srstomp/cloud-infrastructure
plugins/pokayokay/skills/cloud-infrastructure/SKILL.md
Use when provisioning cloud resources, choosing between AWS services (Lambda vs ECS vs EKS), writing CDK/IaC, designing serverless or container architectures, configuring IAM/security groups, or optimizing cloud costs.
$ install --global
skillsauthnpx skillsauth add srstomp/pokayokay cloud-infrastructureInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 27, 2026, 7:03 AM32.8s9 files scanned
SKILL.md
- name:
- cloud-infrastructure
- agents:
- [yokay-implementer]
- description:
- Use when provisioning cloud resources, choosing between AWS services (Lambda vs ECS vs EKS), writing CDK/IaC, designing serverless or container architectures, configuring IAM/security groups, or optimizing cloud costs.
Cloud Infrastructure
Design and provision cloud infrastructure with AWS-primary patterns and cloud-agnostic naming for portability.
Decision Framework
New service/workload?
├── Stateless, event-driven, <15min → Serverless (Lambda + API GW)
├── Long-running, stateful, predictable → Containers (ECS Fargate)
├── Kubernetes-native, multi-cloud → Orchestration (EKS)
└── Static content, CDN → Storage (S3 + CloudFront)
Database needs?
├── Key-value, <1ms, scale-to-zero → DynamoDB
├── Relational, complex queries → RDS/Aurora
├── Document store, flexible schema → DocumentDB
└── Cache, sessions, pub/sub → ElastiCache (Redis)
IaC approach?
├── AWS-only, type-safe → CDK (TypeScript)
├── Multi-cloud, declarative → Terraform
└── Simple, YAML → CloudFormation
When NOT to Use
- CI/CD pipelines: Use
ci-cdskill for pipeline config (CodePipeline, GitHub Actions) - Database schema design: Use
database-designskill for schema/migrations/queries - Application-level monitoring: Use
observabilityskill for application metrics/logs/traces
References
| File | Use When |
|------|----------|
| references/service-selection.md | Choosing between AWS compute, database, or messaging services |
| references/cdk-patterns.md | Writing CDK constructs, organizing stacks, L1/L2/L3 patterns |
| references/serverless-patterns.md | Building Lambda functions, API Gateway, Step Functions, event-driven |
| references/container-patterns.md | ECS Fargate task definitions, service discovery, health checks |
| references/iam-and-security.md | IAM policies, security groups, VPC design, least privilege |
| references/storage-and-cdn.md | S3 configuration, CloudFront distributions, caching strategies |
| references/database-selection.md | DynamoDB patterns, RDS/Aurora configuration, managed DB comparison |
| references/cost-optimization.md | Right-sizing, reserved capacity, cost estimation, billing alerts |
Related Skills
srstomp/worktrees
development
VerifiedTrustedCommunity
Git worktree management for isolated task development
6SKILL.mdUpdated Apr 27, 2026
srstomp/work-session
development
VerifiedTrustedCommunity
Use when starting AI development sessions, resuming interrupted work, managing multi-session projects, or orchestrating work with human checkpoint control (supervised, semi-auto, auto, or unattended modes).
6SKILL.mdUpdated Apr 27, 2026
srstomp/verification-before-completion
testing
VerifiedTrustedCommunity
Use before claiming work is done, fixed, passing, ready to commit, ready to PR, or ready to mark complete. Requires fresh verification evidence and explicit command output before success claims.
6SKILL.mdUpdated Apr 27, 2026
srstomp/testing-strategy
development
VerifiedTrustedCommunity
Use when designing test architecture, building API test suites, validating API contracts, setting up component or E2E testing, managing test data, debugging flaky tests, reviewing coverage strategy, or organizing test files. Covers test pyramid, mocking (MSW), frontend (React Testing Library, Playwright), and CI integration.
6SKILL.mdUpdated Apr 27, 2026