Skip to main content
ClaudeWave
Skill374 repo starsupdated 6mo ago

deploying-on-azure

This Claude Code skill provides guidance for designing and implementing cloud architectures on Microsoft Azure using the Well-Architected Framework. It covers service selection across compute, storage, databases, messaging, networking, and governance, offering decision frameworks and best practices for building new Azure applications, migrating existing workloads, and optimizing costs and security within the Azure ecosystem.

View sourceRepository: ai-design-components
Install in Claude Code
Copy
git clone --depth 1 https://github.com/ancoleman/ai-design-components /tmp/deploying-on-azure && cp -r /tmp/deploying-on-azure/skills/deploying-on-azure ~/.claude/skills/deploying-on-azure
Then start a new Claude Code session; the skill loads automatically.
Definition

SKILL.md

# Azure Patterns

Design and implement Azure cloud architectures following Microsoft's Well-Architected Framework and best practices for service selection, cost optimization, and security.

## When to Use

Use this skill when:
- Designing new applications for Azure cloud
- Selecting Azure compute services (Container Apps, AKS, Functions, App Service)
- Architecting storage solutions (Blob Storage, Files, Cosmos DB)
- Integrating Azure OpenAI or Cognitive Services
- Implementing messaging patterns (Service Bus, Event Grid, Event Hubs)
- Designing secure networks with Private Endpoints
- Applying Azure governance and compliance policies
- Optimizing Azure costs and performance

## Core Concepts

### Service Selection Philosophy

Azure offers 200+ services. Choose based on:
1. **Managed vs. IaaS** - Prefer fully managed services (lower operational burden)
2. **Cost Model** - Consumption vs. dedicated capacity
3. **Integration Requirements** - Microsoft 365, Active Directory, hybrid cloud
4. **Control vs. Simplicity** - More control = more operational overhead

### Azure Well-Architected Framework (Five Pillars)

| Pillar | Focus | Key Practices |
|--------|-------|---------------|
| **Cost Optimization** | Maximize value within budget | Reserved Instances, auto-scaling, lifecycle management |
| **Operational Excellence** | Run reliable systems | Azure Policy, automation, monitoring |
| **Performance Efficiency** | Scale to meet demand | Autoscaling, caching, CDN |
| **Reliability** | Recover from failures | Availability Zones, multi-region, backup |
| **Security** | Protect data and assets | Managed Identity, Private Endpoints, Key Vault |

Reference `references/well-architected.md` for detailed pillar implementation patterns.

## Compute Service Selection

### Decision Framework

```
Container-based workload?
  YES → Need Kubernetes control plane?
          YES → Azure Kubernetes Service (AKS)
          NO → Azure Container Apps (recommended)
  NO → Event-driven function?
         YES → Azure Functions
         NO → Web application?
                YES → Azure App Service
                NO → Legacy/specialized → Virtual Machines
```

### Service Comparison

| Service | Best For | Pricing Model | Operational Overhead |
|---------|----------|---------------|---------------------|
| **Container Apps** | Microservices, APIs, background jobs | Consumption or dedicated | Low |
| **AKS** | Complex K8s workloads, service mesh | Node-based | High |
| **Functions** | Event-driven, short tasks (<10 min) | Consumption or premium | Low |
| **App Service** | Web apps, simple APIs | Dedicated plans | Low |
| **Virtual Machines** | Legacy apps, specialized software | VM-based | High |

**Recommendation:** Start with Azure Container Apps for 80% of containerized workloads (simpler and cheaper than AKS).

Reference `references/compute-services.md` for detailed comparison with Bicep and Terraform examples.

## Storage Architecture

### Blob Storage Tier Selection

| Tier | Access Pattern | Cost/GB/Month | Minimum Storage Duration |
|------|---------------|---------------|--------------------------|
| **Hot** | Daily access | $0.018 | None |
| **Cool** | <1/month access | $0.010 | 30 days |
| **Cold** | <90 days access | $0.0045 | 90 days |
| **Archive** | Rare access | $0.00099 | 180 days |

**Pattern:** Use lifecycle management policies to automatically move data to lower-cost tiers.

### Storage Service Decision

```
File system interface required?
  YES → Protocol?
          SMB → Azure Files (or NetApp Files for high performance)
          NFS → Azure Files (NFS 4.1)
  NO → Object storage → Blob Storage
       Block storage → Managed Disks (Standard/Premium SSD/Ultra)
       Analytics → Data Lake Storage Gen2
```

Reference `references/storage-patterns.md` for lifecycle policies, redundancy options, and performance tuning.

## Database Service Selection

### Decision Framework

```
Relational data?
  YES → SQL Server compatible?
          YES → Need VM-level access?
                  YES → SQL Managed Instance
                  NO → Azure SQL Database
          NO → Open source?
                 PostgreSQL → PostgreSQL Flexible Server
                 MySQL → MySQL Flexible Server
  NO → Data model?
         Document/JSON → Cosmos DB (NoSQL API)
         Graph → Cosmos DB (Gremlin API)
         Wide-column → Cosmos DB (Cassandra API)
         Key-value cache → Azure Cache for Redis
         Time-series → Azure Data Explorer
```

### Cosmos DB Consistency Levels

| Level | Use Case | Latency | Throughput |
|-------|----------|---------|------------|
| **Strong** | Financial transactions, inventory | Highest | Lowest |
| **Bounded Staleness** | Real-time leaderboards with acceptable lag | High | Low |
| **Session** | Shopping carts, user sessions (default) | Medium | Medium |
| **Consistent Prefix** | Social feeds, IoT telemetry | Low | High |
| **Eventual** | Analytics, ML training data | Lowest | Highest |

Reference `references/database-selection.md` for capacity planning, indexing strategies, and migration patterns.

## AI and Machine Learning Integration

### Azure OpenAI Service

**Use Cases:**
- Chatbots and conversational AI (GPT-4)
- Content generation and summarization
- Semantic search with embeddings (RAG pattern)
- Code generation and completion
- Function calling for structured outputs

**Key Advantages:**
- Enterprise data privacy (no model training on customer data)
- Regional deployment for data residency
- Microsoft enterprise SLAs
- Built-in content filtering

**Integration Pattern:**
```python
from openai import AzureOpenAI
from azure.identity import DefaultAzureCredential

credential = DefaultAzureCredential()
client = AzureOpenAI(
    azure_endpoint="https://myopenai.openai.azure.com",
    azure_ad_token_provider=token_provider,
    api_version="2024-02-15-preview"
)

response = client.chat.completions.create(
    model="gpt-4-turbo",
    messages=[{"role": "user", "content": "Hello
More from this repository
administering-linuxSkill

Manage Linux systems covering systemd services, process management, filesystems, networking, performance tuning, and troubleshooting. Use when deploying applications, optimizing server performance, diagnosing production issues, or managing users and security on Linux servers.

ai-data-engineeringSkill

Data pipelines, feature stores, and embedding generation for AI/ML systems. Use when building RAG pipelines, ML feature serving, or data transformations. Covers feature stores (Feast, Tecton), embedding pipelines, chunking strategies, orchestration (Dagster, Prefect, Airflow), dbt transformations, data versioning (LakeFS), and experiment tracking (MLflow, W&B).

architecting-dataSkill

Strategic guidance for designing modern data platforms, covering storage paradigms (data lake, warehouse, lakehouse), modeling approaches (dimensional, normalized, data vault, wide tables), data mesh principles, and medallion architecture patterns. Use when architecting data platforms, choosing between centralized vs decentralized patterns, selecting table formats (Iceberg, Delta Lake), or designing data governance frameworks.

architecting-networksSkill

Design cloud network architectures with VPC patterns, subnet strategies, zero trust principles, and hybrid connectivity. Use when planning VPC topology, implementing multi-cloud networking, or establishing secure network segmentation for cloud workloads.

architecting-securitySkill

Design comprehensive security architectures using defense-in-depth, zero trust principles, threat modeling (STRIDE, PASTA), and control frameworks (NIST CSF, CIS Controls, ISO 27001). Use when designing security for new systems, auditing existing architectures, or establishing security governance programs.

assembling-componentsSkill

Assembles component outputs from AI Design Components skills into unified, production-ready component systems with validated token integration, proper import chains, and framework-specific scaffolding. Use as the capstone skill after running theming, layout, dashboard, data-viz, or feedback skills to wire components into working React/Next.js, Python, or Rust projects.

building-ai-chatSkill

Builds AI chat interfaces and conversational UI with streaming responses, context management, and multi-modal support. Use when creating ChatGPT-style interfaces, AI assistants, code copilots, or conversational agents. Handles streaming text, token limits, regeneration, feedback loops, tool usage visualization, and AI-specific error patterns. Provides battle-tested components from leading AI products with accessibility and performance built in.

building-ci-pipelinesSkill

Constructs secure, efficient CI/CD pipelines with supply chain security (SLSA), monorepo optimization, caching strategies, and parallelization patterns for GitHub Actions, GitLab CI, and Argo Workflows. Use when setting up automated testing, building, or deployment workflows.