惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

G
GRAHAM CLULEY
V
V2EX
WordPress大学
WordPress大学
博客园 - Franky
Last Week in AI
Last Week in AI
博客园 - 司徒正美
有赞技术团队
有赞技术团队
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园 - 【当耐特】
V
Visual Studio Blog
C
CERT Recently Published Vulnerability Notes
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Jina AI
Jina AI
Attack and Defense Labs
Attack and Defense Labs
腾讯CDC
The Hacker News
The Hacker News
Hugging Face - Blog
Hugging Face - Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
J
Java Code Geeks
人人都是产品经理
人人都是产品经理
阮一峰的网络日志
阮一峰的网络日志
T
Tailwind CSS Blog
S
SegmentFault 最新的问题
大猫的无限游戏
大猫的无限游戏
小众软件
小众软件
A
Arctic Wolf
量子位
博客园 - 聂微东
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
N
News and Events Feed by Topic
雷峰网
雷峰网
博客园_首页
Google Online Security Blog
Google Online Security Blog
Spread Privacy
Spread Privacy
罗磊的独立博客
H
Hacker News: Front Page
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
月光博客
月光博客
TaoSecurity Blog
TaoSecurity Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 三生石上(FineUI控件)
宝玉的分享
宝玉的分享
IT之家
IT之家
The Cloudflare Blog
爱范儿
爱范儿
博客园 - 叶小钗
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Apple Machine Learning Research
Apple Machine Learning Research
酷 壳 – CoolShell
酷 壳 – CoolShell

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
OpenClaw on AWS for Beginners: How To Build An AI Agent That Deploys Your WordPress Multisite in Minutes With Just Three Services
Ntombizakhon · 2026-04-27 · via DEV Community

This is a submission for the OpenClaw Writing Challenge

Just Lightsail, IAM, and Route 53:

How My Agent Built My Site For Me In Minutes

AWS has over 200 services.
I used three.

No VPCs.
No EC2 security groups.
No CloudFormation templates.
No Lambda functions.
No S3 bucket policies.

Just Lightsail to run things, IAM to grant permissions, and Route 53 for DNS.

That's the entire infrastructure for an AI Agent that builds WordPress Multisite installations and writes SEO blog content from scratch, in under 30 minutes, for people who've never touched a server.

This is the story of how I built it with OpenClaw, and why staying in the shallow end of AWS was the whole point.


The Problem I Wanted To Solve

The monotony of manual labor...
Setting up WordPress Multisite manually is a multi-hour ordeal even for developers. You SSH into a server, edit wp-config.php by hand, hope you didn't miss a semicolon, configure Apache, set up a static IP, mess with DNS records, install SSL, restart services, Google the error, and try again.

For a beginner? It's a wall.
Most people give up somewhere between "what's SSH?" and "Error establishing database connection."

I didn't want to write another tutorial that people would bookmark and never finish. I wanted to build an AI agent that does the whole thing for you step by step, in plain language, while explaining everything along the way. And I wanted it to run entirely in the cloud so beginners don't need to install anything on their computer.


Why Lightsail (and only Lightsail)

Most AWS tutorials assume you're comfortable with the full ecosystem. They'll casually tell you to "create a VPC with two subnets" or "configure a security group with the following inbound rules" as if that's a normal thing beginners do on a Sunday afternoon...even though it's quite simple, it's just too many services and a confusing dashboard.

Lightsail exists specifically to avoid that.
It's AWS for people who don't want to think about AWS:

  • Fixed monthly pricing.
  • Instances that just work.
  • Networking that's already configured.
  • A console that doesn't require a PhD to navigate.

For this project, Lightsail gave me everything I needed:

  1. An OpenClaw Instance: AWS has an official OpenClaw blueprint. Click create, pick the blueprint, and you have a running AI gateway in two minutes.
    No Docker, no environment variables, no dependency hell.

  2. A WordPress Instance: same deal. Bitnami WordPress blueprint. Click, wait, done.

  3. Static IPs: free while attached to an instance.

  4. Firewall Rules: built into the instance management page.
    No security group rabbit holes.

  5. Browser-Based SSH: click "Connect using SSH" and you're in.
    No key management, no PuTTY, no terminal setup.

The only other AWS services I touched were IAM (to grant the OpenClaw instance permission to create Lightsail resources and use Bedrock) and Route 53 (for DNS, and only if you want a custom domain).
That's it.
Three services.
The rest of AWS might as well not exist for this project.


What I Built

An OpenClaw agent with two skills:

Skill 1

WordPress Multisite Builder

An 8-phase guided workflow that walks beginners through creating a Lightsail instance, configuring WordPress, enabling multisite, setting up domains, and installing SSL. Uses browser automation to navigate the AWS console and SSH to configure the server.

Skill 2

Blog Content Engine

A 6-phase content generation system that researches what people are searching for in your niche, writes SEO-optimized blog posts, and publishes them directly to your WordPress site via WP-CLI.

The whole thing runs on a Lightsail OpenClaw instance.
No local install.
You chat with the agent from a browser dashboard, Telegram, or WhatsApp, and it builds your website and writes your content.

The Architecture

You (browser / Telegram / WhatsApp)
    │
    ▼
Lightsail OpenClaw Instance (~$12/mo)
    │  Amazon Bedrock → Claude Opus 4.6
    │
    ├── browser tool ──► AWS Lightsail Console + WordPress Admin
    ├── exec tool ─────► SSH + WP-CLI on the WordPress server
    ├── web_search ────► Keyword research + trending topics
    ├── web_fetch ─────► Competitor analysis + content research
    └── file I/O ──────► Progress tracking, content calendar, posts
    │
    ▼
Lightsail WordPress Instance (~$12/mo)
    └── WordPress Multisite with auto-generated content

Enter fullscreen mode Exit fullscreen mode

Two Lightsail instances.
One IAM role.
Optionally Route 53 for DNS.


How I Built It

Step By Step Guide

Step 1: The OpenClaw Instance

I went to the Lightsail console, clicked "Create instance," picked the OpenClaw blueprint under Linux/Unix, selected the 2 GB plan (~$12/month), named it WordPressAgent, and clicked Create.
Two minutes later it was running.

The pairing process was straightforward: click "Connect using SSH" to open a browser terminal, copy the dashboard URL and access token from the welcome message, paste the token into the dashboard, and approve the pairing prompts in the SSH terminal. Dashboard showed "OK."
Connected.

Step 2: Enabling Bedrock

The Lightsail OpenClaw blueprint comes pre-configured to use Amazon Bedrock you just need to grant the permissions. On the instance's "Getting started" tab, there's a "Copy the script" button. I copied it, launched CloudShell, pasted, and ran it. The script creates an IAM role (LightsailRoleFor-i-xxxxx) with Bedrock access.

I tested it by typing "Hello" in the OpenClaw dashboard chat. Got a response. Bedrock was working.

Step 3: The IAM Permission That Made Everything Click

Here's where I hit my first snag. The agent needed to create Lightsail resources (the WordPress instance, static IPs, etc.) but the IAM role only had Bedrock permissions. When I ran aws lightsail get-instances from the SSH terminal, I got:

AccessDeniedException: User is not authorized to perform: lightsail:GetInstances

Enter fullscreen mode Exit fullscreen mode

The fix was simple: I went to the IAM console, found the AmazonLightsailInstance role, clicked "Add permissions" → "Attach policies," searched for AmazonLightsailFullAccess, and attached it.

One policy. That's all it took.
Lightsail is self-contained: instances, networking, DNS, snapshots, key pairs, everything is under one permission set.
No cross-service IAM policies.
No resource-based permissions.
No condition keys.
This is what makes Lightsail great for beginners: the permission model is as simple as the service itself.

Step 4: Escaping The Sandbox

The next issue: OpenClaw told me it was "running in a sandboxed environment" and couldn't execute commands on the host. By default, OpenClaw runs tools inside a Docker container for security. That's smart for untrusted inputs, but it blocks the agent from doing real work.

Three config lines fixed it:

openclaw config set tools.exec.host gateway
openclaw config set tools.exec.ask off
openclaw config set tools.exec.security full
openclaw gateway restart

Enter fullscreen mode Exit fullscreen mode

This tells OpenClaw to run tools directly on the gateway host instead of in the sandbox. For a personal agent that only you control, this is the right tradeoff.

Alternatively, you can give your agent permission to use your browser and run commands during the initial Security setup process.

Step 5: Building The Agent Workspace

OpenClaw agents are defined by markdown files in a workspace directory. No code, no SDK, no compilation.
Just files that tell the agent who it is, how to behave, and what to do.

I created five core files by pasting them directly into the SSH terminal using cat > file << 'ENDOFFILE' blocks.
No git clone.
No file transfers.
No local tools needed.

IDENTITY.md — defines who the agent is:

You are WP Multisite Builder + Content Engine, an AI assistant that helps
complete beginners:

1. Set up WordPress Multisite on Amazon Lightsail
2. Research trending search topics and generate SEO-optimized blog posts
3. Publish content directly to their WordPress sites

Enter fullscreen mode Exit fullscreen mode

SOUL.md — defines the personality and safety rules. This was important because the agent is aimed at beginners:

## Personality
- Warm and encouraging, like a helpful friend who happens to know tech
- Never condescending. If someone doesn't know what SSH means, that's fine
- Celebrate small wins ("Nice, your instance is running!")

## Safety rules
- NEVER proceed without user confirmation on actions that:
  - Create or modify AWS resources (costs money)
  - Change passwords or security settings
  - Install software on their server
  - Modify WordPress configuration
- Always explain what something will cost before creating resources
- Never store or display AWS credentials in chat history

Enter fullscreen mode Exit fullscreen mode

AGENTS.md — the operating instructions and greeting message. When a user first connects, the agent says:

"Hey! I can help you with two things: set up a WordPress website that can run multiple sites all on Amazon Lightsail, or write blog posts based on what people are actually searching for. We can do both, or just one. What sounds good?"

TOOLS.md — a reference for which OpenClaw tools the agent uses: browser for navigating the Lightsail console and WordPress admin, exec for SSH and WP-CLI commands, web_search and web_fetch for keyword research and troubleshooting, and file I/O for saving progress.

Step 6: The WordPress Multisite Skill

This is the core of the project. I created skills/wp-multisite-lightsail/SKILL.md — an 8-phase guided workflow:

Phase 1: Pre-flight Checks. Confirms the user has an AWS account and login ready. If not, walks them through creating one.

Phase 2: Create a Lightsail Instance. The agent opens the Lightsail console using the browser tool, takes a snapshot of the page to identify clickable elements, and walks through instance creation: Linux/Unix platform, WordPress blueprint, $5/month plan. It stops and confirms the cost before clicking "Create instance," then waits for "Running" status.

Phase 3: Get WordPress Credentials. SSHs into the new instance and reads the default Bitnami password. Tells the user to write it down. Verifies WordPress loads in the browser.

Phase 4: Static IP. Creates and attaches a free static IP so the address doesn't change on restart.

Phase 5: Enable Multisite. This is the complex part that usually trips people up. The agent edits wp-config.php via SSH to add WP_ALLOW_MULTISITE, navigates to Tools → Network Setup in wp-admin via the browser, recommends subdirectories for beginners, applies the multisite configuration constants, updates .htaccess, and restarts Apache. It makes a backup of wp-config.php before any edits. But, it will choose the Multisite Instance from the get go, unless it doesn't.

Phase 6: Domain Setup. If the user has a domain, the agent guides them through DNS configuration at their registrar (using web_search to find the right settings page for GoDaddy, Namecheap, Cloudflare, Route53 etc.) and updates WordPress via WP-CLI.

Phase 7: SSL certificate. Runs Bitnami's bncert-tool for free Let's Encrypt SSL.

Phase 8: Wrap-up. Saves a summary with all URLs, login info, monthly costs, and next steps.

The skill also includes error handling for every common failure such database connection errors, SSH failures, SSL issues, missing config entries. The agent searches the web for solutions when it hits something unexpected.

Step 7: The Content Engine Skill

After the site is built, the agent offers to generate blog content. I created skills/blog-content-engine/SKILL.md with 6 phases:

Phase 1: Keyword Research. Asks the user their niche, then fires off multiple web_search queries to find trending questions, "People Also Ask" data, long-tail keywords, and competitor content. Compiles 10-15 keyword opportunities.

Phase 2: Content Planning. Creates outlines with titles, meta descriptions, target keywords, H2 structure, and FAQ sections.

Phase 3: Writing. Generates 1,200-2,000 word SEO-optimized posts with proper heading structure, keyword placement, short paragraphs, and 8th-grade reading level.

Phase 4: Publishing. Pushes to WordPress via WP-CLI (or browser fallback). For multisite, asks which subsite to target. Never auto-publishes without explicit approval.

Phase 5: Batch Generation. Handles multiple posts with a content calendar.

Phase 6: Ongoing Suggestions. Offers fresh trending topics each time the user comes back.

Step 8: Connecting Telegram and WhatsApp

After everything was working in the dashboard, I connected messaging channels so I could manage the site from my phone.

Telegram took about three minutes: create a bot via @botfather on Telegram, copy the bot token, run openclaw channels add in SSH, select Telegram, paste the token. Then configure the allowlist with my numeric Telegram user ID (get it from @userinfobot) and approve the pairing.

WhatsApp was even simpler: run openclaw channels add, select WhatsApp, scan the QR code with my phone's Linked Devices feature. Done.

Now I can message my bot on Telegram or WhatsApp and say "write a blog post about beginner gardening tips" and it researches, writes, and publishes all from my phone.


The Moment It All Worked

I opened the OpenClaw dashboard, typed "Help me set up WordPress Multisite," and the agent greeted me. It asked if I had an AWS account. It opened the Lightsail console in its browser.

It walked me through creating the instance, explaining every step. It confirmed the cost before clicking Create. It waited for the instance to boot. It SSHed in, grabbed the credentials, set up the static IP, edited the config files, enabled multisite, and verified everything worked.

Under 30 minutes. The whole thing. An AI agent, running on Lightsail, building a WordPress Multisite on another Lightsail instance, using browser automation and SSH. And I never left the Lightsail console (plus one quick trip to IAM to attach a policy).


What OpenClaw Gets Right

Skills Are Just Markdown. Each skill is a SKILL.md file with YAML frontmatter and instructions. No SDK, no compilation, no deployment pipeline. Write markdown, drop it in the workspace, restart the gateway. The agent picks it up on the next session. This is the right abstraction for teaching an agent how to do something complex.

Browser Automation Is Built In. Most AI agents are limited to APIs and CLIs. OpenClaw's browser tool controls an isolated Chromium instance: the agent can navigate web consoles, click buttons, fill forms, and take screenshots. That's a massive unlock for automating things that don't have an API, like the Lightsail console's instance creation wizard.

The Lightsail Blueprint Is A Cheat Code. Going from zero to a running AI gateway in two minutes, with Bedrock pre-configured, HTTPS auto-managed, and daily token rotation...that's the kind of developer experience that makes you want to build things.

Multi-Channel Is Trivial. Dashboard, Telegram, WhatsApp all connected in minutes. The agent doesn't care where the message comes from. Same skills, same personality, same workflow.

The "Confirm Before Acting" Pattern Works. My agent never creates resources or spends money without asking first. This isn't just good UX. It's the difference between a tool beginners trust and one they're afraid of.


What I Learned About Staying In The Shallow End

The biggest lesson: you don't need the deep ocean of AWS to build real things. The instinct is always to reach for EC2, VPCs, security groups, load balancers, auto-scaling groups. But for a personal AI agent running a WordPress site?

Lightsail does everything, and it does it without the cognitive overhead.

The permission model tells the story. I needed exactly two IAM policies: one for Bedrock (auto-created by the setup script) and AmazonLightsailFullAccess (one click in the IAM console). Compare that to the typical EC2 setup where you're writing JSON policy documents with resource ARNs and condition keys.

Route 53 was optional. Only needed if you want a custom domain. And even then, the agent handles the DNS configuration by guiding the user through their existing registrar.

Three services. That's the whole stack. And it's not a toy.
It's a production-capable AI agent that builds infrastructure, manages servers, and generates content.


Try It Yourself

Everything is reproducible. You need:

  1. An AWS account
  2. A Lightsail OpenClaw instance (2 GB plan, ~$12/month)
  3. AmazonLightsailFullAccess attached to the instance's IAM role
  4. The workspace files pasted into ~/.openclaw/workspace/ via SSH

The full deployment takes about 15 minutes. Here's the condensed version:

# After creating the OpenClaw instance, pairing, and enabling Bedrock:

# Create skill directories
mkdir -p ~/.openclaw/workspace/skills/wp-multisite-lightsail
mkdir -p ~/.openclaw/workspace/skills/blog-content-engine

# Paste each workspace file (IDENTITY.md, SOUL.md, AGENTS.md, TOOLS.md,
# and both SKILL.md files) using cat > file << 'ENDOFFILE' blocks

# Configure tool permissions
openclaw config set tools.exec.host gateway
openclaw config set tools.exec.ask off
openclaw config set tools.exec.security full
openclaw gateway restart

# Open the dashboard and type: "Help me set up WordPress Multisite"

Enter fullscreen mode Exit fullscreen mode

No GitHub repo needed.
No local install.
No dependencies.
Just an SSH terminal and some copy-paste.


The cost breakdown

Resource Monthly cost
OpenClaw Lightsail instance (2 GB) ~$12 (first 90 days free)
WordPress Lightsail instance (2 GB) ~$12 (first 90 days free)
Amazon Bedrock (Claude Opus 4.6) Pay per token
Static IPs Free (while attached)
SSL certificates Free (Let's Encrypt, auto-renews)
Domain name ~$15/year (optional)

About $25/month for the infrastructure, plus whatever Bedrock charges for the AI conversations. For a self-hosted AI agent that builds and manages WordPress sites and writes your blog content, that's a pretty good deal.


Where To Next?

Well, the foundation is solid. Some things I'm thinking about, dependent on your use case:

  • More Skills: WooCommerce setup, backup automation, security hardening, performance optimization
  • Multi-tenant: let the agent manage multiple WordPress Multisites for different clients if you're the entrepreneaurial sort.
  • Scheduled Content: use OpenClaw's cron tool to auto-research and draft posts on a schedule
  • Analytics Integration: pull Google Analytics data to inform content strategy

The possibilities are endless!
But honestly, the most exciting part is how accessible this is.

A beginner with an AWS account can have a working WordPress Multisite with AI-generated content in under an hour.
No terminal on their laptop.
No config files on their desktop.
No "install these 7 prerequisites first."

Just Lightsail, IAM, and Route 53.
The shallow end of AWS.
And it's plenty deep enough.


Built with OpenClaw on Amazon Lightsail. Powered by Amazon Bedrock (Claude Opus 4.6). Three AWS services. Zero Local Installs.