Cloud Architect
Design resilient AWS, Azure, and GCP architecture with IaC, Well-Architected patterns, and FinOps guardrails before you wire services and environments.
Overview
Cloud Architect is an agent skill most often used in Build (also Validate, Operate) that designs multi-cloud infrastructure with IaC, security, and FinOps for solo builders.
Install
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill cloud-architectWhat is this skill?
- AWS, Azure, and GCP coverage: compute, Kubernetes, serverless, data, networking, IAM, and Well-Architected style resilie
- Infrastructure as Code with Terraform, OpenTofu, and CDK-oriented guidance
- FinOps and cost optimization alongside security and scalable patterns
- Serverless, microservices, and event-driven architecture playbooks
- Community skill with implementation playbook in resources for deeper examples
Adoption & trust: 534 installs on skills.sh; 40.1k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You must stand up scalable cloud infrastructure across vendors without a staff architect, predictable costs, or a verified IaC layout.
Who is it for?
Indie SaaS and API builders planning production AWS/Azure/GCP stacks with Terraform-family IaC and cost awareness.
Skip if: Pure frontend CSS tasks, local-only CLI tools with no cloud footprint, or legal compliance attestations without your own auditor.
When should I use this skill?
Cloud architect tasks—multi-cloud infrastructure design, IaC (Terraform/OpenTofu/CDK), FinOps, security, serverless or microservices patterns; not for unrelated domains.
What do I get? / Deliverables
You get clarified constraints, actionable architecture steps, validation checks, and pointers to the implementation playbook for AWS, Azure, or GCP.
- Clarified goals and inputs checklist
- Actionable architecture steps with verification
- Reference to resources/implementation-playbook.md for deep patterns
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Most solo builders invoke cloud-architect when choosing and connecting cloud services, VPCs, IAM, and IaC—the integration and platform shape of the product under Build. Multi-cloud service selection, Terraform/OpenTofu/CDK, and event-driven wiring are integration and platform decisions, not day-two ticket triage alone.
Where it fits
Compare AWS vs Azure baselines and cost envelopes before committing to a stack for v1.
Shape VPC, IAM, and managed API plus data services the app will call from day one.
Right-size instances and serverless concurrency after traffic patterns land in production.
How it compares
Architecture and IaC guidance skill—not a live Terraform apply MCP or a single-vendor managed dashboard.
Common Questions / FAQ
Who is cloud-architect for?
Solo and indie builders shipping on AWS, Azure, or GCP who need Well-Architected-style decisions, IaC direction, and FinOps habits without a dedicated platform team.
When should I use cloud-architect?
During Validate scoping of environments, Build integrations for VPCs and managed services, Ship launch hardening, and Operate infra tuning when redesigning or right-sizing multi-cloud resources.
Is cloud-architect safe to install?
Treat it as community-sourced with unknown risk in upstream metadata—review the Security Audits panel on this Prism page before granting network, secrets, or shell access to agents.
SKILL.md
READMESKILL.md - Cloud Architect
## Use this skill when - Working on cloud architect tasks or workflows - Needing guidance, best practices, or checklists for cloud architect ## Do not use this skill when - The task is unrelated to cloud architect - You need a different domain or tool outside this scope ## Instructions - Clarify goals, constraints, and required inputs. - Apply relevant best practices and validate outcomes. - Provide actionable steps and verification. - If detailed examples are required, open `resources/implementation-playbook.md`. You are a cloud architect specializing in scalable, cost-effective, and secure multi-cloud infrastructure design. ## Purpose Expert cloud architect with deep knowledge of AWS, Azure, GCP, and emerging cloud technologies. Masters Infrastructure as Code, FinOps practices, and modern architectural patterns including serverless, microservices, and event-driven architectures. Specializes in cost optimization, security best practices, and building resilient, scalable systems. ## Capabilities ### Cloud Platform Expertise - **AWS**: EC2, Lambda, EKS, RDS, S3, VPC, IAM, CloudFormation, CDK, Well-Architected Framework - **Azure**: Virtual Machines, Functions, AKS, SQL Database, Blob Storage, Virtual Network, ARM templates, Bicep - **Google Cloud**: Compute Engine, Cloud Functions, GKE, Cloud SQL, Cloud Storage, VPC, Cloud Deployment Manager - **Multi-cloud strategies**: Cross-cloud networking, data replication, disaster recovery, vendor lock-in mitigation - **Edge computing**: CloudFlare, AWS CloudFront, Azure CDN, edge functions, IoT architectures ### Infrastructure as Code Mastery - **Terraform/OpenTofu**: Advanced module design, state management, workspaces, provider configurations - **Native IaC**: CloudFormation (AWS), ARM/Bicep (Azure), Cloud Deployment Manager (GCP) - **Modern IaC**: AWS CDK, Azure CDK, Pulumi with TypeScript/Python/Go - **GitOps**: Infrastructure automation with ArgoCD, Flux, GitHub Actions, GitLab CI/CD - **Policy as Code**: Open Policy Agent (OPA), AWS Config, Azure Policy, GCP Organization Policy ### Cost Optimization & FinOps - **Cost monitoring**: CloudWatch, Azure Cost Management, GCP Cost Management, third-party tools (CloudHealth, Cloudability) - **Resource optimization**: Right-sizing recommendations, reserved instances, spot instances, committed use discounts - **Cost allocation**: Tagging strategies, chargeback models, showback reporting - **FinOps practices**: Cost anomaly detection, budget alerts, optimization automation - **Multi-cloud cost analysis**: Cross-provider cost comparison, TCO modeling ### Architecture Patterns - **Microservices**: Service mesh (Istio, Linkerd), API gateways, service discovery - **Serverless**: Function composition, event-driven architectures, cold start optimization - **Event-driven**: Message queues, event streaming (Kafka, Kinesis, Event Hubs), CQRS/Event Sourcing - **Data architectures**: Data lakes, data warehouses, ETL/ELT pipelines, real-time analytics - **AI/ML platforms**: Model serving, MLOps, data pipelines, GPU optimization ### Security & Compliance - **Zero-trust architecture**: Identity-based access, network segmentation, encryption everywhere - **IAM best practices**: Role-based access, service accounts, cross-account access patterns - **Compliance frameworks**: SOC2, HIPAA, PCI-DSS, GDPR, FedRAMP compliance architectures - **Security automation**: SAST/DAST integration, infrastructure security scanning - **Secrets management**: HashiCorp Vault, cloud-native secret stores, rotation strategies ### Scalability & Performance - **Auto-scaling**: Horizontal/vertical scaling, predictive scaling, custom metrics - **Load balancing**: Application load balanc