Manage and query AWS EC2 resources including launching/stopping/terminating instances, creating VPCs and subnets, managing security groups, volumes, snapshots, AMIs, and querying all EC2 resource types using awsclaw. Full lifecycle management.
Manage EC2 compute and networking resources with full lifecycle operations including creation, modification, and deletion.
Use this skill when the user:
Execute AWS EC2 commands for managing compute and network resources. ALWAYS provide params object. Supports read operations, instance lifecycle (launch, start, stop, terminate, reboot), VPC/network creation and configuration (VPCs, subnets, security groups, internet/NAT gateways, route tables), storage (volumes, snapshots, AMIs), and resource tagging.
Launch new EC2 instances.
{ "command": "RunInstances", "params": { "ImageId": "ami-0abcdef1234567890", "InstanceType": "t3.micro", "MinCount": 1, "MaxCount": 1, "KeyName": "my-key", "SecurityGroupIds": ["sg-12345"], "SubnetId": "subnet-12345" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| ImageId | string | Yes | AMI ID to launch |
| InstanceType | string | Yes | Instance type (e.g., t3.micro, m5.large) |
| MinCount | number | Yes | Minimum number of instances |
| MaxCount | number | Yes | Maximum number of instances |
| KeyName | string | No | SSH key pair name |
| SecurityGroupIds | array of strings | No | Security group IDs |
| SubnetId | string | No | Subnet ID for placement |
| UserData | string | No | Base64-encoded startup script |
| Tags | array of objects | No | Resource tags |
Terminate EC2 instances.
{ "command": "TerminateInstances", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
Stop running instances.
{ "command": "StopInstances", "params": { "InstanceIds": ["i-1234567890abcdef0"], "Force": false } }
Start stopped instances.
{ "command": "StartInstances", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
Reboot instances.
{ "command": "RebootInstances", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
Create a new VPC.
{ "command": "CreateVpc", "params": { "CidrBlock": "10.0.0.0/16", "Tags": [{ "Key": "Name", "Value": "MyVPC" }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| CidrBlock | string | Yes | CIDR block (e.g., 10.0.0.0/16) |
| Tags | array of objects | No | Resource tags |
{ "command": "DeleteVpc", "params": { "VpcId": "vpc-12345" } }
Create a subnet in a VPC.
{ "command": "CreateSubnet", "params": { "VpcId": "vpc-12345", "CidrBlock": "10.0.1.0/24", "AvailabilityZone": "us-east-1a" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| VpcId | string | Yes | VPC ID |
| CidrBlock | string | Yes | Subnet CIDR block |
| AvailabilityZone | string | No | AZ for subnet |
{ "command": "DeleteSubnet", "params": { "SubnetId": "subnet-12345" } }
Create a security group.
{ "command": "CreateSecurityGroup", "params": { "GroupName": "MySecurityGroup", "Description": "My security group description", "VpcId": "vpc-12345" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| GroupName | string | Yes | Security group name |
| Description | string | Yes | Security group description |
| VpcId | string | Yes | VPC ID |
{ "command": "DeleteSecurityGroup", "params": { "GroupId": "sg-12345" } }
Add inbound rules to security group.
{ "command": "AuthorizeSecurityGroupIngress", "params": { "GroupId": "sg-12345", "IpPermissions": [{ "IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "IpRanges": [{ "CidrIp": "0.0.0.0/0" }] }] } }
Add outbound rules to security group.
{ "command": "AuthorizeSecurityGroupEgress", "params": { "GroupId": "sg-12345", "IpPermissions": [{ "IpProtocol": "-1", "IpRanges": [{ "CidrIp": "0.0.0.0/0" }] }] } }
Remove inbound rules.
{ "command": "RevokeSecurityGroupIngress", "params": { "GroupId": "sg-12345", "IpPermissions": [{ "IpProtocol": "tcp", "FromPort": 22, "ToPort": 22 }] } }
Remove outbound rules.
{ "command": "RevokeSecurityGroupEgress", "params": { "GroupId": "sg-12345", "IpPermissions": [{ "IpProtocol": "-1" }] } }
Create an EBS volume.
{ "command": "CreateVolume", "params": { "AvailabilityZone": "us-east-1a", "Size": 100, "VolumeType": "gp3", "Tags": [{ "Key": "Name", "Value": "MyVolume" }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| AvailabilityZone | string | Yes | AZ for volume |
| Size | number | No | Size in GiB |
| VolumeType | string | No | gp2, gp3, io1, io2, st1, sc1 |
| SnapshotId | string | No | Create from snapshot |
{ "command": "DeleteVolume", "params": { "VolumeId": "vol-12345" } }
Attach volume to instance.
{ "command": "AttachVolume", "params": { "VolumeId": "vol-12345", "InstanceId": "i-12345", "Device": "/dev/sdf" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| VolumeId | string | Yes | Volume ID |
| InstanceId | string | Yes | Instance ID |
| Device | string | Yes | Device name (/dev/sdf) |
{ "command": "DetachVolume", "params": { "VolumeId": "vol-12345", "Force": false } }
Create snapshot from volume.
{ "command": "CreateSnapshot", "params": { "VolumeId": "vol-12345", "Description": "My snapshot" } }
{ "command": "DeleteSnapshot", "params": { "SnapshotId": "snap-12345" } }
Create AMI from instance.
{ "command": "CreateImage", "params": { "InstanceId": "i-12345", "Name": "MyAMI", "Description": "My custom AMI", "NoReboot": true } }
Delete an AMI.
{ "command": "DeregisterImage", "params": { "ImageId": "ami-12345" } }
Add tags to resources.
{ "command": "CreateTags", "params": { "Resources": ["i-12345", "vol-12345"], "Tags": [{ "Key": "Environment", "Value": "Production" }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Resources | array of strings | Yes | Resource IDs to tag |
| Tags | array of objects | Yes | Tag key-value pairs |
Remove tags from resources.
{ "command": "DeleteTags", "params": { "Resources": ["i-12345"], "Tags": [{ "Key": "Environment" }] } }
Create internet gateway.
{ "command": "CreateInternetGateway", "params": {} }
Attach internet gateway to VPC.
{ "command": "AttachInternetGateway", "params": { "InternetGatewayId": "igw-12345", "VpcId": "vpc-12345" } }
{ "command": "DetachInternetGateway", "params": { "InternetGatewayId": "igw-12345", "VpcId": "vpc-12345" } }
{ "command": "DeleteInternetGateway", "params": { "InternetGatewayId": "igw-12345" } }
Create NAT gateway.
{ "command": "CreateNatGateway", "params": { "SubnetId": "subnet-12345", "AllocationId": "eipalloc-12345" } }
{ "command": "DeleteNatGateway", "params": { "NatGatewayId": "nat-12345" } }
Create route table.
{ "command": "CreateRouteTable", "params": { "VpcId": "vpc-12345" } }
{ "command": "DeleteRouteTable", "params": { "RouteTableId": "rtb-12345" } }
Add route to route table.
{ "command": "CreateRoute", "params": { "RouteTableId": "rtb-12345", "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": "igw-12345" } }
{ "command": "DeleteRoute", "params": { "RouteTableId": "rtb-12345", "DestinationCidrBlock": "0.0.0.0/0" } }
Associate route table with subnet.
{ "command": "AssociateRouteTable", "params": { "RouteTableId": "rtb-12345", "SubnetId": "subnet-12345" } }
{ "command": "DisassociateRouteTable", "params": { "AssociationId": "rtbassoc-12345" } }
Allocate Elastic IP.
{ "command": "AllocateAddress", "params": { "Domain": "vpc" } }
Release Elastic IP.
{ "command": "ReleaseAddress", "params": { "AllocationId": "eipalloc-12345" } }
Associate Elastic IP with instance.
{ "command": "AssociateAddress", "params": { "AllocationId": "eipalloc-12345", "InstanceId": "i-12345" } }
{ "command": "DisassociateAddress", "params": { "AssociationId": "eipassoc-12345" } }
Create SSH key pair.
{ "command": "CreateKeyPair", "params": { "KeyName": "my-key-pair" } }
{ "command": "DeleteKeyPair", "params": { "KeyName": "my-key-pair" } }
Create launch template.
{ "command": "CreateLaunchTemplate", "params": { "LaunchTemplateName": "MyTemplate", "LaunchTemplateData": { "ImageId": "ami-12345", "InstanceType": "t3.micro" } } }
{ "command": "DeleteLaunchTemplate", "params": { "LaunchTemplateId": "lt-12345" } }
Describe one or more EC2 instances.
{ "command": "DescribeInstances", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
{ "command": "DescribeInstances", "params": { "Filters": [{ "Name": "instance-state-name", "Values": ["running"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceIds | array of strings | No | List of instance IDs |
| Filters | array of objects | No | EC2 filter array with Name and Values[] |
| MaxResults | number | No | Maximum results per page |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions without running |
Get status checks for instances.
{ "command": "DescribeInstanceStatus", "params": { "InstanceIds": ["i-1234567890abcdef0"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceIds | array of strings | No | List of instance IDs |
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions without running |
Get details about instance types (CPU, memory, networking).
{ "command": "DescribeInstanceTypes", "params": { "InstanceTypes": ["t3.micro", "m5.large"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceTypes | array of strings | No | Instance type names to describe |
| Filters | array of objects | No | Filter array |
List instance types available in specific locations.
{ "command": "DescribeInstanceTypeOfferings", "params": { "LocationType": "availability-zone", "Filters": [{ "Name": "instance-type", "Values": ["t3.*"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| LocationType | string | No | region, availability-zone, or availability-zone-id |
| Filters | array of objects | No | Filter array |
Describe AMIs (Amazon Machine Images).
{ "command": "DescribeImages", "params": { "Owners": ["self"], "Filters": [{ "Name": "state", "Values": ["available"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Owners | array of strings | No | Image owners (self, amazon, account ID) |
| Filters | array of objects | No | Filter array |
| MaxResults | number | No | Maximum results |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions |
Describe VPCs.
{ "command": "DescribeVpcs", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe subnets.
{ "command": "DescribeSubnets", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe security groups.
{ "command": "DescribeSecurityGroups", "params": { "GroupIds": ["sg-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| GroupIds | array of strings | No | Security group IDs |
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe security group rules.
{ "command": "DescribeSecurityGroupRules", "params": { "Filters": [{ "Name": "group-id", "Values": ["sg-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| GroupIds | array of strings | No | Security group IDs |
| Filters | array of objects | No | Filter array |
Describe EBS volumes.
{ "command": "DescribeVolumes", "params": { "Filters": [{ "Name": "attachment.instance-id", "Values": ["i-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| MaxResults | number | No | Maximum results |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions |
Describe EBS snapshots.
{ "command": "DescribeSnapshots", "params": { "Filters": [{ "Name": "volume-id", "Values": ["vol-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| MaxResults | number | No | Maximum results |
| NextToken | string | No | Pagination token |
| DryRun | boolean | No | Validate permissions |
Describe key pairs.
{ "command": "DescribeKeyPairs", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe Elastic IP addresses.
{ "command": "DescribeAddresses", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe available AWS regions.
{ "command": "DescribeRegions", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| RegionNames | array of strings | No | Specific region names |
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe availability zones.
{ "command": "DescribeAvailabilityZones", "params": {} }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe route tables.
{ "command": "DescribeRouteTables", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| RouteTableIds | array of strings | No | Route table IDs |
| Filters | array of objects | No | Filter array |
Describe internet gateways.
{ "command": "DescribeInternetGateways", "params": { "InternetGatewayIds": ["igw-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InternetGatewayIds | array of strings | No | Internet gateway IDs |
| Filters | array of objects | No | Filter array |
Describe NAT gateways.
{ "command": "DescribeNatGateways", "params": { "NatGatewayIds": ["nat-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| NatGatewayIds | array of strings | No | NAT gateway IDs |
| Filters | array of objects | No | Filter array |
Describe network interfaces.
{ "command": "DescribeNetworkInterfaces", "params": { "Filters": [{ "Name": "vpc-id", "Values": ["vpc-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| NetworkInterfaceIds | array of strings | No | Network interface IDs |
| Filters | array of objects | No | Filter array |
Describe VPC flow logs.
{ "command": "DescribeFlowLogs", "params": { "FlowLogIds": ["fl-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| FlowLogIds | array of strings | No | Flow log IDs |
| Filters | array of objects | No | Filter array |
Describe tags across EC2 resources.
{ "command": "DescribeTags", "params": { "Filters": [{ "Name": "resource-id", "Values": ["i-12345"] }] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| Filters | array of objects | No | Filter array |
| DryRun | boolean | No | Validate permissions |
Describe launch templates.
{ "command": "DescribeLaunchTemplates", "params": { "LaunchTemplateIds": ["lt-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| LaunchTemplateIds | array of strings | No | Launch template IDs |
| LaunchTemplateNames | array of strings | No | Launch template names |
| Filters | array of objects | No | Filter array |
Describe transit gateways.
{ "command": "DescribeTransitGateways", "params": { "TransitGatewayIds": ["tgw-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| TransitGatewayIds | array of strings | No | Transit gateway IDs |
| Filters | array of objects | No | Filter array |
Describe VPC endpoints.
{ "command": "DescribeVpcEndpoints", "params": { "VpcEndpointIds": ["vpce-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| VpcEndpointIds | array of strings | No | VPC endpoint IDs |
| Filters | array of objects | No | Filter array |
Describe VPC peering connections.
{ "command": "DescribeVpcPeeringConnections", "params": { "VpcPeeringConnectionIds": ["pcx-12345"] } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| VpcPeeringConnectionIds | array of strings | No | Peering connection IDs |
| Filters | array of objects | No | Filter array |
Get spot instance pricing history.
{ "command": "DescribeSpotPriceHistory", "params": { "InstanceTypes": ["m5.large"], "ProductDescriptions": ["Linux/UNIX"], "StartTime": "2024-01-01T00:00:00Z" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceTypes | array of strings | No | Instance type names |
| ProductDescriptions | array of strings | No | Product descriptions |
| StartTime | string | No | Start time for history |
| EndTime | string | No | End time for history |
| Filters | array of objects | No | Filter array |
Describe EC2 account attributes (limits).
{ "command": "DescribeAccountAttributes", "params": {} }
Parameters: None required.
Get the console output from an instance.
{ "command": "GetConsoleOutput", "params": { "InstanceId": "i-1234567890abcdef0" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceId | string | Yes | Instance ID |
Get launch template data from an instance.
{ "command": "GetLaunchTemplateData", "params": { "InstanceId": "i-1234567890abcdef0" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceId | string | Yes | Instance ID |
Get Windows instance password data.
{ "command": "GetPasswordData", "params": { "InstanceId": "i-1234567890abcdef0" } }
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| InstanceId | string | Yes | Instance ID |
Preview a host reservation purchase.
{ "command": "GetHostReservationPurchasePreview", "params": {} }
DescribeFlowLogs to find the log group name, then CloudWatchLogTool to read logsvpcId, subnetId, securityGroups — use these IDs with DescribeVpcs, DescribeSubnets, DescribeSecurityGroupsIAMTool to inspect the roleCloudFormationTool DescribeStackResourcesDescribeVolumes with filter attachment.instance-id to find volumes attached to an instance