Skip to content

Comments

feat(deploy-on-aws): enhance with CDK best practices, monitoring, and validation#35

Open
zxkane wants to merge 9 commits intoawslabs:mainfrom
zxkane:enhance-deploy-on-aws
Open

feat(deploy-on-aws): enhance with CDK best practices, monitoring, and validation#35
zxkane wants to merge 9 commits intoawslabs:mainfrom
zxkane:enhance-deploy-on-aws

Conversation

@zxkane
Copy link

@zxkane zxkane commented Feb 18, 2026

Summary

Enhance the deploy-on-aws plugin with CDK development best practices, post-deployment monitoring patterns, and a pre-deployment validation script. These additions strengthen the existing deployment workflow without changing existing behavior.

Related

Contributes patterns from community CDK and operational best practices to improve the deploy-on-aws plugin quality.

Changes

New reference files:

  • references/cdk-best-practices.md — CDK patterns for resource naming, Lambda constructs, IAM grants, construct levels, cdk-nag validation, testing, stack organization, and anti-patterns
  • references/monitoring.md — Post-deployment CloudWatch alarm patterns for Lambda, ECS/Fargate, ALB, and RDS/Aurora with threshold guidelines and dashboard recommendations

New script:

  • scripts/validate-stack.sh — Pre-deployment CDK stack validation (language detection, synthesis verification, template size/resource count checks, cdk-nag integration detection)

Enhanced SKILL.md:

  • Extended workflow from 5 steps to 7 (added Validate and Monitor steps)
  • Added CDK Best Practices section with key rules
  • Added Pre-Deployment Validation checklist
  • Added Error Handling section (validation failures, deployment failures)
  • Added YAML frontmatter tags and examples per Design Guidelines
  • Added references to new files

Updated metadata:

  • Bumped version to 1.1.0 (minor: backward-compatible new features)
  • Updated description and keywords in plugin.json and marketplace.json

Design Guidelines Compliance

  • SKILL.md: 139 lines (limit: 300 recommended / 500 max)
  • New reference files: 63 and 69 lines (limit: 100)
  • YAML frontmatter: name, description, tags, examples
  • No vague language
  • Defaults explicitly specified
  • Error handling documented
  • Cross-references valid (mise run lint:cross-refs)
  • Manifests valid (mise run lint:manifests)
  • Format check passes (mise run fmt:check)

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.

…script

Add CDK development best practices distilled from community patterns:
- Resource naming conventions (let CDK generate names)
- Lambda construct selection (NodejsFunction, PythonFunction)
- IAM permission patterns (grant methods over raw policies)
- Pre-deployment validation with cdk-nag integration
- Testing patterns (snapshot and fine-grained assertions)
- Stack organization guidelines
- Common anti-patterns to avoid

Add validate-stack.sh script for pre-deployment CDK stack validation:
- Language detection (TypeScript, Python, Java, Go, C#)
- CDK synthesis verification
- Template size and resource count checks
- cdk-nag integration detection
Add post-deployment monitoring patterns for deployed AWS resources:
- CloudWatch alarm configurations by service type
  (Lambda, ECS/Fargate, ALB, RDS/Aurora)
- Alarm threshold guidelines (warning vs critical)
- SNS notification setup for alarm actions
- Production dashboard layout recommendations
- Environment-aware monitoring (dev: basic alerts, prod: full observability)
…ing steps

Update SKILL.md to integrate new capabilities into the workflow:
- Add Validate step between Generate and Deploy
- Add Monitor step after Deploy for post-deployment observability
- Document awscdk MCP server usage
- Add CDK best practices section with key rules
- Add pre-deployment validation checklist
- Reference new cdk-best-practices.md, monitoring.md, and
  validate-stack.sh
- Bump plugin version from 1.0.0 to 1.1.0 (new features, backward compatible)
- Update description to mention CDK best practices and monitoring
- Add monitoring and cloudwatch keywords for discoverability
- Update marketplace.json to match plugin.json
- Rename LANG variable to CDK_LANG to avoid shadowing POSIX locale
- Remove TypeScript-biased synthesis command; use generic 'cdk synth'
  which reads the app command from cdk.json for all languages
Address review feedback:
- Add Error Handling section covering MCP server failures,
  validation failures, and deployment failures
- Add tags and examples to YAML frontmatter per DESIGN_GUIDELINES
- Fix inaccurate claim that validate-stack.sh runs security scans;
  clarify it handles synthesis validation while checkov/cfn-nag
  run separately
@zxkane zxkane requested a review from a team February 18, 2026 03:27
@zxkane zxkane requested review from a team as code owners February 18, 2026 03:27
Copy link
Contributor

@theagenticguy theagenticguy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! One small nit on the frontmatter

---
name: deploy
description: "Deploy applications to AWS. Triggers on phrases like: deploy to AWS, host on AWS, run this on AWS, AWS architecture, estimate AWS cost, generate infrastructure. Analyzes any codebase and deploys to optimal AWS services."
tags:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! You're right — tags and examples are not valid frontmatter fields per the Agent Skills specification or the Claude Code docs. Only name, description, license, compatibility, metadata, and allowed-tools are defined.

I was following the suggestion in DESIGN_GUIDELINES.md which mentions tags/examples, but that appears to be aspirational rather than spec-compliant.

Removed in the latest commit — frontmatter now only has name and description.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will update the design guidelines to be more clear, thanks @zxkane ! Will add validation as well to fail the build in case something is not spec compliant

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

guidelines were updated

theagenticguy and others added 3 commits February 18, 2026 11:24
Remove tags and examples from SKILL.md frontmatter — these are not
valid fields per the Agent Skills specification (agentskills.io) or
Claude Code docs. Only name and description are required.
@@ -0,0 +1,63 @@
# CDK Best Practices
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Q: does this conflict with the cdk_best_practices tool exposed by the IaC MCP server ?


## Pre-Deployment Validation

Before deploying, run these checks in order:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Q: similar question, does this conflict with the tools exposed by the IaC mcp server ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants