ibm-cloud
IBM Cloud
Systematic IBM Cloud platform guidance for enterprise cloud infrastructure, covering compute, storage, databases, networking, security, and operational best practices.
Workflow Decision Tree
Choose your path based on the task:
1. Service Category Selection
Compute & Containers → Load compute-services.md
- Virtual Private Cloud (VPC) and Virtual Server Instances
- IBM Kubernetes Service (IKS) and Red Hat OpenShift
- Code Engine (serverless containers) and Cloud Functions
Storage → Load storage-services.md
- Cloud Object Storage, Block Storage, File Storage
Databases → Load database-services.md
- Db2, Cloudant, PostgreSQL, MySQL, MongoDB, Redis
Security & Access → Load iam-security.md
- IAM, Resource Groups, Service IDs, Key Protect, Secrets Manager
Networking → Load networking.md
- VPC Networks, Load Balancers, DNS/CDN, Direct Link
2. Architecture & Deployment Patterns
High Availability → Multi-zone deployment across 3 availability zones Microservices → IKS/OpenShift with service mesh and ingress Serverless → Code Engine applications with auto-scaling Hybrid Cloud → Direct Link or VPN for on-premises connectivity
3. Common Operations
Initial Setup → Install CLI, authenticate, configure regions and resource groups Resource Provisioning → Use CLI, Terraform, or IBM Cloud Console Security Configuration → IAM policies, encryption, network security Monitoring → Set up logging, monitoring, and cost tracking
Core Concepts
Resource Hierarchy
Account → Resource Groups → Services/Resources → Access Groups (IAM)
Regions and Multi-Zone Architecture
- Primary Regions:
us-south,us-east,eu-gb,eu-de,jp-tok,au-syd - Availability Zones: 3 zones per region (e.g.,
us-south-1,us-south-2,us-south-3) - Best Practice: Deploy across multiple zones for high availability
Service Categories
- IaaS: VPC, Virtual Servers, Block/File Storage
- PaaS: IKS, OpenShift, Code Engine
- SaaS: Managed Databases, Watson AI, DevOps Tools
- Serverless: Code Engine, Cloud Functions
Quick Start
1. Install and Configure CLI
# Install CLI (macOS/Linux)
curl -fsSL https://clis.cloud.ibm.com/install/osx | sh
# Login
ibmcloud login
# Target region and resource group
ibmcloud target -r us-south -g my-resource-group
# Install common plugins
ibmcloud plugin install container-service vpc-infrastructure
2. Basic Resource Creation Pattern
# 1. Create VPC
ibmcloud is vpc-create my-vpc
# 2. Create resources (compute, storage, network)
ibmcloud is instance-create my-vsi ...
# 3. Configure IAM
ibmcloud iam ...
# 4. Deploy application
# 5. Set up monitoring
Essential Guidance
Security Best Practices
- IAM: Use Access Groups, apply least privilege, rotate API keys every 90 days
- Network: Use private endpoints, configure Security Groups and ACLs
- Data: Enable encryption at rest/transit, use Key Protect for key management
- Compliance: Choose regions for data residency requirements
Cost Optimization
- Right-size instances for workload requirements
- Use reserved capacity for predictable workloads
- Leverage serverless (Code Engine/Functions) for variable loads
- Select appropriate storage tiers (Standard, Vault, Cold Vault)
- Enable auto-scaling to match demand
- Set budget alerts and monitor usage
Reference Files
Load detailed guidance based on specific needs:
- compute-services.md: VPC, Virtual Servers, IKS, OpenShift, Code Engine, Cloud Functions
- storage-services.md: Object Storage, Block Storage, File Storage
- database-services.md: Db2, Cloudant, PostgreSQL, MySQL, MongoDB, Redis
- iam-security.md: IAM, Access Groups, Service IDs, Key Protect, Secrets Manager
- networking.md: VPC networking, Load Balancers, DNS/CDN, Direct Link
Support Resources
- Documentation: https://cloud.ibm.com/docs
- API Reference: https://cloud.ibm.com/apidocs
- Terraform Provider: https://registry.terraform.io/providers/IBM-Cloud/ibm
- CLI Reference: https://cloud.ibm.com/docs/cli
More from dauquangthanh/hanoi-rainbow
frontend-design-review
Conducts comprehensive frontend design reviews covering UI/UX design quality, design system validation, accessibility compliance, responsive design patterns, component library architecture, and visual design consistency. Evaluates design specifications, Figma/Sketch files, design tokens, interaction patterns, and user experience flows. Identifies usability issues, accessibility violations, design system deviations, and provides actionable recommendations for improvement. Produces detailed design review reports with severity-rated findings, visual examples, and implementation guidelines. Use when reviewing frontend designs, validating design systems, ensuring accessibility compliance, evaluating component libraries, assessing responsive designs, or when users mention design review, UI/UX review, Figma review, design system validation, accessibility audit, or frontend design quality.
276frontend-ui-ux-design
Creates comprehensive frontend UI/UX designs including user interfaces, design systems, component libraries, responsive layouts, and accessibility implementations. Produces wireframes, mockups, design specifications, and implementation guidelines. Use when designing user interfaces, creating design systems, building component libraries, implementing responsive designs, ensuring accessibility compliance, or when users mention UI design, UX design, interface design, design systems, user experience, or frontend design patterns.
168keycloak-administration
Provides comprehensive KeyCloak administration guidance including realm management, user/group administration, client configuration, authentication flows, identity brokering, authorization policies, security hardening, and troubleshooting. Covers SSO configuration, SAML/OIDC setup, role-based access control (RBAC), user federation (LDAP/AD), social login integration, multi-factor authentication (MFA), and high availability deployments. Use when configuring KeyCloak, setting up SSO, managing realms and clients, troubleshooting authentication issues, implementing RBAC, or when users mention "KeyCloak", "SSO", "OIDC", "SAML", "identity provider", "IAM", "authentication flow", "user federation", "realm configuration", or "access management".
165oracle-cloud
Provides comprehensive Oracle Cloud Infrastructure (OCI) guidance including compute instances, networking (VCN, load balancers, VPN), storage (block, object, file), database services (Autonomous Database, MySQL, NoSQL), container orchestration (OKE), identity and access management (IAM), resource management, cost optimization, and infrastructure as code (Terraform OCI provider, Resource Manager). Produces infrastructure code, deployment scripts, configuration guides, and architectural diagrams. Use when designing OCI architecture, provisioning cloud resources, migrating to Oracle Cloud, implementing OCI security, setting up OCI databases, deploying containerized applications on OKE, managing OCI resources, or when users mention "Oracle Cloud", "OCI", "Autonomous Database", "VCN", "OKE", "OCI Terraform", "Resource Manager", "Oracle Cloud Infrastructure", or "OCI migration".
83backend-design
Designs comprehensive backend systems including RESTful APIs, microservices, database architecture, authentication/authorization, caching strategies, message queues, and scalability patterns. Produces API specifications, database schemas, architecture diagrams, and implementation guides. Use when designing backend services, APIs, data models, distributed systems, authentication flows, or when users mention backend architecture, API design, database design, microservices, or server-side development.
55requirement-review
Conducts comprehensive requirements review including completeness validation, clarity assessment, consistency checking, testability evaluation, and standards compliance. Produces detailed review reports with findings, gaps, conflicts, and improvement recommendations. Use when reviewing requirements documents (BRD, SRS, user stories), validating acceptance criteria, assessing requirements quality, identifying gaps and conflicts, or ensuring standards compliance (IEEE 830, INVEST criteria). Trigger when users mention "review requirements", "validate requirements", "check requirements quality", "find requirement issues", or "assess BRD/SRS quality".
52