Skip to main content
The ask command allows you to query your cloud infrastructure using natural language. The AI analyzes your question, determines what operations are needed, executes them, and provides a comprehensive response.

Usage

clanker ask [question] [flags]

Examples

# Query EC2 instances
clanker ask "What EC2 instances are running?"

# Check Lambda functions with errors
clanker ask "Show me lambda functions with high error rates"

# RDS instance status
clanker ask "What's the current RDS instance status?"

Cloud provider flags

--aws
boolean
default:"false"
Include AWS infrastructure context in the query
--gcp
boolean
default:"false"
Include GCP infrastructure context in the query
--azure
boolean
default:"false"
Include Azure infrastructure context in the query
--cloudflare
boolean
default:"false"
Include Cloudflare infrastructure context in the query
--github
boolean
default:"false"
Include GitHub repository context in the query
--terraform
boolean
default:"false"
Include Terraform workspace context in the query
--iam
boolean
default:"false"
Route query to IAM agent for security analysis

AWS-specific flags

--profile
string
AWS profile to use for infrastructure queries
--discovery
boolean
default:"false"
Run comprehensive infrastructure discovery across all AWS services
--compliance
boolean
default:"false"
Generate compliance report showing all services, ports, and protocols (SSP format)

GCP-specific flags

--gcp-project
string
GCP project ID to use for infrastructure queries

Azure-specific flags

--azure-subscription
string
Azure subscription ID to use for infrastructure queries

IAM-specific flags

--role-arn
string
Scope IAM query to a specific role ARN
--policy-arn
string
Scope IAM query to a specific policy ARN

Terraform flags

--workspace
string
Terraform workspace to use for infrastructure queries

AI provider flags

--ai-profile
string
AI profile to use (overrides config default)
--openai-key
string
OpenAI API key (overrides config)
--anthropic-key
string
Anthropic API key (overrides config)
--gemini-key
string
Gemini API key (overrides config and env vars)
--deepseek-key
string
DeepSeek API key (overrides config)
--minimax-key
string
MiniMax API key (overrides config)
--openai-model
string
OpenAI model to use (overrides config)
--anthropic-model
string
Anthropic model to use (overrides config)
--gemini-model
string
Gemini model to use (overrides config)
--deepseek-model
string
DeepSeek model to use (overrides config)
--minimax-model
string
MiniMax model to use (overrides config)

Maker mode flags

--maker
boolean
default:"false"
Generate an AWS, GCP, Azure, or Cloudflare CLI plan (JSON) for infrastructure changes instead of executing a query
--destroyer
boolean
default:"false"
Allow destructive operations when using --maker (requires explicit confirmation)
--apply
boolean
default:"false"
Apply an approved maker plan (reads from stdin unless --plan-file is provided)
--plan-file
string
Path to maker plan JSON file for --apply

Advanced flags

--agent-trace
boolean
default:"false"
Show detailed coordinator agent lifecycle logs (overrides config)
--route-only
boolean
default:"false"
Return routing decision as JSON without executing (for backend integration)

Discovery mode

Discovery mode enables comprehensive infrastructure analysis: 
clanker ask --discovery "Show me all AWS services"
This automatically:
  • Enables AWS and Terraform contexts
  • Scans all active AWS services
  • Includes IAM roles and permissions
  • Provides complete infrastructure inventory

Compliance mode

Generate SSP (System Security Plan) compliance reports: 
clanker ask --compliance
Output includes:
  • Reference number for each service
  • System name and vendor
  • Ports and protocols used
  • External IP addresses
  • Security measures and mitigations
  • Hosting environment details
  • Risk/impact analysis

Tool calling

When AWS or GitHub contexts are enabled, the AI can execute operations: 
# AI will call AWS APIs to list instances
clanker ask --aws "Show me all EC2 instances in us-west-2"

# AI will call GitHub APIs to list workflows
clanker ask --github "Show me failed workflow runs"

Output

The command outputs markdown-formatted responses with:
  • Structured tables for resource listings
  • Code blocks for configuration details
  • Links to relevant documentation
  • Actionable recommendations

See also

Build docs developers (and LLMs) love

Get started for freeTalk to us