any AWS deployment, Terraform, ECS, Fargate, Lambda, S3, RDS, or cloud infrastructure tasks. MUST BE USED for prototype/learning projects to avoid unexpected costs. (project)
allowed-tools: [
  "Bash", "Read", "Write", "Edit", "Grep", "Glob", "AskUserQuestion", "WebFetch",
  "mcp__aws-knowledge-mcp__aws___search_documentation",
  "mcp__aws-knowledge-mcp__aws___read_documentation",
  "mcp__aws-knowledge-mcp__aws___recommend",
  "mcp__aws-knowledge-mcp__aws___get_regional_availability",
  "mcp__aws-knowledge-mcp__aws___list_regions",
  "mcp__aws-api-mcp__suggest_aws_commands",
  "mcp__aws-api-mcp__call_aws",
  "mcp__aws-ccapi-mcp__check_environment_variables",
  "mcp__aws-ccapi-mcp__get_aws_session_info",
  "mcp__aws-ccapi-mcp__get_resource_schema_information",
  "mcp__aws-ccapi-mcp__list_resources",
  "mcp__aws-ccapi-mcp__get_resource",
  "mcp__aws-ccapi-mcp__generate_infrastructure_code",
  "mcp__aws-ccapi-mcp__explain",
  "mcp__aws-ccapi-mcp__run_checkov",
  "mcp__aws-ccapi-mcp__create_resource",
  "mcp__aws-ccapi-mcp__update_resource",
  "mcp__aws-ccapi-mcp__delete_resource",
  "mcp__aws-ccapi-mcp__get_aws_account_info"
]

AWS Deployment Skill

Deploy and destroy pharma-test-gen ECS/Fargate infrastructure.

Configuration

KeyValue
Projectpharma-test-gen
Regioneu-west-2
Account275333454012
ECR275333454012.dkr.ecr.eu-west-2.amazonaws.com

Deploy Workflow

Full commands: reference/quick-commands.md

1. ECR Login

bash
aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin 275333454012.dkr.ecr.eu-west-2.amazonaws.com

2. Build & Push Images

bash
# API
docker buildx build --platform linux/amd64 -f Dockerfile.api.pip -t 275333454012.dkr.ecr.eu-west-2.amazonaws.com/pharma-test-gen-api:staging-latest --push .

# Worker
docker buildx build --platform linux/amd64 -f Dockerfile.worker.pip -t 275333454012.dkr.ecr.eu-west-2.amazonaws.com/pharma-test-gen-worker:staging-latest --push .

# Frontend (needs CLERK key)
docker buildx build --platform linux/amd64 -f Dockerfile.frontend --build-arg NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_test_xxx -t 275333454012.dkr.ecr.eu-west-2.amazonaws.com/pharma-test-gen-frontend:staging-latest --push .

3. Terraform Deploy

bash
cd aws/terraform && terraform apply -var-file=environments/staging.tfvars -auto-approve

4. Upload ChromaDB (if missing)

bash
tar -czvf /tmp/chroma_db.tar.gz -C main chroma_db
aws s3 cp /tmp/chroma_db.tar.gz s3://pharma-test-gen-vectors-staging/chroma_db.tar.gz --region eu-west-2

5. Force Service Redeployment

bash
aws ecs update-service --cluster pharma-test-gen-cluster --service pharma-test-gen-api --force-new-deployment --region eu-west-2
aws ecs update-service --cluster pharma-test-gen-cluster --service pharma-test-gen-worker --force-new-deployment --desired-count 1 --region eu-west-2
aws ecs update-service --cluster pharma-test-gen-cluster --service pharma-test-gen-frontend --force-new-deployment --region eu-west-2

6. Verify Services

bash
aws ecs describe-services --cluster pharma-test-gen-cluster --services pharma-test-gen-api pharma-test-gen-worker pharma-test-gen-frontend --region eu-west-2 --query 'services[].{name:serviceName,desired:desiredCount,running:runningCount}' --output table

Destroy Workflow

Quick Destroy

bash
python aws/scripts/destroy.py --yes --skip-ecr

Manual (if script fails)

bash
cd aws/terraform && terraform destroy -var-file=environments/staging.tfvars -auto-approve

Stop AWS Config (saves ~$3-5/month)

bash
aws configservice stop-configuration-recorder --configuration-recorder-name pharma --region eu-west-2

Troubleshooting

Full guide: reference/troubleshooting.md

SymptomCauseFix
Worker S3 403 ForbiddenChromaDB tarball deletedRe-upload: aws s3 cp chroma_db.tar.gz s3://pharma-test-gen-vectors-staging/
Worker desiredCount=0Scaled down during destroyScale up: aws ecs update-service --desired-count 1
uv: command not found in WSLuv not in UbuntuUse python3 directly
Terraform state lockedPrevious run crashedterraform force-unlock <LOCK_ID>
ECR login failedToken expiredRe-run ECR login command
Docker buildx not foundbuildx not installeddocker buildx create --use

Health Checks

ServiceEndpoint
Production (Route 53)https://csvgeneration.com/
API Healthhttps://csvgeneration.com/health
Frontendhttps://csvgeneration.com/generate

Get ALB DNS (internal)

bash
aws elbv2 describe-load-balancers --names pharma-test-gen-api-alb pharma-test-gen-frontend-alb --region eu-west-2 --query 'LoadBalancers[].{name:LoadBalancerName,dns:DNSName}' --output table

CloudWatch Logs

ServiceLog Group
API/ecs/pharma-test-gen/api
Worker/ecs/pharma-test-gen/worker
Frontend/ecs/pharma-test-gen/frontend

View Recent Logs

bash
aws logs filter-log-events --log-group-name /ecs/pharma-test-gen/worker --start-time $(date -d '5 minutes ago' +%s000) --region eu-west-2 --query 'events[-10:].message' --output text

WSL Wrapper (Windows)

All commands need WSL wrapper on Windows:

powershell
wsl -d Ubuntu -e bash -c "cd /mnt/c/Users/.../thesis_project && <command>"

Critical Scripts

ScriptPurpose
aws/scripts/deploy.pyFull deployment orchestrator
aws/scripts/destroy.pyClean teardown with S3 emptying
aws/scripts/1_upload_chroma_to_s3.pyChromaDB S3 upload (requires boto3)

Cost Reminder

Estimated costs while running:

  • Per HOUR: ~$0.75
  • Per DAY: ~$18
  • Per MONTH: ~$540

ALWAYS offer to destroy after testing to avoid unexpected charges.