The Agent Skills Directory

AWS Resource Management: The skill utilizes the call_aws tool to execute standard AWS CLI commands for creating and configuring SNS topics and CloudWatch alarms. This is the intended functionality for managing cloud infrastructure.
Security Control Implementation: The instructions include a specific step to enable encryption at rest for SNS topics using AWS KMS (alias/aws/sns). This ensures that notification data is protected according to security best practices.
Access Policy Configuration: The skill guides the user through setting up SNS topic policies that grant the CloudWatch service the necessary permissions to publish alerts. This follows the principle of least privilege by specifying the service principal.
Data Ingestion Surface: The skill ingests data from existing AWS resource configurations via describe-alarms. While this represents an external data surface, it is used locally to verify state before proceeding with configuration updates.

setting-up-cloudwatch-alarm-notifications