aws-well-architected-review

Installation
SKILL.md

AWS Well-Architected

Apply AWS Well-Architected best practices to all AWS infrastructure work. This applies whether you are writing new infrastructure or reviewing existing infrastructure.

When writing new infra (create, scaffold, add, generate): Apply the mandatory defaults below so every resource is correct from the first draft. Do not generate anti-patterns and then suggest fixes. The code itself is the output. Read rules/generate-defaults.md for framework-specific property name mappings when generating code.

When reviewing existing infra (review, check, audit, validate): Scan for anti-patterns using the review checklist below and produce a structured findings report with concrete fixes.

If both (e.g., "add a Lambda and review the rest"): Write new code with defaults applied, then review the existing code.

Detect the framework and language from the project context. Generate code and fixes in the matching format.


Generate Mode — Mandatory Defaults

Every resource you generate must satisfy these requirements:

Every resource: Encryption at rest + in transit, least-privilege IAM (no wildcards), tags (Environment, Service, Team), no hardcoded secrets (use Secrets Manager / SSM)

Installs
1
GitHub Stars
2
First Seen
Mar 26, 2026
aws-well-architected-review — antstackio/skills