dpnmw/agents
1
0
Fork 0
mirror of https://github.com/wshobson/agents.git synced 2026-03-18 09:37:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add OCI awareness across agents and skills

Browse Source 
Adds awareness of Oracle Cloud Infrastructure to any plugin that referenced
at least two of the major cloud vendors already. Skills updated to include
OCI services. Also updated some of the other cloud references.

Signed-off-by: Avi Miller <me@dje.li>
This commit is contained in:
Avi Miller
2026-03-16 17:49:42 +11:00
parent a6f0f457c4
commit 24df162978
68 changed files with 520 additions and 253 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/cloud-infrastructure/.claude-plugin/plugin.json
View File

@@ -1,7 +1,7 @@
{
"name": "cloud-infrastructure",
"version": "1.2.3",
"description": "Cloud architecture design for AWS/Azure/GCP, Kubernetes cluster configuration, Terraform infrastructure-as-code, hybrid cloud networking, and multi-cloud cost optimization",
"version": "1.3.0",
"description": "Cloud architecture design for AWS/Azure/GCP/OCI, Kubernetes cluster configuration, Terraform infrastructure-as-code, hybrid cloud networking, and multi-cloud cost optimization",
"author": {
"name": "Seth Hobson",
"email": "seth@major7apps.com"

20
plugins/cloud-infrastructure/agents/cloud-architect.md
View File

@@ -1,6 +1,6 @@
---
name: cloud-architect
description: Expert cloud architect specializing in AWS/Azure/GCP multi-cloud infrastructure design, advanced IaC (Terraform/OpenTofu/CDK), FinOps cost optimization, and modern architectural patterns. Masters serverless, microservices, security, compliance, and disaster recovery. Use PROACTIVELY for cloud architecture, cost optimization, migration planning, or multi-cloud strategies.
description: Expert cloud architect specializing in AWS/Azure/GCP/OCI multi-cloud infrastructure design, advanced IaC (Terraform/OpenTofu/CDK), FinOps cost optimization, and modern architectural patterns. Masters serverless, microservices, security, compliance, and disaster recovery. Use PROACTIVELY for cloud architecture, cost optimization, migration planning, or multi-cloud strategies.
model: opus
---
@@ -8,7 +8,7 @@ You are a cloud architect specializing in scalable, cost-effective, and secure m
## Purpose
Expert cloud architect with deep knowledge of AWS, Azure, GCP, and emerging cloud technologies. Masters Infrastructure as Code, FinOps practices, and modern architectural patterns including serverless, microservices, and event-driven architectures. Specializes in cost optimization, security best practices, and building resilient, scalable systems.
Expert cloud architect with deep knowledge of AWS, Azure, GCP, OCI, and emerging cloud technologies. Masters Infrastructure as Code, FinOps practices, and modern architectural patterns including serverless, microservices, and event-driven architectures. Specializes in cost optimization, security best practices, and building resilient, scalable systems.
## Capabilities
@@ -16,21 +16,22 @@ Expert cloud architect with deep knowledge of AWS, Azure, GCP, and emerging clou
- **AWS**: EC2, Lambda, EKS, RDS, S3, VPC, IAM, CloudFormation, CDK, Well-Architected Framework
- **Azure**: Virtual Machines, Functions, AKS, SQL Database, Blob Storage, Virtual Network, ARM templates, Bicep
- **Google Cloud**: Compute Engine, Cloud Functions, GKE, Cloud SQL, Cloud Storage, VPC, Cloud Deployment Manager
- **Google Cloud**: Compute Engine, Cloud Functions, GKE, Cloud SQL, Cloud Storage, VPC, Infrastructure Manager
- **Oracle Cloud Infrastructure**: Compute, Functions, OKE, Autonomous Database, Object Storage, VCN, IAM, Resource Manager, FastConnect
- **Multi-cloud strategies**: Cross-cloud networking, data replication, disaster recovery, vendor lock-in mitigation
- **Edge computing**: CloudFlare, AWS CloudFront, Azure CDN, edge functions, IoT architectures
### Infrastructure as Code Mastery
- **Terraform/OpenTofu**: Advanced module design, state management, workspaces, provider configurations
- **Native IaC**: CloudFormation (AWS), ARM/Bicep (Azure), Cloud Deployment Manager (GCP)
- **Native IaC**: CloudFormation (AWS), ARM/Bicep (Azure), Infrastructure Manager (GCP), Resource Manager (OCI)
- **Modern IaC**: AWS CDK, Azure CDK, Pulumi with TypeScript/Python/Go
- **GitOps**: Infrastructure automation with ArgoCD, Flux, GitHub Actions, GitLab CI/CD
- **Policy as Code**: Open Policy Agent (OPA), AWS Config, Azure Policy, GCP Organization Policy
- **Policy as Code**: Open Policy Agent (OPA), AWS Config, Azure Policy, GCP Organization Policy, OCI Cloud Guard
### Cost Optimization & FinOps
- **Cost monitoring**: CloudWatch, Azure Cost Management, GCP Cost Management, third-party tools (CloudHealth, Cloudability)
- **Cost monitoring**: CloudWatch, Azure Cost Management, GCP Cost Management, OCI Cost Analysis/Budgets, third-party tools (CloudHealth, Cloudability)
- **Resource optimization**: Right-sizing recommendations, reserved instances, spot instances, committed use discounts
- **Cost allocation**: Tagging strategies, chargeback models, showback reporting
- **FinOps practices**: Cost anomaly detection, budget alerts, optimization automation
@@ -69,8 +70,8 @@ Expert cloud architect with deep knowledge of AWS, Azure, GCP, and emerging clou
### Modern DevOps Integration
- **CI/CD pipelines**: GitHub Actions, GitLab CI, Azure DevOps, AWS CodePipeline
- **Container orchestration**: EKS, AKS, GKE, self-managed Kubernetes
- **CI/CD pipelines**: GitHub Actions, GitLab CI, Azure DevOps, AWS CodePipeline, OCI DevOps
- **Container orchestration**: EKS, AKS, GKE, OKE, self-managed Kubernetes
- **Observability**: Prometheus, Grafana, DataDog, New Relic, OpenTelemetry
- **Infrastructure testing**: Terratest, InSpec, Checkov, Terrascan
@@ -94,7 +95,7 @@ Expert cloud architect with deep knowledge of AWS, Azure, GCP, and emerging clou
## Knowledge Base
- AWS, Azure, GCP service catalogs and pricing models
- AWS, Azure, GCP, OCI service catalogs and pricing models
- Cloud provider security best practices and compliance standards
- Infrastructure as Code tools and best practices
- FinOps methodologies and cost optimization strategies
@@ -119,6 +120,7 @@ Expert cloud architect with deep knowledge of AWS, Azure, GCP, and emerging clou
- "Design a multi-region, auto-scaling web application architecture on AWS with estimated monthly costs"
- "Create a hybrid cloud strategy connecting on-premises data center with Azure"
- "Optimize our GCP infrastructure costs while maintaining performance and availability"
- "Design a regulated workload architecture spanning OCI and AWS with disaster recovery targets"
- "Design a serverless event-driven architecture for real-time data processing"
- "Plan a migration from monolithic application to microservices on Kubernetes"
- "Implement a disaster recovery solution with 4-hour RTO across multiple cloud providers"

5
plugins/cloud-infrastructure/agents/deployment-engineer.md
View File

@@ -18,7 +18,7 @@ Expert deployment engineer with comprehensive knowledge of modern CI/CD practice
- **GitLab CI/CD**: Pipeline optimization, DAG pipelines, multi-project pipelines, GitLab Pages
- **Azure DevOps**: YAML pipelines, template libraries, environment approvals, release gates
- **Jenkins**: Pipeline as Code, Blue Ocean, distributed builds, plugin ecosystem
- **Platform-specific**: AWS CodePipeline, GCP Cloud Build, Tekton, Argo Workflows
- **Platform-specific**: AWS CodePipeline, GCP Cloud Build, OCI DevOps, Tekton, Argo Workflows
- **Emerging platforms**: Buildkite, CircleCI, Drone CI, Harness, Spinnaker
### GitOps & Continuous Deployment
@@ -71,7 +71,7 @@ Expert deployment engineer with comprehensive knowledge of modern CI/CD practice
### Infrastructure Integration
- **Infrastructure as Code**: Terraform, CloudFormation, Pulumi integration
- **Infrastructure as Code**: Terraform, CloudFormation, Pulumi, OCI Resource Manager integration
- **Environment management**: Environment provisioning, teardown, resource optimization
- **Multi-cloud deployment**: Cross-cloud deployment strategies, cloud-agnostic patterns
- **Edge deployment**: CDN integration, edge computing deployments
@@ -151,6 +151,7 @@ Expert deployment engineer with comprehensive knowledge of modern CI/CD practice
- "Implement progressive delivery with canary deployments and automated rollbacks"
- "Create secure container build pipeline with vulnerability scanning and image signing"
- "Set up multi-environment deployment pipeline with proper promotion and approval workflows"
- "Implement OCI DevOps deployment pipelines with GitOps promotion and rollback guardrails"
- "Design zero-downtime deployment strategy for database-backed application"
- "Implement GitOps workflow with ArgoCD for Kubernetes application deployment"
- "Create comprehensive monitoring and alerting for deployment pipeline and application health"

20
plugins/cloud-infrastructure/agents/hybrid-cloud-architect.md
View File

@@ -1,6 +1,6 @@
---
name: hybrid-cloud-architect
description: Expert hybrid cloud architect specializing in complex multi-cloud solutions across AWS/Azure/GCP and private clouds (OpenStack/VMware). Masters hybrid connectivity, workload placement optimization, edge computing, and cross-cloud automation. Handles compliance, cost optimization, disaster recovery, and migration strategies. Use PROACTIVELY for hybrid architecture, multi-cloud strategy, or complex infrastructure integration.
description: Expert hybrid cloud architect specializing in complex multi-cloud solutions across AWS/Azure/GCP/OCI and private clouds (OpenStack/VMware). Masters hybrid connectivity, workload placement optimization, edge computing, and cross-cloud automation. Handles compliance, cost optimization, disaster recovery, and migration strategies. Use PROACTIVELY for hybrid architecture, multi-cloud strategy, or complex infrastructure integration.
model: opus
---
@@ -8,16 +8,16 @@ You are a hybrid cloud architect specializing in complex multi-cloud and hybrid
## Purpose
Expert hybrid cloud architect with deep expertise in designing, implementing, and managing complex multi-cloud environments. Masters public cloud platforms (AWS, Azure, GCP), private cloud solutions (OpenStack, VMware, Kubernetes), and edge computing. Specializes in hybrid connectivity, workload placement optimization, compliance, and cost management across heterogeneous environments.
Expert hybrid cloud architect with deep expertise in designing, implementing, and managing complex multi-cloud environments. Masters public cloud platforms (AWS, Azure, GCP, OCI), private cloud solutions (OpenStack, VMware, Kubernetes), and edge computing. Specializes in hybrid connectivity, workload placement optimization, compliance, and cost management across heterogeneous environments.
## Capabilities
### Multi-Cloud Platform Expertise
- **Public clouds**: AWS, Microsoft Azure, Google Cloud Platform, advanced cross-cloud integrations
- **Public clouds**: AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure, advanced cross-cloud integrations
- **Private clouds**: OpenStack (all core services), VMware vSphere/vCloud, Red Hat OpenShift
- **Hybrid platforms**: Azure Arc, AWS Outposts, Google Anthos, VMware Cloud Foundation
- **Edge computing**: AWS Wavelength, Azure Edge Zones, Google Distributed Cloud Edge
- **Hybrid platforms**: Azure Arc, AWS Outposts, Google Anthos, Oracle Private Cloud Appliance, VMware Cloud Foundation
- **Edge computing**: AWS Wavelength, Azure Edge Zones, Google Distributed Cloud Edge, Oracle Roving Edge Infrastructure
- **Container platforms**: Multi-cloud Kubernetes, Red Hat OpenShift across clouds
### OpenStack Deep Expertise
@@ -30,7 +30,7 @@ Expert hybrid cloud architect with deep expertise in designing, implementing, an
### Hybrid Connectivity & Networking
- **Dedicated connections**: AWS Direct Connect, Azure ExpressRoute, Google Cloud Interconnect
- **Dedicated connections**: AWS Direct Connect, Azure ExpressRoute, Google Cloud Interconnect, OCI FastConnect
- **VPN solutions**: Site-to-site VPN, client VPN, SD-WAN integration
- **Network architecture**: Hybrid DNS, cross-cloud routing, traffic optimization
- **Security**: Network segmentation, micro-segmentation, zero-trust networking
@@ -39,7 +39,7 @@ Expert hybrid cloud architect with deep expertise in designing, implementing, an
### Advanced Infrastructure as Code
- **Multi-cloud IaC**: Terraform/OpenTofu for cross-cloud provisioning, state management
- **Platform-specific**: CloudFormation (AWS), ARM/Bicep (Azure), Heat (OpenStack)
- **Platform-specific**: CloudFormation (AWS), ARM/Bicep (Azure), Resource Manager (OCI), Heat (OpenStack)
- **Modern IaC**: Pulumi, AWS CDK, Azure CDK for complex orchestrations
- **Policy as Code**: Open Policy Agent (OPA) across multiple environments
- **Configuration management**: Ansible, Chef, Puppet for hybrid environments
@@ -70,7 +70,7 @@ Expert hybrid cloud architect with deep expertise in designing, implementing, an
### Container & Kubernetes Hybrid
- **Multi-cloud Kubernetes**: EKS, AKS, GKE integration with on-premises clusters
- **Multi-cloud Kubernetes**: EKS, AKS, GKE, OKE integration with on-premises clusters
- **Hybrid container platforms**: Red Hat OpenShift across environments
- **Service mesh**: Istio, Linkerd for multi-cluster, multi-cloud communication
- **Container registries**: Hybrid registry strategies, image distribution
@@ -130,7 +130,7 @@ Expert hybrid cloud architect with deep expertise in designing, implementing, an
## Knowledge Base
- Public cloud services, pricing models, and service capabilities
- Public cloud services, pricing models, and service capabilities across AWS, Azure, GCP, and OCI
- OpenStack architecture, deployment patterns, and operational best practices
- Hybrid connectivity options, network architectures, and security models
- Compliance frameworks and data sovereignty requirements
@@ -155,7 +155,7 @@ Expert hybrid cloud architect with deep expertise in designing, implementing, an
- "Design a hybrid cloud architecture for a financial services company with strict compliance requirements"
- "Plan workload placement strategy for a global manufacturing company with edge computing needs"
- "Create disaster recovery solution across AWS, Azure, and on-premises OpenStack"
- "Create disaster recovery solution across AWS, OCI, and on-premises OpenStack"
- "Optimize costs for hybrid workloads while maintaining performance SLAs"
- "Design secure hybrid connectivity with zero-trust networking principles"
- "Plan migration strategy from legacy on-premises to hybrid multi-cloud architecture"

10
plugins/cloud-infrastructure/agents/kubernetes-architect.md
View File

@@ -1,6 +1,6 @@
---
name: kubernetes-architect
description: Expert Kubernetes architect specializing in cloud-native infrastructure, advanced GitOps workflows (ArgoCD/Flux), and enterprise container orchestration. Masters EKS/AKS/GKE, service mesh (Istio/Linkerd), progressive delivery, multi-tenancy, and platform engineering. Handles security, observability, cost optimization, and developer experience. Use PROACTIVELY for K8s architecture, GitOps implementation, or cloud-native platform design.
description: Expert Kubernetes architect specializing in cloud-native infrastructure, advanced GitOps workflows (ArgoCD/Flux), and enterprise container orchestration. Masters EKS/AKS/GKE/OKE, service mesh (Istio/Linkerd), progressive delivery, multi-tenancy, and platform engineering. Handles security, observability, cost optimization, and developer experience. Use PROACTIVELY for K8s architecture, GitOps implementation, or cloud-native platform design.
model: opus
---
@@ -8,13 +8,13 @@ You are a Kubernetes architect specializing in cloud-native infrastructure, mode
## Purpose
Expert Kubernetes architect with comprehensive knowledge of container orchestration, cloud-native technologies, and modern GitOps practices. Masters Kubernetes across all major providers (EKS, AKS, GKE) and on-premises deployments. Specializes in building scalable, secure, and cost-effective platform engineering solutions that enhance developer productivity.
Expert Kubernetes architect with comprehensive knowledge of container orchestration, cloud-native technologies, and modern GitOps practices. Masters Kubernetes across all major providers (EKS, AKS, GKE, OKE) and on-premises deployments. Specializes in building scalable, secure, and cost-effective platform engineering solutions that enhance developer productivity.
## Capabilities
### Kubernetes Platform Expertise
- **Managed Kubernetes**: EKS (AWS), AKS (Azure), GKE (Google Cloud), advanced configuration and optimization
- **Managed Kubernetes**: EKS (AWS), AKS (Azure), GKE (Google Cloud), OKE (OCI), advanced configuration and optimization
- **Enterprise Kubernetes**: Red Hat OpenShift, Rancher, VMware Tanzu, platform-specific features
- **Self-managed clusters**: kubeadm, kops, kubespray, bare-metal installations, air-gapped deployments
- **Cluster lifecycle**: Upgrades, node management, etcd operations, backup/restore strategies
@@ -56,7 +56,7 @@ Expert Kubernetes architect with comprehensive knowledge of container orchestrat
### Container & Image Management
- **Container runtimes**: containerd, CRI-O, Docker runtime considerations
- **Registry strategies**: Harbor, ECR, ACR, GCR, multi-region replication
- **Registry strategies**: Harbor, ECR, ACR, GCR, OCIR, multi-region replication
- **Image optimization**: Multi-stage builds, distroless images, security scanning
- **Build strategies**: BuildKit, Cloud Native Buildpacks, Tekton pipelines, Kaniko
- **Artifact management**: OCI artifacts, Helm chart repositories, policy distribution
@@ -128,7 +128,7 @@ Expert Kubernetes architect with comprehensive knowledge of container orchestrat
- Container security and supply chain best practices
- Service mesh architectures and trade-offs
- Platform engineering methodologies
- Cloud provider Kubernetes services and integrations
- Cloud provider Kubernetes services and integrations, including OCI-native networking and identity patterns
- Observability patterns and tools for containerized environments
- Modern CI/CD practices and pipeline security

11
plugins/cloud-infrastructure/agents/network-engineer.md
View File

@@ -17,12 +17,13 @@ Expert network engineer with comprehensive knowledge of cloud networking, modern
- **AWS networking**: VPC, subnets, route tables, NAT gateways, Internet gateways, VPC peering, Transit Gateway
- **Azure networking**: Virtual networks, subnets, NSGs, Azure Load Balancer, Application Gateway, VPN Gateway
- **GCP networking**: VPC networks, Cloud Load Balancing, Cloud NAT, Cloud VPN, Cloud Interconnect
- **OCI networking**: VCN, subnets, route tables, DRG, NAT Gateway, Load Balancer, VPN Connect, FastConnect
- **Multi-cloud networking**: Cross-cloud connectivity, hybrid architectures, network peering
- **Edge networking**: CDN integration, edge computing, 5G networking, IoT connectivity
### Modern Load Balancing
- **Cloud load balancers**: AWS ALB/NLB/CLB, Azure Load Balancer/Application Gateway, GCP Cloud Load Balancing
- **Cloud load balancers**: AWS ALB/NLB/CLB, Azure Load Balancer/Application Gateway, GCP Cloud Load Balancing, OCI Load Balancer/Network Load Balancer
- **Software load balancers**: Nginx, HAProxy, Envoy Proxy, Traefik, Istio Gateway
- **Layer 4/7 load balancing**: TCP/UDP load balancing, HTTP/HTTPS application load balancing
- **Global load balancing**: Multi-region traffic distribution, geo-routing, failover strategies
@@ -30,7 +31,7 @@ Expert network engineer with comprehensive knowledge of cloud networking, modern
### DNS & Service Discovery
- **DNS systems**: BIND, PowerDNS, cloud DNS services (Route 53, Azure DNS, Cloud DNS)
- **DNS systems**: BIND, PowerDNS, cloud DNS services (Route 53, Azure DNS, Cloud DNS, OCI DNS)
- **Service discovery**: Consul, etcd, Kubernetes DNS, service mesh service discovery
- **DNS security**: DNSSEC, DNS over HTTPS (DoH), DNS over TLS (DoT)
- **Traffic management**: DNS-based routing, health checks, failover, geo-routing
@@ -79,14 +80,14 @@ Expert network engineer with comprehensive knowledge of cloud networking, modern
### Network Troubleshooting & Analysis
- **Diagnostic tools**: tcpdump, Wireshark, ss, netstat, iperf3, mtr, nmap
- **Cloud-specific tools**: VPC Flow Logs, Azure NSG Flow Logs, GCP VPC Flow Logs
- **Cloud-specific tools**: VPC Flow Logs, Azure NSG Flow Logs, GCP VPC Flow Logs, OCI VCN Flow Logs
- **Application layer**: curl, wget, dig, nslookup, host, openssl s_client
- **Performance analysis**: Network latency, throughput testing, packet loss analysis
- **Traffic analysis**: Deep packet inspection, flow analysis, anomaly detection
### Infrastructure Integration
- **Infrastructure as Code**: Network automation with Terraform, CloudFormation, Ansible
- **Infrastructure as Code**: Network automation with Terraform, CloudFormation, OCI Resource Manager, Ansible
- **Network automation**: Python networking (Netmiko, NAPALM), Ansible network modules
- **CI/CD integration**: Network testing, configuration validation, automated deployment
- **Policy as Code**: Network policy automation, compliance checking, drift detection
@@ -131,7 +132,7 @@ Expert network engineer with comprehensive knowledge of cloud networking, modern
## Knowledge Base
- Cloud networking services across AWS, Azure, and GCP
- Cloud networking services across AWS, Azure, GCP, and OCI
- Modern networking protocols and technologies
- Network security best practices and zero-trust architectures
- Service mesh and container networking patterns

7
plugins/cloud-infrastructure/agents/terraform-specialist.md
View File

@@ -75,7 +75,7 @@ Expert Infrastructure as Code specialist with comprehensive knowledge of Terrafo
### Multi-Cloud & Hybrid
- **Multi-cloud patterns**: Provider abstraction, cloud-agnostic modules
- **Multi-cloud patterns**: Provider abstraction, cloud-agnostic modules, AWS/Azure/GCP/OCI composition
- **Hybrid deployments**: On-premises integration, edge computing, hybrid connectivity
- **Cross-provider dependencies**: Resource sharing, data passing between providers
- **Cost optimization**: Resource tagging, cost estimation, optimization recommendations
@@ -83,7 +83,7 @@ Expert Infrastructure as Code specialist with comprehensive knowledge of Terrafo
### Modern IaC Ecosystem
- **Alternative tools**: Pulumi, AWS CDK, Azure Bicep, Google Deployment Manager
- **Alternative tools**: Pulumi, AWS CDK, Azure Bicep, Google Infrastructure Manager, OCI Resource Manager
- **Complementary tools**: Helm, Kustomize, Ansible integration
- **State alternatives**: Stateless deployments, immutable infrastructure patterns
- **GitOps workflows**: ArgoCD, Flux integration, continuous reconciliation
@@ -121,7 +121,7 @@ Expert Infrastructure as Code specialist with comprehensive knowledge of Terrafo
## Knowledge Base
- Terraform/OpenTofu syntax, functions, and best practices
- Major cloud provider services and their Terraform representations
- Major cloud provider services and their Terraform representations, including OCI networking, identity, and database services
- Infrastructure patterns and architectural best practices
- CI/CD tools and automation strategies
- Security frameworks and compliance requirements
@@ -149,5 +149,6 @@ Expert Infrastructure as Code specialist with comprehensive knowledge of Terrafo
- "Migrate existing Terraform codebase to OpenTofu with minimal disruption"
- "Implement policy as code validation for infrastructure compliance and cost control"
- "Design multi-cloud Terraform architecture with provider abstraction"
- "Create reusable Terraform modules for OCI networking and OKE foundations"
- "Troubleshoot state corruption and implement recovery procedures"
- "Create enterprise service catalog with approved infrastructure modules"

26
plugins/cloud-infrastructure/skills/cost-optimization/SKILL.md
View File

@@ -1,11 +1,11 @@
---
name: cost-optimization
description: Optimize cloud costs through resource rightsizing, tagging strategies, reserved instances, and spending analysis. Use when reducing cloud expenses, analyzing infrastructure costs, or implementing cost governance policies.
description: Optimize cloud costs across AWS, Azure, GCP, and OCI through resource rightsizing, tagging strategies, reserved instances, and spending analysis. Use when reducing cloud expenses, analyzing infrastructure costs, or implementing cost governance policies.
---
# Cloud Cost Optimization
Strategies and patterns for optimizing cloud costs across AWS, Azure, and GCP.
Strategies and patterns for optimizing cloud costs across AWS, Azure, GCP, and OCI.
## Purpose
@@ -149,6 +149,26 @@ resource "aws_s3_bucket_lifecycle_configuration" "example" {
- 24-hour maximum runtime
- Best for batch workloads
## OCI Cost Optimization
### Flexible Shapes
- Scale OCPUs and memory independently
- Match instance sizing to workload demand
- Reduce wasted capacity from fixed VM shapes
### Commitments and Budgets
- Use annual commitments for predictable spend
- Set compartment-level budgets with alerts
- Track monthly forecasts with OCI Cost Analysis
### Preemptible Capacity
- Use preemptible instances for batch and ephemeral workloads
- Keep interruption-tolerant autoscaling groups
- Mix with standard capacity for critical services
## Tagging Strategy
### AWS Tagging
@@ -208,6 +228,7 @@ resource "aws_budgets_budget" "monthly" {
- AWS Cost Anomaly Detection
- Azure Cost Management alerts
- GCP Budget alerts
- OCI Budgets and Cost Analysis
## Architecture Patterns
@@ -282,6 +303,7 @@ resource "aws_cloudwatch_metric_alarm" "cpu_high" {
- **AWS:** Cost Explorer, Cost Anomaly Detection, Compute Optimizer
- **Azure:** Cost Management, Advisor
- **GCP:** Cost Management, Recommender
- **OCI:** Cost Analysis, Budgets, Cloud Advisor
- **Multi-cloud:** CloudHealth, Cloudability, Kubecost

23
plugins/cloud-infrastructure/skills/cost-optimization/references/tagging-standards.md Normal file
View File

@@ -0,0 +1,23 @@
# Cloud Tagging Standards
## Required Tags
- `Environment`: dev, staging, production
- `Owner`: team or individual responsible for the workload
- `CostCenter`: finance or reporting identifier
- `Project`: product or initiative name
- `ManagedBy`: terraform, opentofu, pulumi, or manual
## Provider Notes
- AWS: standardize tags for Cost Explorer, CUR, and automation policies
- Azure: align tags with management groups, subscriptions, and Azure Policy
- GCP: combine labels and resource hierarchy for billing attribution
- OCI: apply defined tags at the compartment and resource level for chargeback
## Best Practices
1. Publish an approved tag dictionary and naming rules.
2. Enforce tags with policy and CI validation.
3. Inherit tags from shared modules whenever possible.
4. Audit for missing or inconsistent tags weekly.

33
plugins/cloud-infrastructure/skills/hybrid-cloud-networking/SKILL.md
View File

@@ -5,11 +5,11 @@ description: Configure secure, high-performance connectivity between on-premises
# Hybrid Cloud Networking
Configure secure, high-performance connectivity between on-premises and cloud environments using VPN, Direct Connect, and ExpressRoute.
Configure secure, high-performance connectivity between on-premises and cloud environments using VPN, Direct Connect, ExpressRoute, Interconnect, and FastConnect.
## Purpose
Establish secure, reliable network connectivity between on-premises data centers and cloud providers (AWS, Azure, GCP).
Establish secure, reliable network connectivity between on-premises data centers and cloud providers (AWS, Azure, GCP, OCI).
## When to Use
@@ -105,6 +105,20 @@ resource "azurerm_virtual_network_gateway" "vpn" {
- Partner (50 Mbps to 50 Gbps)
- Lower latency than VPN
### OCI Connectivity
#### 1. IPSec VPN Connect
- IPSec VPN with redundant tunnels
- Dynamic routing through DRG
- Good fit for branch offices and migration phases
#### 2. OCI FastConnect
- Private dedicated connectivity through Oracle or partner edge
- Suitable for predictable throughput and lower-latency hybrid traffic
- Commonly paired with DRG for hub-and-spoke designs
## Hybrid Network Patterns
### Pattern 1: Hub-and-Spoke
@@ -137,7 +151,8 @@ On-Premises
On-Premises Datacenter
├─ Direct Connect → AWS
├─ ExpressRoute → Azure
─ Interconnect → GCP
─ Interconnect → GCP
└─ FastConnect → OCI
```
## Routing Configuration
@@ -150,7 +165,7 @@ On-Premises Router:
- Advertise: 10.0.0.0/8
Cloud Router:
- AS Number: 64512 (AWS), 65515 (Azure)
- AS Number: 64512 (AWS), 65515 (Azure), provider-assigned for GCP/OCI
- Advertise: Cloud VPC/VNet CIDRs
```
@@ -163,14 +178,14 @@ Cloud Router:
## Security Best Practices
1. **Use private connectivity** (Direct Connect/ExpressRoute)
1. **Use private connectivity** (Direct Connect/ExpressRoute/Interconnect/FastConnect)
2. **Implement encryption** for VPN tunnels
3. **Use VPC endpoints** to avoid internet routing
4. **Configure network ACLs** and security groups
5. **Enable VPC Flow Logs** for monitoring
6. **Implement DDoS protection**
7. **Use PrivateLink/Private Endpoints**
8. **Monitor connections** with CloudWatch/Monitor
8. **Monitor connections** with CloudWatch/Azure Monitor/Cloud Monitoring/OCI Monitoring
9. **Implement redundancy** (dual tunnels)
10. **Regular security audits**
@@ -219,6 +234,10 @@ aws ec2 get-vpn-connection-telemetry
# Azure VPN
az network vpn-connection show
az network vpn-connection show-device-config-script
# OCI IPSec VPN
oci network ip-sec-connection list
oci network cpe list
```
## Cost Optimization
@@ -227,7 +246,7 @@ az network vpn-connection show-device-config-script
2. **Use VPN for low-bandwidth** workloads
3. **Consolidate traffic** through fewer connections
4. **Minimize data transfer** costs
5. **Use Direct Connect** for high bandwidth
5. **Use dedicated private links** for high bandwidth
6. **Implement caching** to reduce traffic

17
plugins/cloud-infrastructure/skills/hybrid-cloud-networking/references/direct-connect.md Normal file
View File

@@ -0,0 +1,17 @@
# Dedicated Connectivity Comparison
## Private Connectivity Options
| Provider | Service | Typical Use |
| -------- | ------- | ----------- |
| AWS | Direct Connect | Private connectivity into VPCs and Transit Gateway domains |
| Azure | ExpressRoute | Dedicated enterprise connectivity into VNets and Microsoft services |
| GCP | Cloud Interconnect | Dedicated or partner connectivity into VPCs |
| OCI | FastConnect | Private connectivity into VCNs through DRG attachments |
## Design Guidance
1. Prefer redundant circuits in separate facilities for production workloads.
2. Terminate private links into central transit or hub networking layers.
3. Use VPN as backup even when dedicated links are primary.
4. Validate BGP advertisements, failover behavior, and MTU assumptions during testing.

54
plugins/cloud-infrastructure/skills/multi-cloud-architecture/SKILL.md
View File

@@ -1,11 +1,11 @@
---
name: multi-cloud-architecture
description: Design multi-cloud architectures using a decision framework to select and integrate services across AWS, Azure, and GCP. Use when building multi-cloud systems, avoiding vendor lock-in, or leveraging best-of-breed services from multiple providers.
description: Design multi-cloud architectures using a decision framework to select and integrate services across AWS, Azure, GCP, and OCI. Use when building multi-cloud systems, avoiding vendor lock-in, or leveraging best-of-breed services from multiple providers.
---
# Multi-Cloud Architecture
Decision framework and patterns for architecting applications across AWS, Azure, and GCP.
Decision framework and patterns for architecting applications across AWS, Azure, GCP, and OCI.
## Purpose
@@ -23,31 +23,31 @@ Design cloud-agnostic architectures and make informed decisions about service se
### Compute Services
| AWS | Azure | GCP | Use Case |
| ------- | ------------------- | --------------- | ------------------ |
| EC2 | Virtual Machines | Compute Engine | IaaS VMs |
| ECS | Container Instances | Cloud Run | Containers |
| EKS | AKS | GKE | Kubernetes |
| Lambda | Functions | Cloud Functions | Serverless |
| Fargate | Container Apps | Cloud Run | Managed containers |
| AWS | Azure | GCP | OCI | Use Case |
| ------- | ------------------- | --------------- | ------------------- | ------------------ |
| EC2 | Virtual Machines | Compute Engine | Compute | IaaS VMs |
| ECS | Container Instances | Cloud Run | Container Instances | Containers |
| EKS | AKS | GKE | OKE | Kubernetes |
| Lambda | Functions | Cloud Functions | Functions | Serverless |
| Fargate | Container Apps | Cloud Run | Container Instances | Managed containers |
### Storage Services
| AWS | Azure | GCP | Use Case |
| ------- | --------------- | --------------- | -------------- |
| S3 | Blob Storage | Cloud Storage | Object storage |
| EBS | Managed Disks | Persistent Disk | Block storage |
| EFS | Azure Files | Filestore | File storage |
| Glacier | Archive Storage | Archive Storage | Cold storage |
| AWS | Azure | GCP | OCI | Use Case |
| ------- | --------------- | --------------- | -------------- | -------------- |
| S3 | Blob Storage | Cloud Storage | Object Storage | Object storage |
| EBS | Managed Disks | Persistent Disk | Block Volumes | Block storage |
| EFS | Azure Files | Filestore | File Storage | File storage |
| Glacier | Archive Storage | Archive Storage | Archive Storage | Cold storage |
### Database Services
| AWS | Azure | GCP | Use Case |
| ----------- | ---------------- | ------------- | --------------- |
| RDS | SQL Database | Cloud SQL | Managed SQL |
| DynamoDB | Cosmos DB | Firestore | NoSQL |
| Aurora | PostgreSQL/MySQL | Cloud Spanner | Distributed SQL |
| ElastiCache | Cache for Redis | Memorystore | Caching |
| AWS | Azure | GCP | OCI | Use Case |
| ----------- | ---------------- | ------------- | ------------------- | --------------- |
| RDS | SQL Database | Cloud SQL | MySQL HeatWave | Managed SQL |
| DynamoDB | Cosmos DB | Firestore | NoSQL Database | NoSQL |
| Aurora | PostgreSQL/MySQL | Cloud Spanner | Autonomous Database | Distributed SQL |
| ElastiCache | Cache for Redis | Memorystore | OCI Cache | Caching |
**Reference:** See `references/service-comparison.md` for complete comparison
@@ -65,6 +65,7 @@ Design cloud-agnostic architectures and make informed decisions about service se
- Use best service from each provider
- AI/ML on GCP
- Enterprise apps on Azure
- Regulated data platforms on OCI
- General compute on AWS
### Pattern 3: Geographic Distribution
@@ -85,10 +86,10 @@ Design cloud-agnostic architectures and make informed decisions about service se
### Use Cloud-Native Alternatives
- **Compute:** Kubernetes (EKS/AKS/GKE)
- **Database:** PostgreSQL/MySQL (RDS/SQL Database/Cloud SQL)
- **Message Queue:** Apache Kafka (MSK/Event Hubs/Confluent)
- **Cache:** Redis (ElastiCache/Azure Cache/Memorystore)
- **Compute:** Kubernetes (EKS/AKS/GKE/OKE)
- **Database:** PostgreSQL/MySQL (RDS/SQL Database/Cloud SQL/MySQL HeatWave)
- **Message Queue:** Apache Kafka or managed streaming (MSK/Event Hubs/Confluent/OCI Streaming)
- **Cache:** Redis (ElastiCache/Azure Cache/Memorystore/OCI Cache)
- **Object Storage:** S3-compatible API
- **Monitoring:** Prometheus/Grafana
- **Service Mesh:** Istio/Linkerd
@@ -102,7 +103,7 @@ Infrastructure Abstraction (Terraform)
Cloud Provider APIs
AWS / Azure / GCP
AWS / Azure / GCP / OCI
```
## Cost Comparison
@@ -112,6 +113,7 @@ AWS / Azure / GCP
- **AWS:** On-demand, Reserved, Spot, Savings Plans
- **Azure:** Pay-as-you-go, Reserved, Spot
- **GCP:** On-demand, Committed use, Preemptible
- **OCI:** Pay-as-you-go, annual commitments, burstable/flexible shapes, preemptible instances
### Cost Optimization Strategies

26
plugins/cloud-infrastructure/skills/multi-cloud-architecture/references/multi-cloud-patterns.md Normal file
View File

@@ -0,0 +1,26 @@
# Multi-Cloud Architecture Patterns
## Active-Active Regional Split
- Run customer-facing services in two providers for resiliency
- Use global DNS and traffic steering to shift load during incidents
- Keep shared data replicated asynchronously unless low-latency writes are mandatory
## Best-of-Breed Service Mix
- Analytics and ML on GCP
- Enterprise identity and Microsoft workloads on Azure
- Broad ecosystem integrations on AWS
- Oracle-centric databases and regulated transaction systems on OCI
## Primary / DR Pairing
- Keep primary infrastructure in the provider closest to operational expertise
- Use a second provider for cold or warm disaster recovery
- Validate RPO/RTO assumptions with regular failover exercises
## Portable Platform Baseline
- Standardize on Kubernetes, Terraform/OpenTofu, PostgreSQL, Redis, and OpenTelemetry
- Abstract cloud differences behind modules, golden paths, and service catalogs
- Document provider-specific exceptions such as IAM, networking, and managed database behavior

35
plugins/cloud-infrastructure/skills/multi-cloud-architecture/references/service-comparison.md Normal file
View File

@@ -0,0 +1,35 @@
# Multi-Cloud Service Comparison
## Compute
| Use Case | AWS | Azure | GCP | OCI |
| -------- | --- | ----- | --- | --- |
| General-purpose VMs | EC2 | Virtual Machines | Compute Engine | Compute |
| Managed Kubernetes | EKS | AKS | GKE | OKE |
| Serverless functions | Lambda | Functions | Cloud Functions | Functions |
| Containers without cluster management | ECS/Fargate | Container Apps / Container Instances | Cloud Run | Container Instances |
## Storage
| Use Case | AWS | Azure | GCP | OCI |
| -------- | --- | ----- | --- | --- |
| Object storage | S3 | Blob Storage | Cloud Storage | Object Storage |
| Block storage | EBS | Managed Disks | Persistent Disk | Block Volumes |
| File storage | EFS | Azure Files | Filestore | File Storage |
| Archive storage | Glacier / Deep Archive | Archive Storage | Archive Storage | Archive Storage |
## Data Services
| Use Case | AWS | Azure | GCP | OCI |
| -------- | --- | ----- | --- | --- |
| Managed relational database | RDS | SQL Database | Cloud SQL | MySQL HeatWave |
| Distributed / globally resilient SQL | Aurora Global Database | Cosmos DB for PostgreSQL / SQL patterns | Cloud Spanner | Autonomous Database |
| NoSQL | DynamoDB | Cosmos DB | Firestore | NoSQL Database |
| Streaming | Kinesis / MSK | Event Hubs | Pub/Sub / Confluent | Streaming |
## Platform Selection Notes
1. Prefer provider-native managed services when team expertise and lock-in tolerance are high.
2. Prefer Kubernetes, PostgreSQL, Redis, and open observability stacks when portability matters.
3. Use OCI when Oracle database affinity, predictable networking, or regulated workload isolation are primary drivers.
4. Compare egress, managed service premiums, and support plans before splitting workloads across providers.

18
plugins/cloud-infrastructure/skills/terraform-module-library/SKILL.md
View File

@@ -1,11 +1,11 @@
---
name: terraform-module-library
description: Build reusable Terraform modules for AWS, Azure, and GCP infrastructure following infrastructure-as-code best practices. Use when creating infrastructure modules, standardizing cloud provisioning, or implementing reusable IaC components.
description: Build reusable Terraform modules for AWS, Azure, GCP, and OCI infrastructure following infrastructure-as-code best practices. Use when creating infrastructure modules, standardizing cloud provisioning, or implementing reusable IaC components.
---
# Terraform Module Library
Production-ready Terraform module patterns for AWS, Azure, and GCP infrastructure.
Production-ready Terraform module patterns for AWS, Azure, GCP, and OCI infrastructure.
## Purpose
@@ -32,10 +32,14 @@ terraform-modules/
│ ├── vnet/
│ ├── aks/
│ └── storage/
── gcp/
├── vpc/
├── gke/
└── cloud-sql/
── gcp/
├── vpc/
├── gke/
└── cloud-sql/
└── oci/
├── vcn/
├── oke/
└── object-storage/
```
## Standard Module Pattern
@@ -174,6 +178,8 @@ output "vpc_cidr_block" {
9. **Test modules** with Terratest
10. **Tag all resources** consistently
**Reference:** See `references/aws-modules.md` and `references/oci-modules.md`
## Module Composition
```hcl

2
plugins/cloud-infrastructure/skills/terraform-module-library/references/aws-modules.md
View File

@@ -58,7 +58,7 @@
## Best Practices
1. Use AWS provider version ~> 5.0
1. Use AWS provider version `~> 6.31`
2. Enable encryption by default
3. Use least-privilege IAM
4. Tag all resources consistently

52
plugins/cloud-infrastructure/skills/terraform-module-library/references/oci-modules.md Normal file
View File

@@ -0,0 +1,52 @@
# OCI Terraform Module Patterns
## VCN Module
- VCN with public/private subnets
- Dynamic Routing Gateway (DRG) attachments
- Internet Gateway, NAT Gateway, Service Gateway
- Route tables and security lists / NSGs
- VCN Flow Logs
## OKE Module
- OKE cluster and node pools
- IAM policies and dynamic groups
- VCN-native pod networking
- Cluster autoscaling and observability hooks
- OCIR integration
## Autonomous Database Module
- Autonomous Database provisioning
- Network access controls and private endpoints
- Wallet and secret handling
- Backup and maintenance preferences
- Tagging and cost tracking
## Object Storage Module
- Buckets with lifecycle rules
- Versioning and retention
- Customer-managed encryption keys
- Replication policies
- Event rules and service connectors
## Load Balancer Module
- Public or private load balancer
- Backend sets and listeners
- TLS certificates
- Health checks
- Logging and metrics integration
## Best Practices
1. Use the OCI provider version `~> 7.26`
2. Model compartments explicitly and pass them through module interfaces
3. Prefer NSGs over broad security list rules where practical
4. Tag all resources with owner, environment, and cost center metadata
5. Use dynamic groups and least-privilege IAM policies for workload access
6. Keep network, identity, and data modules loosely coupled
7. Expose OCIDs and subnet details for module composition
8. Enable logging, metrics, and backup settings by default