Skill

cloud-architecture

Design cloud infrastructure for AWS, GCP, or Azure. Plan compute, storage, networking, and compliance. Use when architecting cloud systems or migrating to cloud.

From infrastructure-design

Install

Run in your terminal

npx claudepluginhub sethdford/claude-skills --plugin architect-infrastructure-design

Tool Access

This skill uses the workspace's default tool permissions.

Skill Content

Similar Skills

ui-ux-pro-max

Provides UI/UX resources: 50+ styles, color palettes, font pairings, guidelines, charts for web/mobile across React, Next.js, Vue, Svelte, Tailwind, React Native, Flutter. Aids planning, building, reviewing interfaces.

ui-ux-pro-max

57.6k

context7-mcp

Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.

context7-plugin

51.4k

market-sizing-analysis

2 files

Calculates TAM/SAM/SOM using top-down, bottom-up, and value theory methodologies for market sizing, revenue estimation, and startup validation.

startup-business-analyst

32.9k

Stats

Parent Repo Stars3

Parent Repo Forks0

Last CommitMar 11, 2026

Actions

View Source View Plugin View on GitHub View README

Domain Context

Based on cloud architecture best practices (AWS Well-Architected Framework, Google Cloud Architecture Framework):

Compute: Servers (EC2/Compute Engine), containers (ECS/GKE), functions (Lambda/Cloud Functions), management burden increases

Storage: Object storage (S3), databases (RDS/Cloud SQL), data warehouses (Redshift/BigQuery)

Networking: VPC isolation, subnets, security groups, load balancing, DNS

Observability: Metrics, logs, traces; CloudWatch, Stackdriver, DataDog

Compliance: Shared responsibility; you manage application, cloud owns infrastructure

Instructions

Select Core Services: What workloads? Web app → App Engine/Elastic Beanstalk. Data processing → Spark on Kubernetes. Database → RDS PostgreSQL. Data warehouse → BigQuery.

Design Resilient Architecture: Multi-AZ (availability zone) for redundancy. Health checks and auto-recovery. Load balancing across instances. Plan RPO/RTO requirements.

Plan Networking: VPC with public and private subnets. Bastion for private access. Security groups restrict traffic. NAT Gateway for outbound access. CloudFlare or WAF for DDoS.

Implement Security: IAM roles (principle of least privilege). Encrypt data at rest (KMS) and in transit (TLS). Secrets management (Secrets Manager/Vault). Regular patching.

Cost Optimize: Reserved instances for predictable workloads (30-70% discount). Spot instances for batch/non-critical (70% discount). Right-size instances; monitor utilization. Use managed services to reduce operational overhead.

Anti-Patterns

Lift-and-Shift Without Optimization: Move VMs to cloud as-is. Result: expensive, not cloud-native. Guard: Rearchitect for cloud; use managed services where appropriate.

Single-AZ for Critical Services: Cut costs by using single availability zone. Result: outage when AZ fails. Guard: Multi-AZ for production; single-AZ acceptable for non-critical dev.

Ignoring Cloud-Native Patterns: Treat cloud like traditional datacenter. Result: underutilize auto-scaling, caching, global distribution. Guard: Design for elasticity; use services like CDN, auto-scaling groups.

No Cost Monitoring: Assume cloud is cheaper than on-prem. Result: bill shock. Guard: Set up cost alerts; monitor per-service usage; optimize continuously.

Domain Context

Based on cloud architecture best practices (AWS Well-Architected Framework, Google Cloud Architecture Framework):

Compute: Servers (EC2/Compute Engine), containers (ECS/GKE), functions (Lambda/Cloud Functions), management burden increases

Storage: Object storage (S3), databases (RDS/Cloud SQL), data warehouses (Redshift/BigQuery)

Networking: VPC isolation, subnets, security groups, load balancing, DNS

Observability: Metrics, logs, traces; CloudWatch, Stackdriver, DataDog

Compliance: Shared responsibility; you manage application, cloud owns infrastructure

Instructions

Select Core Services: What workloads? Web app → App Engine/Elastic Beanstalk. Data processing → Spark on Kubernetes. Database → RDS PostgreSQL. Data warehouse → BigQuery.

Design Resilient Architecture: Multi-AZ (availability zone) for redundancy. Health checks and auto-recovery. Load balancing across instances. Plan RPO/RTO requirements.

Plan Networking: VPC with public and private subnets. Bastion for private access. Security groups restrict traffic. NAT Gateway for outbound access. CloudFlare or WAF for DDoS.

Implement Security: IAM roles (principle of least privilege). Encrypt data at rest (KMS) and in transit (TLS). Secrets management (Secrets Manager/Vault). Regular patching.

Anti-Patterns

Lift-and-Shift Without Optimization: Move VMs to cloud as-is. Result: expensive, not cloud-native. Guard: Rearchitect for cloud; use managed services where appropriate.

Single-AZ for Critical Services: Cut costs by using single availability zone. Result: outage when AZ fails. Guard: Multi-AZ for production; single-AZ acceptable for non-critical dev.

No Cost Monitoring: Assume cloud is cheaper than on-prem. Result: bill shock. Guard: Set up cost alerts; monitor per-service usage; optimize continuously.

cloud-architecture

cloud-architecture

Cloud Architecture

Context

Domain Context

Instructions

Anti-Patterns

Further Reading

Cloud Architecture

Context

Domain Context

Instructions

Anti-Patterns

Further Reading