MCP HubMCP Hub
SKILL·208458

aws-sst-development

zxkane
Actualizado 26 days ago
329
36
329
Ver en GitHub
Metawordaidesign

Acerca de

Esta habilidad proporciona asistencia experta para SST v4 (Ion), el framework respaldado por Pulumi para gestionar infraestructura de AWS como código. Ayuda a los desarrolladores a escribir y depurar `sst.config.ts`, construir infraestructura con constructos `sst.aws.*` y recursos de Pulumi, y ejecutar comandos de SST como `deploy` o `dev`. Úsala cuando trabajes en proyectos que contengan configuración o dependencias de SST, pero no para tareas de AWS CDK, Terraform o CloudFormation directo.

Instalación rápida

Claude Code

Recomendado
Principal
npx skills add zxkane/aws-skills -a claude-code
Comando PluginAlternativo
/plugin add https://github.com/zxkane/aws-skills
Git CloneAlternativo
git clone https://github.com/zxkane/aws-skills.git ~/.claude/skills/aws-sst-development

Copia y pega este comando en Claude Code para instalar esta habilidad

Documentación

SST v4 for AWS

SST v4 (the "Ion" engine) is a Pulumi-backed IaC framework: you describe AWS resources in TypeScript and SST/Pulumi reconciles them into your account. It gives you high-level sst.aws.* components (Function, Bucket, Dynamo, Cron, Service, …) that expand into many underlying resources, plus an escape hatch to any raw Pulumi aws.* resource for the long tail. This skill encodes a production-proven way to author, link, test, deploy, and troubleshoot SST stacks on AWS — distilled from real multi-stack projects that have paid for each lesson with a prod incident.

SST and Pulumi are third-party — verify current syntax with Context7 (resolve-library-idquery-docs for sst or pulumi-aws) when you're unsure about a component's options. Verify AWS-side facts (service limits, model IDs, IAM action names, region availability) with the AWS docs MCP, never from memory. The patterns here are the how; the docs are the what.

When you're invoked

Figure out which mode you're in and jump to the right reference:

SituationGo to
New project, or adding a resource/module to an existing SST appAuthorreferences/authoring.md
Wiring one module's output into another (links, SSM, IAM scope)Authorreferences/authoring.md § Sharing
Writing tests for infra so changes don't silently breakTestreferences/testing.md
Running a deploy, or a deploy just failedDeploy/Operatereferences/deploy-and-troubleshoot.md
Migrating a resource between Pulumi types, renaming a physical nameDeploy/Operatereferences/deploy-and-troubleshoot.md § Migrations

Always read the relevant reference before editing — they carry the why behind each rule, which matters more than the rule itself.

Orientation: read the repo before you touch it

SST projects are conventional but not identical. Before editing, build a quick map so your change matches the house style instead of fighting it:

  1. sst.config.ts — the app name, home, providers/region, defaultTags, any global $transform (Node runtime pin, bundle fixups), and the order in which run() imports infra/ modules. The import order is the dependency order; respect it.
  2. infra/ — one file per domain (storage, functions, api, observability…). This is where resources are declared. Check for an infra/CLAUDE.md — these projects keep IaC-specific rules there, and it's the single most valuable file to read first.
  3. infra/tests/ — source-level Vitest assertions that pin resource invariants. If they exist, your change must keep them green and probably needs a new assertion.
  4. package.json / .nvmrc — package manager (npm vs pnpm), Node version, and the sst/pulumi versions actually installed.

Run npx sst version to confirm you're on v4/Ion (the $config + .sst/platform/ signature). v2/v3 ("SST Classic", CDK-based) is a different framework — these patterns don't apply there.

The conventions, and which are universal vs tunable

The projects this skill is built from share a deliberate house style. Some of it is universal (true for any SST v4 + AWS project — apply it everywhere); some is project-specific (a sensible default these projects chose — adopt it for consistency, but recognize a project may differ).

Universal — these principles hold for any SST v4 + AWS project:

  • Control the Node runtime deliberately, in one place. Don't leave it to whatever the installed SST happens to default to. The idiom is a single global $transform(sst.aws.Function, (args) => { args.runtime ??= "nodejs24.x" }) in run()??= is correct here (the transform runs before the component applies its own default, so it fills in only when the user didn't set one). Recent SST already defaults to a current Node runtime, so check the installed default first (Context7); the transform is then version-independence insurance so a future SST downgrade can't silently move your fleet. See references/authoring.md.
  • Never interpolate a Pulumi Output<T> into a plain JS template literal. Use $interpolate (or pulumi.interpolate). A bare top-level `${bucket.arn}/*` stringifies the Output to a [Output<T>] placeholder and produces a broken ARN that only fails at deploy time (it type-checks and sst dev runs fine). The fix is $interpolate`${bucket.arn}/*`. This has caused prod deploy outages. See references/authoring.md § Outputs.
  • Migrating a resource between Pulumi types should default to two PRs — Pulumi creates-before-destroys, so for a uniqueness-constrained AWS name (bucket, IAM role, gateway) the old resource still owns it and the create fails with ConflictException. Two sequential deploys (teardown, then recreate) is the conservative default; aliases: / pulumi import / state surgery can bridge identity in some cases but only with a reviewed plan. See references/deploy-and-troubleshoot.md § Migrations.
  • Prefer typed sst.aws.* / aws.* resources over the aws.cloudcontrol.Resource escape hatch. CloudControl outputs are stringly-typed and oneOf fields don't patch cleanly. Use it only when no typed resource exists yet, and migrate off it when one ships.

Project-specific defaults — adopt for consistency, but confirm per repo:

  • Region ap-northeast-1, home: "aws", and defaultTags carrying Project / Stage / ManagedBy: "sst".
  • Stage-gated lifecycle: removal: stage === "prod" ? "retain" : "remove" and protect: stage === "prod" so prod resources survive a stack tear-down and non-prod previews clean up.
  • SSM Parameter Store as the out-of-graph contract under a /{app}/{stage}/{domain}/... prefix — for consumers that aren't in the Pulumi graph (CI scripts, sibling apps, operators). For same-app Lambdas, prefer SST link: (it wires a real dependency edge and grants IAM); don't route same-app sharing through SSM. See references/authoring.md § Sharing.
  • Lazy await import("./infra/<module>") inside run() so sst dev hot-reload stays light. (For testing, a module export still runs its top-level new sst.aws.* unless it's wrapped in a factory function — see references/testing.md for how to test infra.)
  • Source-level Vitest tests on every infra module — a lightweight, house-style regression net asserting on the source text (resource names, index shapes, IAM scopes). It's a deliberate choice, not an SST limit: Pulumi does support runtime mocks (@pulumi/pulumi/runtime) for behavioral graph tests when a module has real logic. Source assertions don't replace a preview-deploy + smoke test. See references/testing.md.
  • An observability gate: every new Lambda/queue/schedule gets an alarm and structured logging before merge. Whether you enforce this depends on the project, but it's cheap insurance. See references/deploy-and-troubleshoot.md § Observability.

When you introduce a convention, say which bucket it's in ("this is universal" vs "matching this repo's house style") so the user can override the project-specific ones deliberately.

Working rhythm

  1. Orient (above) — map config, modules, tests, tooling.
  2. Verify syntax with Context7 / AWS docs MCP if anything is non-obvious. Don't guess at a component's option name.
  3. Author the resource/module following references/authoring.md. Match the surrounding file's commenting density and naming — these projects comment the why heavily, and a terse one-liner in a heavily-annotated file reads as a regression.
  4. Test — add or update source-level assertions (references/testing.md) and run npx vitest (or the repo's test script). Run npx sst diff and/or tsc --noEmit to catch type and plan errors before deploying.
  5. Deploy/operate per references/deploy-and-troubleshoot.md. Confirm the target account with aws sts get-caller-identity before any sst deploy.
  6. Clean up any exported state files — they contain account IDs and ARNs and must not linger in /tmp or chat history.

What good looks like

  • The change is the smallest diff that satisfies the requirement, in the right infra/ module, wired into run() in dependency order.
  • Every Lambda gets the right runtime via the global transform (you didn't hand-set runtime unless intentionally diverging — e.g. a Python function).
  • Cross-resource references use link: (in-graph) and/or $interpolate-scoped IAM; outputs other tools consume are published to SSM under the stage prefix.
  • New infra has a matching source-level test, and the existing suite stays green.
  • You confirmed AWS-side facts via the docs MCP and SST/Pulumi syntax via Context7 rather than relying on recall.
  • Anything irreversible (deploy, sst remove, a resource-type migration) was flagged to the user with the account it targets, and migrations were planned as two PRs, not one.

Repositorio GitHub

zxkane/aws-skills
Ruta: plugins/aws-iac/skills/aws-sst-development
0
agent-skillsanthropicawsaws-agentcoreaws-cdkaws-cost-optimization
FAQ

Frequently asked questions

What is the aws-sst-development skill?

aws-sst-development is a Claude Skill by zxkane. Skills package instructions and resources that Claude loads on demand, so Claude can perform aws-sst-development-related tasks without extra prompting.

How do I install aws-sst-development?

Use the install commands on this page: add aws-sst-development to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.

What category does aws-sst-development belong to?

aws-sst-development is in the Meta category, tagged word, ai and design.

Is aws-sst-development free to use?

Yes. aws-sst-development is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.

Habilidades relacionadas

content-collections
Meta

Esta habilidad proporciona una configuración probada en producción para Content Collections, una herramienta centrada en TypeScript que transforma archivos Markdown/MDX en colecciones de datos con tipado seguro mediante validación Zod. Úsala al construir blogs, sitios de documentación o aplicaciones Vite + React con mucho contenido para garantizar seguridad de tipos y validación automática de contenido. Abarca todo, desde la configuración del plugin de Vite y compilación MDX hasta la optimización de despliegue y validación de esquemas.

Ver habilidad
polymarket
Meta

Esta habilidad permite a los desarrolladores crear aplicaciones con la plataforma de mercados de predicción Polymarket, incluyendo la integración de API para operaciones y datos de mercado. También proporciona transmisión de datos en tiempo real a través de WebSocket para monitorear operaciones en vivo y actividad del mercado. Úsela para implementar estrategias de trading o crear herramientas que procesen actualizaciones de mercado en tiempo real.

Ver habilidad
creating-opencode-plugins
Meta

Esta habilidad ayuda a los desarrolladores a crear complementos de OpenCode que se conectan a más de 25 tipos de eventos, como comandos, archivos y operaciones LSP. Proporciona la estructura del complemento, las especificaciones de la API de eventos y los patrones de implementación para módulos en JavaScript/TypeScript. Úsala cuando necesites interceptar, monitorear o extender el ciclo de vida del asistente de IA de OpenCode con lógica personalizada basada en eventos.

Ver habilidad
sglang
Meta

SGLang es un framework de alto rendimiento para el servicio de LLM que se especializa en generación rápida y estructurada para JSON, expresiones regulares y flujos de trabajo de agentes utilizando su caché de prefijos RadixAttention. Ofrece una inferencia significativamente más rápida, especialmente para tareas con prefijos repetidos, lo que lo hace ideal para salidas complejas y estructuradas, y conversaciones multiturno. Elige SGLang sobre alternativas como vLLM cuando necesites decodificación restringida o estés construyendo aplicaciones con uso extensivo de prefijos compartidos.

Ver habilidad