Adk Infra Expert

Overview

Provision production-grade Vertex AI ADK infrastructure with Terraform: secure networking, least-privilege IAM, Agent Engine runtime, Code Execution sandbox defaults, and Memory Bank configuration. Use this skill to generate/validate Terraform modules and a deployment checklist that matches enterprise security constraints (including VPC Service Controls when required).

Prerequisites

Before using this skill, ensure:

Google Cloud project with billing enabled
Terraform 1.0+ installed
gcloud CLI authenticated with appropriate permissions
Vertex AI API enabled in target project
VPC Service Controls access policy created (for enterprise)
Understanding of Agent Engine architecture and requirements

Instructions

Initialize Terraform: Set up backend for remote state storage
Configure Variables: Define project_id, region, agent configuration
Provision VPC: Create network infrastructure with Private Service Connect
Set Up IAM: Create service accounts with least privilege roles
Deploy Agent Engine: Configure runtime with code execution and memory bank
Enable VPC-SC: Apply service perimeter for data exfiltration protection
Configure Monitoring: Set up Cloud Monitoring dashboards and alerts
Validate Deployment: Test agent endpoint and verify all components

Output

Configuration files or code changes applied to the project
Validation report confirming correct implementation
Summary of changes made and their rationale

See Terraform implementation details for output format specifications.

Error Handling

See ${CLAUDE_SKILL_DIR}/references/errors.md for comprehensive error handling.

Examples

See ${CLAUDE_SKILL_DIR}/references/examples.md for detailed examples.

Resources

Agent Engine: https://cloud.google.com/vertex-ai/generative-ai/docs/agent-engine/overview
VPC-SC: https://cloud.google.com/vpc-service-controls/docs
Terraform Google Provider: https://registry.terraform.io/providers/hashicorp/google/latest
ADK Terraform examples in ${CLAUDE_SKILL_DIR}/examples/

adk-infra-expert