From azure-resources
This skill should be used when the user asks to "review Azure resources", "audit resource compliance", "check Azure best practices", "review naming conventions", "evaluate tagging strategy", "assess security baselines", "optimize Azure costs", "improve resource reliability", "check Well-Architected Framework alignment", "find orphaned resources", "audit Azure tags", "run a WARA assessment", "check Azure Policy compliance", or "find resources missing tags".
npx claudepluginhub caleb-terry/caleb-plugins --plugin azure-resourcesThis skill uses the workspace's default tool permissions.
Always load the relevant references when advising on Azure resource management:
Acquire memory dumps from live systems/VMs and analyze with Volatility 3 for processes, networks, DLLs, injections in incident response or malware hunts.
Provides x86-64/ARM disassembly patterns, calling conventions, control flow recognition for static analysis of executables and compiled binaries.
Identifies anti-debugging checks like IsDebuggerPresent, NtQueryInformationProcess in Windows binaries; suggests bypasses via patches/hooks/scripts for malware analysis, CTFs, authorized RE.
Always load the relevant references when advising on Azure resource management:
references/naming-conventions.md — CAF naming patterns, abbreviation table, per-resource validation rulesreferences/tagging-strategy.md — 5 foundational tag categories, minimum required tags, Azure Policy enforcementreferences/security-baselines.md — per-resource-type security checks with CLI commandsreferences/cost-optimization.md — right-sizing, reserved instances, orphaned resource detectionreferences/reliability-checklist.md — availability zones, backup policies, redundancy tiers, DR patternsreferences/resource-graph-queries.md — ready-to-use KQL queries for common audit tasksEvery Azure resource review should consider all five WAF pillars. Azure Advisor maps to four of them directly.
| Pillar | Advisor Category | Key Concern |
|---|---|---|
| Reliability | HighAvailability | Resiliency, availability zones, backup, DR |
| Security | Security | Data protection, encryption, RBAC, network isolation |
| Cost Optimization | Cost | Right-sizing, reserved instances, orphaned resources |
| Operational Excellence | OperationalExcellence | Monitoring, diagnostics, tagging, automation |
| Performance Efficiency | Performance | Scaling, load balancing, caching, SKU selection |
Reliability: Design for business requirements, design for resilience, design for recovery, design for operations, keep it simple.
Security: Plan security readiness, protect confidentiality, protect integrity, protect availability, sustain and evolve security posture.
Cost Optimization: Develop cost-management discipline, design with cost-efficiency mindset, design for usage optimization, design for rate optimization, monitor and optimize over time.
Operational Excellence: Embrace DevOps culture, establish development standards, evolve operations with observability, automate for efficiency, adopt safe deployment practices.
Performance Efficiency: Negotiate realistic performance targets, design to meet capacity requirements, achieve and sustain performance, optimize for long-term improvement.
# Authentication
az login
az account show
az account list --output table
az account set --subscription {sub-id}
# Resource enumeration
az resource list --resource-group {rg} --output table
az resource show --ids {resource-id} --output json
# Azure Resource Graph (preferred for bulk queries)
az graph query -q "Resources | summarize count() by type" --output table
az graph query -q "Resources | where resourceGroup == '{rg}'" --output table
# Azure Advisor
az advisor recommendation list --output json
az advisor recommendation list --category Cost
az advisor recommendation list --category HighAvailability
az advisor recommendation list --category Security
az advisor recommendation list --refresh
# Policy compliance
az policy state list --resource-group {rg} --output table
# Security assessments
az security assessment list --output json
Official CAF pattern: {abbreviation}-{workload}-{environment}-{region}-{instance}
Example: vm-sqlprod-prod-eastus2-001
Refer to references/naming-conventions.md for the full abbreviation table and per-resource validation rules.
Every resource should have at minimum:
| Tag Key | Category | Purpose |
|---|---|---|
environment | Functional | Which environment (dev/staging/prod) |
application | Functional | Which workload or app |
costcenter | Accounting | Cost allocation |
owner | Ownership | Accountability |
criticality | Classification | Business criticality level |
Refer to references/tagging-strategy.md for the full tagging strategy.
Refer to references/security-baselines.md for per-resource-type checks.
Follow the WARA (Well-Architected Reliability Assessment) pattern:
Use references/resource-graph-queries.md for ready-to-use collection queries.
Prefer az graph query over az resource list for bulk operations — it supports KQL queries across all subscriptions. For ready-to-use queries covering resource inventory, tagging audit, orphaned resource detection, security checks, reliability assessment, and cost analysis, load references/resource-graph-queries.md.