// Analyze deployed Azure resource groups and generate detailed Mermaid architecture diagrams showing relationships between resources. Use for post-deployment visualization, understanding existing infrastructure, or documenting live Azure environments.
Onboard a repository, Azure subscription(s), and user identity for Git-Ape CI/CD using a skill-driven CLI playbook. Use for first-time setup of OIDC, federated credentials, RBAC, GitHub environments, and required secrets.
Check that all required CLI tools are installed, meet minimum versions, and have active auth sessions. Shows platform-specific install commands for anything missing.
Estimate monthly costs for Azure resources by querying the Azure Retail Prices API. Parses ARM templates to identify resources, SKUs, and regions, then looks up real retail pricing. Produces a per-resource cost breakdown with monthly totals. Use during template generation or when user asks about costs.
Run preflight validation on ARM templates before deployment. Performs what-if analysis, permission checks, and generates a structured report with resource changes (create/modify/delete). Use before any deployment to preview changes and catch issues early.
Detect configuration drift between deployed Azure resources and stored deployment state. Compare actual Azure configuration against desired state in .azure/deployments/, identify differences, and guide user through reconciliation options. Use when checking for manual changes, policy remediations, or unauthorized modifications.
Run post-deployment integration tests for Azure resources. Verify Function Apps, Storage Accounts, Databases, App Services are healthy and accessible. Use after successful Azure deployment.
| name | azure-resource-visualizer |
| description | Analyze deployed Azure resource groups and generate detailed Mermaid architecture diagrams showing relationships between resources. Use for post-deployment visualization, understanding existing infrastructure, or documenting live Azure environments. |
| argument-hint | Resource group name to visualize |
| user-invocable | true |
Analyze deployed Azure resource groups and generate comprehensive Mermaid architecture diagrams showing resource relationships, configurations, and data flows.
Adapted from github/awesome-copilot azure-resource-visualizer skill.
If not specified, list available resource groups:
az group list \
--query "[].{Name:name, Location:location, Tags:tags}" \
--output table
Present a numbered list and ask the user to select.
Query all resources in the selected resource group:
az resource list \
--resource-group {rg-name} \
--query "[].{Name:name, Type:type, Location:location, SKU:sku.name, Kind:kind}" \
--output json
For each resource, gather details:
Identify connections between resources:
| Relationship Type | How to Detect |
|---|---|
| Network | VNet peering, subnet assignments, NSG rules, private endpoints |
| Data flow | App → Database connection strings, Function → Storage bindings |
| Identity | Managed identity role assignments |
| Configuration | App Settings referencing Key Vault, instrumentation keys |
| Dependencies | Parent-child relationships (SQL Server → Database) |
Create a detailed diagram using graph TB or graph LR:
graph TB
subgraph "Resource Group: rg-webapp-prod-eastus"
subgraph "Compute Layer"
APP["🌐 app-webapp-prod-eastus<br/>Plan: B1 Basic"]
FUNC["⚡ func-api-prod-eastus<br/>Runtime: Python 3.11"]
end
subgraph "Data Layer"
SQL["🗄️ sql-webapp-prod-eastus<br/>Tier: Standard S1"]
STORAGE["💾 stwebappprod8k3m<br/>Standard LRS"]
end
subgraph "Monitoring & Security"
APPI["📊 appi-webapp-prod-eastus"]
KV["🔑 kv-webapp-prod-eus"]
end
end
Internet["🌐 Internet"] --> APP
APP -->|"connection string"| SQL
APP -->|"blob storage"| STORAGE
APP -.->|"instrumentation key"| APPI
FUNC -->|"trigger"| STORAGE
FUNC -.->|"instrumentation key"| APPI
APP -->|"secrets"| KV
FUNC -->|"secrets"| KV
classDef internet fill:#e0e7ff,stroke:#4338ca,color:#1e1b4b
classDef compute fill:#dbeafe,stroke:#1f6feb,stroke-width:2px,color:#0b3d91
classDef data fill:#dcfce7,stroke:#15803d,color:#14532d
classDef storage fill:#fef3c7,stroke:#92400e,color:#78350f
classDef monitor fill:#ede9fe,stroke:#7c3aed,color:#4c1d95
classDef secret fill:#fde68a,stroke:#b45309,stroke-width:2px,color:#7c2d12
class Internet internet
class APP,FUNC compute
class SQL data
class STORAGE storage
class APPI monitor
class KV secret
Diagram Rules:
<br/>--> for data flow/dependencies, -.-> for optional/monitoring, ==> for critical pathssubgraph for logical groupingGenerate a markdown file named {rg-name}-architecture.md:
# Architecture: {rg-name}
**Subscription:** {subscription-name}
**Region:** {location}
**Analyzed:** {timestamp}
## Overview
{2-3 paragraph summary of the architecture}
## Architecture Diagram
{mermaid diagram}
## Resource Inventory
| # | Resource | Type | SKU | Location | Tags |
|---|----------|------|-----|----------|------|
| 1 | app-webapp-prod | App Service | B1 | East US | env=prod |
| 2 | sql-webapp-prod | SQL Server | S1 | East US | env=prod |
| ... | ... | ... | ... | ... | ... |
## Relationships
| Source | Target | Connection Type | Details |
|--------|--------|-----------------|---------|
| App Service | SQL Server | Connection String | SQL authentication |
| App Service | Storage | Blob Access | Managed Identity |
| Function App | Storage | Queue Trigger | Storage binding |
## Notes
- {observations about the architecture}
- {potential improvements}
- {security considerations}
.azure/deployments/{id}/architecture-live.mddocs/ folderPost-deployment visualization:
Deployment succeeds → /azure-resource-visualizer {rg-name} → Live architecture diagram
Drift detection enhancement:
/azure-drift-detector detects drift → /azure-resource-visualizer → Compare expected vs actual diagram
Import workflow:
/azure-iac-exporter imports resources → /azure-resource-visualizer → Document imported architecture