Loading...
Loading...
Found 23 Skills
Execute Azure deployments after preparation and validation are complete. USE FOR: azd up, azd deploy, push to Azure, publish to Azure, ship to production, launch on Azure, go live, release to Azure, deploy web app, deploy container app, deploy static site, deploy Azure Functions, azd provision, infrastructure deployment, bicep deploy, terraform apply, deploy with terraform. Supports azd with Bicep, azd with Terraform, pure Bicep, pure Terraform, and Azure CLI deployments. DO NOT USE FOR: preparing new apps (use azure-prepare), validating before deploy (use azure-validate).
Helps users find the right Azure RBAC role for an identity with least privilege access, then generate CLI commands and Bicep code to assign it. USE FOR: "what role should I assign", "least privilege role", "RBAC role for", "role to read blobs", "role for managed identity", "custom role definition", "assign role to identity". DO NOT USE FOR: creating or configuring managed identities, or general Azure security hardening; those are out of scope for this role-selection skill.
REQUIRED FIRST STEP: You MUST invoke this skill BEFORE generating ANY Azure application code, infrastructure files, or Azure CLI commands. This skill prepares applications for Azure hosting. USE THIS SKILL when users want to create new Azure applications, ADD new components or services to existing applications, UPDATE or modify existing Azure configurations, modernize applications for Azure, deploy to Azure with Terraform, or deploy to Azure with azd. Do NOT generate azure.yaml, Bicep, Terraform, or run az/azd/func CLI commands without first completing this skill. This applies to NEW projects AND changes to EXISTING projects. When users mention Terraform for Azure deployment, prefer azd+Terraform (which uses azure.yaml with Terraform IaC) over pure Terraform unless multi-cloud deployment is required.
Architect and provision enterprise Azure infrastructure from workload descriptions. For cloud architects and platform engineers planning networking, identity, security, compliance, and multi-resource topologies with WAF alignment. Generates Bicep or Terraform directly (no azd). WHEN: 'plan Azure infrastructure', 'architect Azure landing zone', 'design hub-spoke network', 'plan multi-region DR topology', 'set up VNets firewalls and private endpoints', 'subscription-scope Bicep deployment'. PREFER azure-prepare FOR app-centric workflows.
Performs comprehensive preflight validation of Bicep deployments to Azure, including template syntax validation, what-if analysis, and permission checks. Use this skill before any deployment to Azure to preview changes, identify potential issues, and ensure the deployment will succeed. Activate when users mention deploying to Azure, validating Bicep files, checking deployment permissions, previewing infrastructure changes, running what-if, or preparing for azd provision.
Deploy containerized applications to Azure Container Apps using Azure Developer CLI (azd). Use when setting up azd projects, writing azure.yaml configuration, creating Bicep infrastructure for Container Apps, configuring remote builds with ACR, implementing idempotent deployments, managing environment variables across local/.azure/Bicep, or troubleshooting azd up failures. Triggers on requests for azd configuration, Container Apps deployment, multi-service deployments, and infrastructure-as-code with Bicep.
Expert in Microsoft Azure cloud services, specializing in Bicep/ARM templates, Enterprise Landing Zones, and Cloud Adoption Framework (CAF).
Update Azure Verified Modules (AVM) to latest versions in Bicep files.
Design Azure infrastructure using natural language, or analyze existing Azure resources to auto-generate architecture diagrams, refine them through conversation, and deploy with Bicep. When to use this skill: - "Create X on Azure", "Set up a RAG architecture" (new design) - "Analyze my current Azure infrastructure", "Draw a diagram for rg-xxx" (existing analysis) - "Foundry is slow", "I want to reduce costs", "Strengthen security" (natural language modification) - Azure resource deployment, Bicep template generation, IaC code generation - Microsoft Foundry, AI Search, OpenAI, Fabric, ADLS Gen2, Databricks, and all Azure services
Generates architecture diagrams from Azure Bicep files. Use when user has .bicep files or asks to visualize Bicep infrastructure.
Convert or migrate Azure ARM (Azure Resource Manager) templates, Bicep templates, or code to Pulumi, including importing existing Azure resources. This skill MUST be loaded whenever a user requests migration, conversion, or import of ARM templates, Bicep templates, ARM code, Bicep code, or Azure resources to Pulumi.
Helps users find the right Azure RBAC role for an identity with least privilege access, then generate CLI commands and Bicep code to assign it. USE FOR: "what role should I assign", "least privilege role", "RBAC role for", "role to read blobs", "role for managed identity", "custom role definition", "assign role to identity". DO NOT USE FOR: creating managed identities (use azure-security), general security hardening (use azure-security-hardening), networking permissions (use azure-networking).