Awsflow EC2
Query EC2 compute and networking resources. All commands are read-only.
When to Use This Skill
Use this skill when the user:
- •Asks about EC2 instances, their status, or console output
- •Wants to explore VPCs, subnets, security groups, or route tables
- •Needs to list volumes, snapshots, or key pairs
- •Wants to check instance types, pricing, or availability
- •Asks about networking (internet gateways, NAT gateways, network interfaces, flow logs)
- •Wants to inspect launch templates, transit gateways, or VPC endpoints
Tool: EC2Tool
Execute AWS EC2 read-only and info commands. ALWAYS provide params object.
Commands
DescribeInstances
Describe one or more EC2 instances.
{ "command": "DescribeInstances", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
{ "command": "DescribeInstances", "params": { "Filters": [{ "Name": "instance-state-name", "Values": ["running"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceIds | array of strings | No | List of instance IDs |
| Filters | array of objects | No | EC2 filter array with Name and Values[] |
| MaxResults | number | No | Maximum results per page |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions without running |
DescribeInstanceStatus
Get status checks for instances.
{ "command": "DescribeInstanceStatus", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceIds | array of strings | No | List of instance IDs |
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions without running |
DescribeInstanceTypes
Get details about instance types (CPU, memory, networking).
{ "command": "DescribeInstanceTypes", "params": { "InstanceTypes": ["t3.micro", "m5.large"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceTypes | array of strings | No | Instance type names to describe |
| Filters | array of objects | No | Filter array |
DescribeInstanceTypeOfferings
List instance types available in specific locations.
{ "command": "DescribeInstanceTypeOfferings", "params": { "LocationType": "availability-zone", "Filters": [{ "Name": "instance-type", "Values": ["t3.*"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| LocationType | string | No | region, availability-zone, or availability-zone-id |
| Filters | array of objects | No | Filter array |
DescribeImages
Describe AMIs (Amazon Machine Images).
{ "command": "DescribeImages", "params": { "Owners": ["self"], "Filters": [{ "Name": "state", "Values": ["available"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Owners | array of strings | No | Image owners (self, amazon, account ID) |
| Filters | array of objects | No | Filter array |
| MaxResults | number | No | Maximum results |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions |
DescribeVpcs
Describe VPCs.
{ "command": "DescribeVpcs", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeSubnets
Describe subnets.
{ "command": "DescribeSubnets", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeSecurityGroups
Describe security groups.
{ "command": "DescribeSecurityGroups", "params": { "GroupIds": ["sg-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| GroupIds | array of strings | No | Security group IDs |
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeSecurityGroupRules
Describe security group rules.
{ "command": "DescribeSecurityGroupRules", "params": { "Filters": [{ "Name": "group-id", "Values": ["sg-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| GroupIds | array of strings | No | Security group IDs |
| Filters | array of objects | No | Filter array |
DescribeVolumes
Describe EBS volumes.
{ "command": "DescribeVolumes", "params": { "Filters": [{ "Name": "attachment.instance-id", "Values": ["i-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| MaxResults | number | No | Maximum results |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions |
DescribeSnapshots
Describe EBS snapshots.
{ "command": "DescribeSnapshots", "params": { "Filters": [{ "Name": "volume-id", "Values": ["vol-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| MaxResults | number | No | Maximum results |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions |
DescribeKeyPairs
Describe key pairs.
{ "command": "DescribeKeyPairs", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeAddresses
Describe Elastic IP addresses.
{ "command": "DescribeAddresses", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeRegions
Describe available AWS regions.
{ "command": "DescribeRegions", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| RegionNames | array of strings | No | Specific region names |
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeAvailabilityZones
Describe availability zones.
{ "command": "DescribeAvailabilityZones", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeRouteTables
Describe route tables.
{ "command": "DescribeRouteTables", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| RouteTableIds | array of strings | No | Route table IDs |
| Filters | array of objects | No | Filter array |
DescribeInternetGateways
Describe internet gateways.
{ "command": "DescribeInternetGateways", "params": { "InternetGatewayIds": ["igw-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InternetGatewayIds | array of strings | No | Internet gateway IDs |
| Filters | array of objects | No | Filter array |
DescribeNatGateways
Describe NAT gateways.
{ "command": "DescribeNatGateways", "params": { "NatGatewayIds": ["nat-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| NatGatewayIds | array of strings | No | NAT gateway IDs |
| Filters | array of objects | No | Filter array |
DescribeNetworkInterfaces
Describe network interfaces.
{ "command": "DescribeNetworkInterfaces", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| NetworkInterfaceIds | array of strings | No | Network interface IDs |
| Filters | array of objects | No | Filter array |
DescribeFlowLogs
Describe VPC flow logs.
{ "command": "DescribeFlowLogs", "params": { "FlowLogIds": ["fl-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| FlowLogIds | array of strings | No | Flow log IDs |
| Filters | array of objects | No | Filter array |
DescribeTags
Describe tags across EC2 resources.
{ "command": "DescribeTags", "params": { "Filters": [{ "Name": "resource-id", "Values": ["i-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
DescribeLaunchTemplates
Describe launch templates.
{ "command": "DescribeLaunchTemplates", "params": { "LaunchTemplateIds": ["lt-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| LaunchTemplateIds | array of strings | No | Launch template IDs |
| LaunchTemplateNames | array of strings | No | Launch template names |
| Filters | array of objects | No | Filter array |
DescribeTransitGateways
Describe transit gateways.
{ "command": "DescribeTransitGateways", "params": { "TransitGatewayIds": ["tgw-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| TransitGatewayIds | array of strings | No | Transit gateway IDs |
| Filters | array of objects | No | Filter array |
DescribeVpcEndpoints
Describe VPC endpoints.
{ "command": "DescribeVpcEndpoints", "params": { "VpcEndpointIds": ["vpce-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| VpcEndpointIds | array of strings | No | VPC endpoint IDs |
| Filters | array of objects | No | Filter array |
DescribeVpcPeeringConnections
Describe VPC peering connections.
{ "command": "DescribeVpcPeeringConnections", "params": { "VpcPeeringConnectionIds": ["pcx-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| VpcPeeringConnectionIds | array of strings | No | Peering connection IDs |
| Filters | array of objects | No | Filter array |
DescribeSpotPriceHistory
Get spot instance pricing history.
{ "command": "DescribeSpotPriceHistory", "params": { "InstanceTypes": ["m5.large"], "ProductDescriptions": ["Linux/UNIX"], "StartTime": "2024-01-01T00:00:00Z" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceTypes | array of strings | No | Instance type names |
| ProductDescriptions | array of strings | No | Product descriptions |
| StartTime | string | No | Start time for history |
| EndTime | string | No | End time for history |
| Filters | array of objects | No | Filter array |
DescribeAccountAttributes
Describe EC2 account attributes (limits).
{ "command": "DescribeAccountAttributes", "params": {} }
Parameters: None required.
GetConsoleOutput
Get the console output from an instance.
{ "command": "GetConsoleOutput", "params": { "InstanceId": "i-1234567890abcdef0" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceId | string | Yes | Instance ID |
GetLaunchTemplateData
Get launch template data from an instance.
{ "command": "GetLaunchTemplateData", "params": { "InstanceId": "i-1234567890abcdef0" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceId | string | Yes | Instance ID |
GetPasswordData
Get Windows instance password data.
{ "command": "GetPasswordData", "params": { "InstanceId": "i-1234567890abcdef0" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceId | string | Yes | Instance ID |
GetHostReservationPurchasePreview
Preview a host reservation purchase.
{ "command": "GetHostReservationPurchasePreview", "params": {} }
Related Services
- •EC2 → CloudWatch: VPC Flow Logs deliver to CloudWatch Log Groups. Use
DescribeFlowLogsto find the log group name, thenCloudWatchLogToolto read logs - •EC2 → VPC/Subnet/SecurityGroup: Instance metadata contains
vpcId,subnetId,securityGroups— use these IDs withDescribeVpcs,DescribeSubnets,DescribeSecurityGroups - •EC2 → IAM: Instance profiles link to IAM roles. Use
IAMToolto inspect the role - •EC2 → CloudFormation: EC2 instances created by CloudFormation can be found via
CloudFormationToolDescribeStackResources - •EC2 → S3: Instances use S3 for user data scripts, AMI snapshots; check instance user data for S3 references
- •EC2 → EBS: Use
DescribeVolumeswith filterattachment.instance-idto find volumes attached to an instance