The Agent Skills Directory

Structured Workflow and Approval Gates: The skill follows a sequential workflow (Research, Plan, Verification, IaC Generation, and Deployment). Critically, it implements a status-based gate system where deployment and code generation require the plan status to be explicitly 'approved' by the user, preventing unintended or automated infrastructure changes.
Adherence to Security Best Practices: The instructions prioritize the Azure Well-Architected Framework (WAF). It specifically guides the user toward secure configurations, such as using Managed Identities for service-to-service authentication instead of hardcoded keys, and enabling protection features like soft-delete and purge protection for sensitive resources like Key Vault.
Robust Verification Phase: The skill includes a dedicated verification phase that cross-checks infrastructure plans against a comprehensive list of constraints. This includes naming convention checks, dependency resolution, and SKU compatibility, which helps ensure the resulting infrastructure is stable and compliant.
Standard Tooling and Documentation: The skill utilizes standard, industry-recognized tools such as the Azure CLI, Terraform, and Bicep for their intended purposes. It fetches documentation and schema information from official and established technical sources to ensure the accuracy of the generated infrastructure code.
Least Privilege and Isolation: Resource pairing constraints are documented to ensure services are correctly isolated (e.g., requiring dedicated subnets for Azure Firewall and Bastion) and that network policies are appropriately applied to private endpoints.

azure-enterprise-infra-planner