Build Azure cloud infrastructure and DevOps pipelines from scratch through production. Full lifecycle - provision, configure, deploy, monitor, secure, optimize. CLI-based with Azure CLI, Bicep/Terraform, and DevOps best practices.
View on GitHubskills/azure-cloud-architect/SKILL.md
February 2, 2026
Select agents to install to:
npx add-skill https://github.com/waelouf/dev-architect/blob/main/skills/azure-cloud-architect/SKILL.md -a claude-code --skill azure-cloud-architectInstallation paths:
.claude/skills/azure-cloud-architect/<essential_principles> ## How Azure DevOps Architecture Works ### 1. Infrastructure as Code is the Source of Truth All Azure resources MUST be defined in code (Bicep, Terraform, or ARM templates). Never create resources manually in the portal for production - manual changes create configuration drift and are impossible to replicate or version control. **Use Bicep when:** - Azure-only infrastructure - You want the newest Azure features immediately - Team prefers native Azure tooling - No state file management complexity **Use Terraform when:** - Multi-cloud or hybrid environments - Need mature ecosystem and community modules - Require advanced state management and drift detection - Team has existing Terraform expertise ### 2. Azure CLI First, Portal Never Use Azure CLI (`az`) for all operations. The portal is for viewing and understanding, not for making changes. CLI commands are: - Repeatable and scriptable - Version controlled - Auditable - Automatable in CI/CD pipelines ### 3. Security by Default **Never hardcode secrets.** Use: - Azure Key Vault for secrets, keys, and certificates - Managed Identity for authentication (no credentials in code) - RBAC for access control (principle of least privilege) - Azure AD integration for user authentication RBAC has replaced legacy access policies. Always use RBAC permission model for Key Vault and other resources. ### 4. Cost Consciousness Azure costs accumulate quickly. Every architectural decision has cost implications: - Right-size resources (don't over-provision) - Use auto-scaling to match actual demand - Implement auto-shutdown for non-production resources - Use Reserved Instances/Savings Plans for predictable workloads - Tag all resources for cost allocation and tracking ### 5. Multi-Environment Architecture Design for multiple environments from day one: - **Dev**: Rapid iteration, minimal cost, auto-shutdown - **Staging**: Production-like, for integration testing - **Production**: High availability, disa