// Provides Azure defaults for naming, regions, tags, AVM-first modules, security baselines, WAF criteria, governance discovery, and pricing guidance across all agents.
| name | azure-defaults |
| description | Provides Azure defaults for naming, regions, tags, AVM-first modules, security baselines, WAF criteria, governance discovery, and pricing guidance across all agents. |
| compatibility | Works with Claude Code, GitHub Copilot, VS Code, and any Agent Skills compatible tool. |
| license | MIT |
| metadata | {"author":"jonathan-vella","version":"2.0","category":"azure-infrastructure"} |
Single source of truth for all Azure infrastructure configuration used across agents.
Load this SKILL.md first — then load references/ files on demand for the current task.
Agents load context in layers — not all at once. This skill is step 3:
AGENTS.md — lightweight map for orientation (~75 lines)golden-principles — 10 operating principles that govern all agentsazure-defaults) — Azure conventions, naming, AVM, securityazure-diagrams, azure-bicep-patterns)Only read deeper skills when your current task requires them.
| File | When to Load |
|---|---|
references/naming-conventions.md | Generating resource names, validating naming compliance |
references/avm-catalog.md | Planning/coding Bicep with AVM modules, checking pitfalls |
references/security-baseline.md | Applying security settings, compliance checks |
references/waf-criteria.md | Performing WAF assessments, scoring architecture pillars |
references/pricing-service-names.md | Generating cost estimates, recommending service tiers |
references/governance-discovery.md | Discovering Azure Policy assignments, governance gates |
| Service | Default Region | Reason |
|---|---|---|
| All resources | swedencentral | Default for HackOps platform |
| Static Web Apps | westeurope | Not available in swedencentral |
| Azure OpenAI | swedencentral | Primary region — verify availability |
| Failover | northeurope | Alternative region |
[!IMPORTANT] These 4 tags are the MINIMUM baseline. Azure Policy in your subscription may enforce additional tags. Always defer to
04-governance-constraints.mdfor the actual required tag list.
| Tag | Required | Example Values |
|---|---|---|
Environment | Yes | dev, staging, prod |
ManagedBy | Yes | Bicep |
Project | Yes | Project identifier |
Owner | Yes | Team or individual name |
Bicep pattern:
tags: {
Environment: environment
ManagedBy: 'Bicep'
Project: projectName
Owner: owner
}
Generate ONCE in main.bicep, pass to ALL modules:
var uniqueSuffix = uniqueString(resourceGroup().id)
| Setting | Value | Applies To |
|---|---|---|
supportsHttpsTrafficOnly | true | Storage accounts |
minimumTlsVersion | 'TLS1_2' | All services |
allowBlobPublicAccess | false | Storage accounts |
publicNetworkAccess | 'Disabled' (prod) | Data services |
| Authentication | Managed Identity | Prefer over keys/strings |
Read references/security-baseline.md for compliance details and industry signals.
| Level | Indicators | Action |
|---|---|---|
| High (80-100%) | All critical info available | Proceed |
| Medium (60-79%) | Some assumptions needed | Document assumptions, ask for critical gaps |
| Low (0-59%) | Major gaps | STOP — request clarification |
| Agent | Primary Research | Skip (Already in Artifacts) |
|---|---|---|
| Requirements | User needs, business context | — |
| Architect | WAF gaps, SKU comparisons, pricing | Service list (from 01) |
| Bicep Plan | AVM availability, governance policies | Architecture decisions (from 02) |
| Bicep Code | AVM schemas, parameter types | Resource list (from 04) — still read governance constraints |
| Deploy | Azure state (what-if), credentials | Template structure (from 05) |
| Rule | Requirement |
|---|---|
| Exact text | Use template H2 text verbatim |
| Exact order | Required H2s appear in template-defined order |
| Anchor rule | Extra sections allowed only AFTER last required H2 |
| No omissions | All template H2s must appear in output |
| Attribution | Include > Generated by {agent} agent | {YYYY-MM-DD} |
All agent outputs go to agent-output/{project}/:
| Step | Output File | Agent |
|---|---|---|
| 1 | 01-requirements.md | Requirements |
| 2 | 02-architecture-assessment.md | Architect |
| 3 | 03-des-*.{py,md} | Design |
| 4 | 04-implementation-plan.md | Bicep Plan |
| 4 | 04-governance-constraints.md | Bicep Plan |
| 4 | 04-preflight-check.md | Bicep Code (pre-flight) |
| 5 | 05-implementation-reference.md | Bicep Code |
| 6 | 06-deployment-summary.md | Deploy |
| 7 | 07-*.md (7 documents) | azure-artifacts skill |
# Step {N}: {Title} - {project-name}
> Generated by {agent} agent | {YYYY-MM-DD}
Before completing any agent task, verify:
agent-output/{project}/Creates Azure Architecture Decision Records (ADRs) with WAF mapping, alternatives, consequences, and implementation guidance; use for architecture decision documentation requests.
Defines canonical artifact templates, H2 structures, and documentation styling rules for agent outputs (Steps 1-7); use for artifact generation, formatting, and template compliance.
Azure resource troubleshooting patterns including KQL templates, metric thresholds, health checks, and remediation playbooks. Use when diagnosing unhealthy Azure resources or building diagnostic workflows.
Maintains repository documentation accuracy and freshness; use for doc updates, agent or skill changes, staleness checks, changelog entries, and repo explanation requests.
Handles GitHub issues, pull requests, repositories, Actions, releases, and API tasks using MCP-first workflows with gh CLI fallback for advanced operations.
HackOps platform business rules, role matrix, lifecycle states, and scoring invariants. Use when building API routes, writing tests, or validating business logic for the HackOps hackathon management platform. Keywords: hackathon, team, coach, hacker, admin, rubric, scoring, leaderboard, event code, progression.