AgentSkillsCN

awsflow-ec2

使用 awsflow 查询 AWS EC2 实例、实例类型、镜像、VPC、子网、安全组、路由表、互联网/NAT 网关、网络接口、卷、快照、密钥对、流日志、标签、启动模板、传输网关、VPC 端点,以及 Spot 定价。所有命令均为只读操作。

SKILL.md
--- frontmatter
name: awsflow-ec2
description: Query AWS EC2 instances, instance types, images, VPCs, subnets, security groups, route tables, internet/NAT gateways, network interfaces, volumes, snapshots, key pairs, flow logs, tags, launch templates, transit gateways, VPC endpoints, and spot pricing using awsflow. All read-only commands.

Awsflow EC2

Query EC2 compute and networking resources. All commands are read-only.

When to Use This Skill

Use this skill when the user:

  • Asks about EC2 instances, their status, or console output
  • Wants to explore VPCs, subnets, security groups, or route tables
  • Needs to list volumes, snapshots, or key pairs
  • Wants to check instance types, pricing, or availability
  • Asks about networking (internet gateways, NAT gateways, network interfaces, flow logs)
  • Wants to inspect launch templates, transit gateways, or VPC endpoints

Tool: EC2Tool

Execute AWS EC2 read-only and info commands. ALWAYS provide params object.

Commands

DescribeInstances

Describe one or more EC2 instances.

json
{ "command": "DescribeInstances", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
json
{ "command": "DescribeInstances", "params": { "Filters": [{ "Name": "instance-state-name", "Values": ["running"] }] } }

Parameters:

ParameterTypeRequiredDescription
InstanceIdsarray of stringsNoList of instance IDs
Filtersarray of objectsNoEC2 filter array with Name and Values[]
MaxResultsnumberNoMaximum results per page
NextTokenstringNoPagination token
DryRunbooleanNoValidate permissions without running

DescribeInstanceStatus

Get status checks for instances.

json
{ "command": "DescribeInstanceStatus", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }

Parameters:

ParameterTypeRequiredDescription
InstanceIdsarray of stringsNoList of instance IDs
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions without running

DescribeInstanceTypes

Get details about instance types (CPU, memory, networking).

json
{ "command": "DescribeInstanceTypes", "params": { "InstanceTypes": ["t3.micro", "m5.large"] } }

Parameters:

ParameterTypeRequiredDescription
InstanceTypesarray of stringsNoInstance type names to describe
Filtersarray of objectsNoFilter array

DescribeInstanceTypeOfferings

List instance types available in specific locations.

json
{ "command": "DescribeInstanceTypeOfferings", "params": { "LocationType": "availability-zone", "Filters": [{ "Name": "instance-type", "Values": ["t3.*"] }] } }

Parameters:

ParameterTypeRequiredDescription
LocationTypestringNoregion, availability-zone, or availability-zone-id
Filtersarray of objectsNoFilter array

DescribeImages

Describe AMIs (Amazon Machine Images).

json
{ "command": "DescribeImages", "params": { "Owners": ["self"], "Filters": [{ "Name": "state", "Values": ["available"] }] } }

Parameters:

ParameterTypeRequiredDescription
Ownersarray of stringsNoImage owners (self, amazon, account ID)
Filtersarray of objectsNoFilter array
MaxResultsnumberNoMaximum results
NextTokenstringNoPagination token
DryRunbooleanNoValidate permissions

DescribeVpcs

Describe VPCs.

json
{ "command": "DescribeVpcs", "params": {} }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeSubnets

Describe subnets.

json
{ "command": "DescribeSubnets", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeSecurityGroups

Describe security groups.

json
{ "command": "DescribeSecurityGroups", "params": { "GroupIds": ["sg-12345"] } }

Parameters:

ParameterTypeRequiredDescription
GroupIdsarray of stringsNoSecurity group IDs
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeSecurityGroupRules

Describe security group rules.

json
{ "command": "DescribeSecurityGroupRules", "params": { "Filters": [{ "Name": "group-id", "Values": ["sg-12345"] }] } }

Parameters:

ParameterTypeRequiredDescription
GroupIdsarray of stringsNoSecurity group IDs
Filtersarray of objectsNoFilter array

DescribeVolumes

Describe EBS volumes.

json
{ "command": "DescribeVolumes", "params": { "Filters": [{ "Name": "attachment.instance-id", "Values": ["i-12345"] }] } }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
MaxResultsnumberNoMaximum results
NextTokenstringNoPagination token
DryRunbooleanNoValidate permissions

DescribeSnapshots

Describe EBS snapshots.

json
{ "command": "DescribeSnapshots", "params": { "Filters": [{ "Name": "volume-id", "Values": ["vol-12345"] }] } }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
MaxResultsnumberNoMaximum results
NextTokenstringNoPagination token
DryRunbooleanNoValidate permissions

DescribeKeyPairs

Describe key pairs.

json
{ "command": "DescribeKeyPairs", "params": {} }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeAddresses

Describe Elastic IP addresses.

json
{ "command": "DescribeAddresses", "params": {} }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeRegions

Describe available AWS regions.

json
{ "command": "DescribeRegions", "params": {} }

Parameters:

ParameterTypeRequiredDescription
RegionNamesarray of stringsNoSpecific region names
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeAvailabilityZones

Describe availability zones.

json
{ "command": "DescribeAvailabilityZones", "params": {} }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeRouteTables

Describe route tables.

json
{ "command": "DescribeRouteTables", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }

Parameters:

ParameterTypeRequiredDescription
RouteTableIdsarray of stringsNoRoute table IDs
Filtersarray of objectsNoFilter array

DescribeInternetGateways

Describe internet gateways.

json
{ "command": "DescribeInternetGateways", "params": { "InternetGatewayIds": ["igw-12345"] } }

Parameters:

ParameterTypeRequiredDescription
InternetGatewayIdsarray of stringsNoInternet gateway IDs
Filtersarray of objectsNoFilter array

DescribeNatGateways

Describe NAT gateways.

json
{ "command": "DescribeNatGateways", "params": { "NatGatewayIds": ["nat-12345"] } }

Parameters:

ParameterTypeRequiredDescription
NatGatewayIdsarray of stringsNoNAT gateway IDs
Filtersarray of objectsNoFilter array

DescribeNetworkInterfaces

Describe network interfaces.

json
{ "command": "DescribeNetworkInterfaces", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }

Parameters:

ParameterTypeRequiredDescription
NetworkInterfaceIdsarray of stringsNoNetwork interface IDs
Filtersarray of objectsNoFilter array

DescribeFlowLogs

Describe VPC flow logs.

json
{ "command": "DescribeFlowLogs", "params": { "FlowLogIds": ["fl-12345"] } }

Parameters:

ParameterTypeRequiredDescription
FlowLogIdsarray of stringsNoFlow log IDs
Filtersarray of objectsNoFilter array

DescribeTags

Describe tags across EC2 resources.

json
{ "command": "DescribeTags", "params": { "Filters": [{ "Name": "resource-id", "Values": ["i-12345"] }] } }

Parameters:

ParameterTypeRequiredDescription
Filtersarray of objectsNoFilter array
DryRunbooleanNoValidate permissions

DescribeLaunchTemplates

Describe launch templates.

json
{ "command": "DescribeLaunchTemplates", "params": { "LaunchTemplateIds": ["lt-12345"] } }

Parameters:

ParameterTypeRequiredDescription
LaunchTemplateIdsarray of stringsNoLaunch template IDs
LaunchTemplateNamesarray of stringsNoLaunch template names
Filtersarray of objectsNoFilter array

DescribeTransitGateways

Describe transit gateways.

json
{ "command": "DescribeTransitGateways", "params": { "TransitGatewayIds": ["tgw-12345"] } }

Parameters:

ParameterTypeRequiredDescription
TransitGatewayIdsarray of stringsNoTransit gateway IDs
Filtersarray of objectsNoFilter array

DescribeVpcEndpoints

Describe VPC endpoints.

json
{ "command": "DescribeVpcEndpoints", "params": { "VpcEndpointIds": ["vpce-12345"] } }

Parameters:

ParameterTypeRequiredDescription
VpcEndpointIdsarray of stringsNoVPC endpoint IDs
Filtersarray of objectsNoFilter array

DescribeVpcPeeringConnections

Describe VPC peering connections.

json
{ "command": "DescribeVpcPeeringConnections", "params": { "VpcPeeringConnectionIds": ["pcx-12345"] } }

Parameters:

ParameterTypeRequiredDescription
VpcPeeringConnectionIdsarray of stringsNoPeering connection IDs
Filtersarray of objectsNoFilter array

DescribeSpotPriceHistory

Get spot instance pricing history.

json
{ "command": "DescribeSpotPriceHistory", "params": { "InstanceTypes": ["m5.large"], "ProductDescriptions": ["Linux/UNIX"], "StartTime": "2024-01-01T00:00:00Z" } }

Parameters:

ParameterTypeRequiredDescription
InstanceTypesarray of stringsNoInstance type names
ProductDescriptionsarray of stringsNoProduct descriptions
StartTimestringNoStart time for history
EndTimestringNoEnd time for history
Filtersarray of objectsNoFilter array

DescribeAccountAttributes

Describe EC2 account attributes (limits).

json
{ "command": "DescribeAccountAttributes", "params": {} }

Parameters: None required.

GetConsoleOutput

Get the console output from an instance.

json
{ "command": "GetConsoleOutput", "params": { "InstanceId": "i-1234567890abcdef0" } }

Parameters:

ParameterTypeRequiredDescription
InstanceIdstringYesInstance ID

GetLaunchTemplateData

Get launch template data from an instance.

json
{ "command": "GetLaunchTemplateData", "params": { "InstanceId": "i-1234567890abcdef0" } }

Parameters:

ParameterTypeRequiredDescription
InstanceIdstringYesInstance ID

GetPasswordData

Get Windows instance password data.

json
{ "command": "GetPasswordData", "params": { "InstanceId": "i-1234567890abcdef0" } }

Parameters:

ParameterTypeRequiredDescription
InstanceIdstringYesInstance ID

GetHostReservationPurchasePreview

Preview a host reservation purchase.

json
{ "command": "GetHostReservationPurchasePreview", "params": {} }

Related Services

  • EC2 → CloudWatch: VPC Flow Logs deliver to CloudWatch Log Groups. Use DescribeFlowLogs to find the log group name, then CloudWatchLogTool to read logs
  • EC2 → VPC/Subnet/SecurityGroup: Instance metadata contains vpcId, subnetId, securityGroups — use these IDs with DescribeVpcs, DescribeSubnets, DescribeSecurityGroups
  • EC2 → IAM: Instance profiles link to IAM roles. Use IAMTool to inspect the role
  • EC2 → CloudFormation: EC2 instances created by CloudFormation can be found via CloudFormationTool DescribeStackResources
  • EC2 → S3: Instances use S3 for user data scripts, AMI snapshots; check instance user data for S3 references
  • EC2 → EBS: Use DescribeVolumes with filter attachment.instance-id to find volumes attached to an instance