SOTA Cloud Infrastructure

Purpose

This skill encodes the 2026 state of the art for cloud infrastructure architecture: organizational structure, identity, networking, compute selection, data placement, cost, and resilience. Every rule exists to prevent a real failure class — blast-radius spread, credential theft, public data exposure, egress bill shock, unmeetable RTOs, or a Kubernetes cluster nobody needed.

Boundaries with sibling skills — reference, do not duplicate:

• sota-devsecops owns CI/CD pipelines, IaC scanning, Terraform state security, GitOps.
• sota-sandboxing owns container/runtime hardening (seccomp, rootless, distroless).
• sota-observability owns monitoring, alerting, SLOs, tracing.
• sota-databases owns database engine selection, schema, and query design.
• sota-secrets-management owns secret storage and rotation mechanics.

This skill owns: what accounts/networks/identities/compute/storage exist, how they connect, what they cost, and how they survive failure.