Explore 100+ Skills

Analyze CPU/memory utilization and recommend optimal instance types to reduce spend by 20-40%.

Detect unattached EBS volumes across all regions and estimate monthly savings.

Analyze on-demand usage patterns and recommend RI or Savings Plan purchases.

Identify objects eligible for Glacier, Infrequent Access, or Intelligent-Tiering.

Find ELBs/ALBs with zero or minimal traffic to eliminate unnecessary costs.

Identify high-cost NAT Gateway data transfer and suggest VPC endpoint alternatives.

Scan IAM policies for overly permissive rules, unused permissions, and privilege escalation paths.

Detect security groups with 0.0.0.0/0 ingress rules on sensitive ports.

Monitor certificate expiration dates and validate TLS configurations across domains.

Identify stale secrets in Secrets Manager and enforce rotation schedules.

Scan all S3 buckets for public access configurations and ACL misconfigurations.

Ensure CloudTrail logging is enabled in all regions with proper S3 delivery.

Gracefully rolling-restart deployments with health checks and rollback support.

Schedule and run PostgreSQL VACUUM ANALYZE to reclaim storage and update statistics.

Configure and enforce log rotation policies across EC2 instances and containers.

Automate AMI creation, tagging, and deregistration based on retention policies.

Validate Route53 records, detect orphaned entries, and check propagation status.

Scan resources for missing required tags and auto-apply default tagging policies.

Identify slow queries, missing indexes, and query plan regressions in RDS/Aurora.

Analyze CPU/memory requests vs actual usage to optimize Kubernetes resource limits.

Analyze CloudFront cache hit ratios and recommend header/TTL optimizations.

Detect high cold-start functions and recommend provisioned concurrency or optimization.

Trace API Gateway and Lambda execution to identify latency bottlenecks.

Monitor Redis/Memcached memory usage, eviction rates, and hit ratios.

Validate backup integrity by performing automated restore tests on a schedule.

Verify resources are properly distributed across availability zones for high availability.

Compare live infrastructure state against CloudFormation/Terraform definitions.

Verify scaling policies, cooldown periods, and target tracking configurations.

Validate health check configurations across ELBs, Route53, and ECS services.

Run automated DR drills including failover simulation and RTO/RPO measurement.

Calculate CO2 emissions from compute, storage, and network usage across regions.

Identify running instances, databases, and clusters with near-zero utilization.

Recommend workloads suitable for Spot instances and estimate interruption risk.

Suggest AWS regions with lower carbon intensity for workload placement.

Identify workloads that can migrate to ARM-based Graviton instances for efficiency.

Analyze usage patterns and configure time-based scaling to power down during off-hours.

Analyze Terraform plan output for destructive changes, security risks, and best practices.

Scan Dockerfiles for security vulnerabilities, layer optimization, and best practices.

Review GitHub Actions, GitLab CI, or Jenkins pipelines for security and efficiency.

Scan package dependencies for known CVEs and suggest patched versions.

Validate CloudFormation templates for syntax errors, security issues, and cost implications.

Audit Helm charts for Kubernetes best practices, resource limits, and security contexts.