The Agent Skills Directory

Standard Command Execution: The skill utilizes official Azure CLI (az) and Terraform commands to manage resources. These actions are governed by a sequential workflow that includes syntax validation (az bicep build, terraform validate) and 'what-if' previews to ensure deployment safety and predictability.
Mandatory Approval Workflow: A robust governance model is implemented through a status lifecycle (draft → approved → deployed). The agent is explicitly instructed to stop and seek user approval before generating infrastructure code or executing deployments, preventing unauthorized or accidental resource provisioning.
Best Practice Alignment (WAF): The skill integrates specific tools for retrieving Azure best practices and service-specific WAF guides. It includes a dedicated security checklist that mandates hardening measures like disabling local authentication, enabling soft-delete on Key Vaults, and prioritizing managed identities for service-to-service communication.
Secure Credential Handling: Generated infrastructure code is required to use secure parameter decorators (e.g., @secure() in Bicep) for sensitive data. The skill discourages the use of hardcoded keys and instead promotes the use of Azure Key Vault and RBAC-based access controls.
Trusted Resource Sourcing: Documentation and naming rules are fetched exclusively from verified Microsoft Learn domains and official MCP tools, ensuring that the guidance used to build the environment is authoritative and current.

azure-enterprise-infra-planner