Back to Plugins

Aws Dev Toolkit

AWS development toolkit — 34 skills, 11 agents, and 3 MCP servers for building, migrating, and performing architecture reviews on AWS.

developmentawsagent
By aws-samples
95Updated 3 weeks agoMIT-0

Installation

/plugin install aws-dev-toolkit@claude-plugins-official

How to install

  1. Open Claude Code in your terminal
  2. Run the installation command above
  3. The plugin will be enabled automatically
  4. Use the plugin's features in your Claude Code sessions

Claude Code Plugin Marketplace for Startups on AWS

A Claude Code plugin marketplace tailored to startup building on AWS.

Add the marketplace once, then install any plugin from it.

/plugin marketplace add aws-samples/sample-claude-code-plugins-for-startups

Plugins

aws-dev-toolkit

A comprehensive AWS development toolkit — 34 skills, 11 sub-agents, and 3 MCP servers for building, migrating, and performing architecture reviews on AWS.

/plugin install aws-dev-toolkit@aws-samples

Or load locally during development:

claude --plugin-dir ./plugins/aws-dev-toolkit

Note: --plugin-dir loads the plugin from disk at session start. File changes are picked up on the next session — not live. /plugin update does not work for local plugins (it requires a marketplace source). Restart Claude Code to pick up changes. See Plugins Guide for details.

Usage

Once installed, the plugin's skills, agents, and MCP servers are available automatically in Claude Code. Here's how each piece works:

Skills (Automatic)

Skills activate automatically based on context — no special commands needed. Just ask naturally:

"Review this architecture for Well-Architected best practices"  → aws-architect
"Why is my CloudFormation stack failing?"                       → aws-debug
"How much is this infrastructure costing me?"                   → cost-check
"Are there security issues in my Terraform?"                    → security-review
"Estimate Bedrock costs for 50k daily invocations"              → bedrock
"I want to build a serverless API for processing images"        → aws-plan
"Compare ECS vs EKS for my workload"                            → aws-compare
"Show me a diagram of this architecture"                        → aws-diagram
"We're moving from GCP to AWS"                                  → migration-advisor (agent)

Slash Commands

Some skills are invoked explicitly via slash commands:

/aws-dev-toolkit:iac-scaffold terraform "VPC with public/private subnets and NAT"
/aws-dev-toolkit:iac-scaffold cdk "Serverless API with Lambda and DynamoDB"
/aws-dev-toolkit:aws-health-check us-east-1
/aws-dev-toolkit:aws-diagram from-iac

Sub-Agents (Automatic)

Sub-agents are spun up automatically when Claude determines a specialist is needed. You can also invoke them directly:

"Explore my AWS environment and summarize what's deployed"      → aws-explorer
"Run a Well-Architected review on my production workload"       → well-architected-reviewer
"Review my IaC changes before I deploy"                         → iac-reviewer
"Help me plan a migration from Azure to AWS"                    → migration-advisor
"Help me pick the right Bedrock model for classification"       → bedrock-sme
"I have a PoC agent, help me productionize it"                  → agentcore-sme
"Should I use ECS or EKS for this workload?"                    → container-sme
"Help me optimize my AWS bill"                                  → cost-optimizer

MCP Servers

The plugin ships 3 MCP servers that are used behind the scenes by skills and agents — you don't need to invoke them directly.

ServerTypePackage / URLDescription
awsiacstdioawslabs.aws-iac-mcp-serverCDK/Terraform/CloudFormation development with security scanning
awsknowledgehttphttps://knowledge-mcp.global.api.awsAWS documentation search, service recommendations, and regional availability
awspricingstdioawslabs.aws-pricing-mcp-serverAWS service pricing data, cost reports, and IaC cost analysis
<details> <summary>Using MCP servers outside Claude Code (e.g. Kiro)</summary>

Add to ~/.kiro/settings/mcp.json (user-level) or .kiro/settings/mcp.json (workspace-level):

{
  "mcpServers": {
    "awsiac": {
      "command": "uvx",
      "args": ["awslabs.aws-iac-mcp-server@latest"],
      "env": { "FASTMCP_LOG_LEVEL": "ERROR" },
      "disabled": false
    },
    "awsknowledge": {
      "type": "http",
      "url": "https://knowledge-mcp.global.api.aws",
      "disabled": false
    },
    "awspricing": {
      "command": "uvx",
      "args": ["awslabs.aws-pricing-mcp-server@latest"],
      "env": { "FASTMCP_LOG_LEVEL": "ERROR" },
      "timeout": 120000,
      "disabled": false
    }
  }
}
</details>

Example Workflows

"I need a new service on AWS"

  1. Describe what you're building — aws-plan kicks in automatically
  2. Answer 3-5 discovery questions (it won't overwhelm you)
  3. Review the proposed architecture, security findings, and cost estimate
  4. Scaffold it — /iac-scaffold cdk "your description"
  5. Validate the generated code with cdk synth && cdk diff before deploying

"Should I use Lambda or Fargate?"

  1. Describe your workload — aws-compare evaluates both side-by-side
  2. Get a comparison table across cost, complexity, performance, and team fit
  3. Receive an opinionated recommendation tied to your constraints

"What does this architecture look like?"

  1. Ask for a diagram — /aws-diagram from-iac reverse-engineers your IaC files
  2. Or describe the architecture — it generates Mermaid + ASCII diagrams

"Is my AWS account in good shape?"

  1. Run /aws-health-check us-east-1
  2. Get a quick score with critical findings, warnings, and quick wins
  3. See SCP recommendations if baseline guardrails are missing

"My Bedrock agent is too expensive"

  1. Ask about your Bedrock usage — bedrock-sme analyzes your patterns
  2. Get model selection guidance — it'll steer you toward the cheapest model that works
  3. Ask cost-check to look at your overall AWS bill for context

"I built a PoC agent, now what?"

  1. Share your agent code — agentcore-sme reviews it against the production checklist
  2. Get guidance on adding DeepEval for model evaluation
  3. Choose between AgentCore native observability or Langfuse
  4. Walk through the PoC-to-production migration path

"Run a Well-Architected review on my workload"

  1. The well-architected-reviewer agent scans your AWS environment
  2. Evaluates each of the six pillars with real CLI evidence
  3. Rates findings as HRI (high risk), MRI (medium risk), or LRI (low risk)
  4. Produces a structured report with prioritized remediation steps

"We're moving from GCP to AWS"

  1. Describe your GCP environment — migration-gcp-to-aws maps services to AWS equivalents
  2. Run the assessment commands to inventory what's deployed
  3. Review the gotchas for your specific services (global VPCs, Spanner, BigQuery)
  4. Use iac-scaffold to generate the target AWS infrastructure
  5. Ask migration-advisor for wave planning and cutover strategy

"We're moving from Azure to AWS"

  1. Describe your Azure environment — migration-azure-to-aws maps services to AWS equivalents
  2. Run az CLI discovery commands to inventory resources
  3. Pay special attention to identity migration (Azure AD to IAM Identity Center)
  4. Review Cosmos DB and Synapse migration paths (these are complex)
  5. Use iac-scaffold to generate the target AWS infrastructure

"I have an idea for something on AWS"

  1. Describe your idea — customer-ideation guides you through discovery
  2. Answer the structured questions about requirements and constraints
  3. Review the proposed architecture with Well-Architected checklist
  4. Use /iac-scaffold to generate starter infrastructure code
  5. Ask for a cost estimate before committing

What's Included

Skills (34):

SkillTriggerDescription
Workflows & Planning
aws-planAutoEnd-to-end architecture planning — discovery, design, security review, cost estimate
aws-architectAutoDesign & review AWS architectures against Well-Architected Framework
well-architectedAutoFormal Well-Architected Framework reviews with pillar-by-pillar assessment
customer-ideationAutoGuided ideation from concept to AWS architecture with service selection
aws-compareAutoCompare 2-3 architecture options side-by-side across cost, complexity, and trade-offs
aws-diagramAuto / /aws-diagramGenerate Mermaid/ASCII architecture diagrams from descriptions or existing IaC
aws-health-check/aws-health-check [region]Quick account health scan — security, cost waste, reliability gaps
Scaffolding
iac-scaffold/iac-scaffold <framework> <desc>Scaffold CDK, Terraform, SAM, or CloudFormation projects
strands-agent/strands-agent <description>Scaffold Strands Agents SDK projects on Bedrock AgentCore (TS/Python)
Debugging & Review
aws-debugAutoDebug AWS deployment failures, Lambda errors, permission issues
security-reviewAutoAudit IaC and AWS configs for security issues
cost-checkAutoAnalyze and optimize AWS costs
bedrockAutoBedrock model selection, agents, knowledge bases, guardrails, and cost modeling
challengerAutoAdversarial reviewer that stress-tests architecture recommendations
AWS Services
lambdaAutoDesign, build, and optimize Lambda functions — runtimes, cold starts, concurrency
ec2AutoDesign, configure, and optimize EC2 workloads — instance selection, AMIs, ASGs
ecsAutoDeploy and troubleshoot ECS workloads — task definitions, services, Fargate
eksAutoDeploy and troubleshoot EKS clusters — Kubernetes on AWS, Karpenter, IRSA
s3AutoS3 bucket configuration, storage optimization, and access patterns
dynamodbAutoDynamoDB table design, access patterns, single-table design, GSIs
api-gatewayAutoDesign and configure API Gateway — REST vs HTTP APIs, authorizers, throttling
cloudfrontAutoCloudFront distributions — caching, origins, Lambda@Edge, Functions
iamAutoIAM policies, roles, permission boundaries, and least-privilege design
networkingAutoVPC architecture, subnets, security groups, Transit Gateway, VPC endpoints
messagingAutoSQS, SNS, and EventBridge — queue design, fan-out, event routing
observabilityAutoCloudWatch, X-Ray, and OpenTelemetry — dashboards, alarms, tracing
step-functionsAutoStep Functions workflows — state machines, error handling, service integrations
rds-auroraAutoRDS and Aurora database design, engine selection, HA, and operations
iotAutoAWS IoT architecture — device connectivity, Greengrass, fleet management
mlopsAutoEnd-to-end MLOps — SageMaker, training, inference, pipelines, monitoring
agentcoreAutoAmazon Bedrock AgentCore platform design, deployment, and production ops
Migration
migration-gcp-to-awsAutoGCP to AWS migration service mapping, gotchas, and environment assessment
migration-azure-to-awsAutoAzure to AWS migration service mapping, gotchas, and environment assessment

Sub-Agents (11):

AgentModelDescription
aws-explorerOpusRead-only AWS environment exploration and context gathering
well-architected-reviewerOpusDeep Well-Architected Framework reviews with evidence-based assessment
iac-reviewerOpusReviews IaC changes for correctness, security, and best practices
migration-advisorOpusCloud migration expert — 6Rs framework, wave planning, cutover strategy
bedrock-smeOpusBedrock subject matter expert emphasizing cost-efficient usage patterns
agentcore-smeOpusAgentCore expert for PoC-to-production agent development
container-smeOpusContainer expert for ECS, EKS, and Fargate architecture decisions
serverless-smeOpusServerless architecture expert for Lambda, API Gateway, Step Functions
networking-smeOpusAWS networking expert — VPC design, hybrid connectivity, DNS, CDN
observability-smeOpusCloudW

View source on GitHub