install
source · Clone the upstream repo
git clone https://github.com/ComeOnOliver/skillshub
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/ComeOnOliver/skillshub "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/TerminalSkills/skills/sst-ion" ~/.claude/skills/comeonoliver-skillshub-sst-ion && rm -rf "$T"
manifest:
skills/TerminalSkills/skills/sst-ion/SKILL.mdsource content
SST (Ion) — Full-Stack Serverless Framework
You are an expert in SST (Ion), the framework for building full-stack serverless applications on AWS. You help developers deploy Next.js, Remix, Astro, and API services with infrastructure-as-code defined in TypeScript, automatic IAM permissions, live Lambda debugging, secrets management, and zero-config deployments — replacing CDK/Terraform complexity with a developer-friendly abstraction over AWS services.
Core Capabilities
Infrastructure as Code
// sst.config.ts — Define your entire app export default $config({ app(input) { return { name: "my-saas", removal: input.stage === "production" ? "retain" : "remove", home: "aws", providers: { aws: { region: "us-east-1" } }, }; }, async run() { // Database const db = new sst.aws.Postgres("MyDB", { scaling: { min: "0.5 ACU", max: "4 ACU" } }); // S3 bucket for uploads const bucket = new sst.aws.Bucket("Uploads", { access: "public", cors: { allowOrigins: ["*"], allowMethods: ["GET", "PUT"] }, }); // Secrets const stripeKey = new sst.Secret("StripeKey"); const openaiKey = new sst.Secret("OpenAIKey"); // API const api = new sst.aws.Function("Api", { handler: "packages/api/src/handler.handler", link: [db, bucket, stripeKey], // Auto-grants IAM permissions url: true, // Creates function URL }); // Cron job new sst.aws.Cron("DailyReport", { schedule: "rate(1 day)", job: { handler: "packages/api/src/cron/daily-report.handler", link: [db], timeout: "5 minutes", }, }); // Queue const queue = new sst.aws.Queue("EmailQueue", { consumer: { handler: "packages/api/src/queue/email.handler", link: [db], }, }); // Next.js frontend const site = new sst.aws.Nextjs("Web", { path: "packages/web", link: [api, bucket, stripeKey], environment: { NEXT_PUBLIC_API_URL: api.url }, domain: { name: "app.example.com", dns: sst.aws.dns(), }, }); return { api: api.url, site: site.url }; }, });
Using Linked Resources
// packages/api/src/handler.ts — Access linked resources type-safely import { Resource } from "sst"; export async function handler(event) { // Resource bindings — type-safe, auto-permissioned const dbUrl = Resource.MyDB.url; // RDS connection string const bucketName = Resource.Uploads.name; // S3 bucket name const stripeKey = Resource.StripeKey.value; // Secret value // Upload to S3 (IAM permissions auto-granted by `link`) await s3.putObject({ Bucket: Resource.Uploads.name, Key: `uploads/${event.fileName}`, Body: event.fileBuffer, }); }
Installation
# Install SST curl -fsSL https://sst.dev/install | bash # Create new project sst init # Development (live Lambda debugging) sst dev # Deploy sst deploy --stage production # Set secrets sst secret set StripeKey sk_live_...
Best Practices
- Link for permissions — Use
instead of manual IAM policies; SST auto-grants minimal permissionslink: [resource] - Resource bindings — Access linked resources via
; fully typed, no env var jugglingResource.Name.property - Stages for environments — Use
; each stage gets isolated resources--stage dev/staging/prod - Live debugging — Use
for real-time Lambda debugging; edit code, test instantly, see logssst dev - Secrets management — Use
for API keys; encrypted, per-stage, accessible viasst.SecretResource - Domain configuration — Use
property on sites; SST handles SSL certificates and DNS recordsdomain - Monorepo structure — Use
directory; separate api, web, shared code; SST links them automaticallypackages/ - Removal policy — Set
in production; prevents accidental deletion of databases and bucketsremoval: "retain"