ai-playbook 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +146 -0
- package/agents/README.md +168 -0
- package/agents/SKILL.md +633 -0
- package/agents/architect/AGENT.md +44 -0
- package/agents/architect/README.md +5 -0
- package/agents/coder/AGENT.md +43 -0
- package/agents/coder/README.md +5 -0
- package/agents/debugger/AGENT.md +42 -0
- package/agents/debugger/README.md +6 -0
- package/agents/devops/AGENT.md +43 -0
- package/agents/devops/README.md +5 -0
- package/agents/documentation/AGENT.md +45 -0
- package/agents/documentation/README.md +5 -0
- package/agents/examples.md +550 -0
- package/agents/performance/AGENT.md +45 -0
- package/agents/performance/README.md +6 -0
- package/agents/planner/AGENT.md +44 -0
- package/agents/planner/README.md +6 -0
- package/agents/product-owner/AGENT.md +46 -0
- package/agents/product-owner/README.md +6 -0
- package/agents/refactorer/AGENT.md +44 -0
- package/agents/refactorer/README.md +6 -0
- package/agents/release-manager/AGENT.md +45 -0
- package/agents/release-manager/README.md +6 -0
- package/agents/researcher/AGENT.md +44 -0
- package/agents/researcher/README.md +6 -0
- package/agents/reviewer/AGENT.md +43 -0
- package/agents/reviewer/README.md +6 -0
- package/agents/security/AGENT.md +46 -0
- package/agents/security/README.md +6 -0
- package/agents/support/AGENT.md +45 -0
- package/agents/support/README.md +6 -0
- package/agents/tester/AGENT.md +46 -0
- package/agents/tester/README.md +5 -0
- package/bin/cli.js +186 -0
- package/commands/README.md +266 -0
- package/commands/build.md +135 -0
- package/commands/clean.md +126 -0
- package/commands/deploy-prod.md +171 -0
- package/commands/deploy-staging.md +147 -0
- package/commands/deps.md +169 -0
- package/commands/dev.md +132 -0
- package/commands/format.md +142 -0
- package/commands/lint.md +125 -0
- package/commands/migrate.md +159 -0
- package/commands/release.md +183 -0
- package/commands/rollback.md +152 -0
- package/commands/seed.md +178 -0
- package/commands/setup.md +109 -0
- package/commands/test.md +134 -0
- package/commands/validate.md +147 -0
- package/context/README.md +7 -0
- package/context/aem.md +47 -0
- package/context/architecture.md +51 -0
- package/context/bullminder.md +57 -0
- package/context/coding-style.md +42 -0
- package/context/communication.md +53 -0
- package/context/company.md +46 -0
- package/context/engineering.md +63 -0
- package/context/project-template.md +71 -0
- package/context/trading.md +52 -0
- package/hooks/README.md +326 -0
- package/hooks/code-review/README.md +6 -0
- package/hooks/code-review/check-coverage.md +101 -0
- package/hooks/custom/README.md +6 -0
- package/hooks/custom/project-specific-hooks.md +273 -0
- package/hooks/deployment/README.md +6 -0
- package/hooks/deployment/health-check.md +102 -0
- package/hooks/deployment/pre-deploy-check.md +84 -0
- package/hooks/documentation/README.md +6 -0
- package/hooks/documentation/update-changelog.md +146 -0
- package/hooks/post-task/README.md +5 -0
- package/hooks/post-task/run-tests.md +61 -0
- package/hooks/pre-commit/README.md +6 -0
- package/hooks/pre-commit/format.md +63 -0
- package/hooks/pre-commit/lint.md +62 -0
- package/hooks/pre-commit/type-check.md +78 -0
- package/hooks/pre-task/README.md +6 -0
- package/hooks/pre-task/check-branch.md +48 -0
- package/hooks/pre-task/validate-environment.md +48 -0
- package/hooks/security-check/README.md +6 -0
- package/hooks/security-check/dependency-audit.md +85 -0
- package/hooks/security-check/secrets-scan.md +77 -0
- package/hooks/test-before-finish/README.md +6 -0
- package/hooks/test-before-finish/run-all-tests.md +128 -0
- package/index.js +69 -0
- package/knowledge/README.md +33 -0
- package/knowledge/ai-agents.md +74 -0
- package/knowledge/decision-making.md +73 -0
- package/knowledge/documentation.md +67 -0
- package/knowledge/engineering-principles.md +65 -0
- package/knowledge/product-discovery.md +68 -0
- package/knowledge/security-privacy.md +54 -0
- package/knowledge/testing-quality.md +63 -0
- package/package.json +63 -0
- package/patterns/README.md +7 -0
- package/prompts/README.md +208 -0
- package/prompts/architect/README.md +96 -0
- package/prompts/architect/design-system.md +140 -0
- package/prompts/debugger/README.md +96 -0
- package/prompts/debugger/diagnose-issue.md +141 -0
- package/prompts/developer/README.md +129 -0
- package/prompts/developer/fix-bug.md +136 -0
- package/prompts/developer/implement-feature.md +133 -0
- package/prompts/product-owner/README.md +116 -0
- package/prompts/product-owner/define-feature.md +145 -0
- package/prompts/reviewer/README.md +91 -0
- package/prompts/reviewer/code-review.md +129 -0
- package/prompts/support/README.md +154 -0
- package/prompts/support/resolve-issue.md +124 -0
- package/roles/README.md +6 -0
- package/roles/design-architect/README.md +98 -0
- package/roles/design-architect/accessibility/README.md +33 -0
- package/roles/design-architect/accessibility/checklists.md +29 -0
- package/roles/design-architect/accessibility/examples.md +35 -0
- package/roles/design-architect/checklists.md +76 -0
- package/roles/design-architect/component-library/README.md +35 -0
- package/roles/design-architect/component-library/checklists.md +29 -0
- package/roles/design-architect/component-library/examples.md +35 -0
- package/roles/design-architect/design-system/README.md +35 -0
- package/roles/design-architect/design-system/checklists.md +27 -0
- package/roles/design-architect/design-system/examples.md +41 -0
- package/roles/design-architect/examples/README.md +31 -0
- package/roles/design-architect/examples/checklists.md +26 -0
- package/roles/design-architect/examples/examples.md +46 -0
- package/roles/design-architect/examples.md +90 -0
- package/roles/design-architect/figma/README.md +33 -0
- package/roles/design-architect/figma/checklists.md +27 -0
- package/roles/design-architect/figma/examples.md +38 -0
- package/roles/design-architect/responsibilities.md +73 -0
- package/roles/design-architect/responsive/README.md +34 -0
- package/roles/design-architect/responsive/checklists.md +26 -0
- package/roles/design-architect/responsive/examples.md +39 -0
- package/roles/design-architect/role.md +129 -0
- package/roles/design-architect/skill-map.md +42 -0
- package/roles/design-architect/triggers.md +110 -0
- package/roles/design-architect/ui/README.md +36 -0
- package/roles/design-architect/ui/checklists.md +29 -0
- package/roles/design-architect/ui/examples.md +28 -0
- package/roles/design-architect/usability/README.md +34 -0
- package/roles/design-architect/usability/checklists.md +28 -0
- package/roles/design-architect/usability/examples.md +31 -0
- package/roles/design-architect/ux/README.md +36 -0
- package/roles/design-architect/ux/checklists.md +28 -0
- package/roles/design-architect/ux/examples.md +37 -0
- package/roles/design-architect/wireframes/README.md +34 -0
- package/roles/design-architect/wireframes/checklists.md +25 -0
- package/roles/design-architect/wireframes/examples.md +32 -0
- package/roles/design-architect/workflow.md +80 -0
- package/roles/devops/README.md +101 -0
- package/roles/devops/ansible/README.md +6 -0
- package/roles/devops/checklists.md +413 -0
- package/roles/devops/ci-cd/README.md +169 -0
- package/roles/devops/ci-cd/checklists.md +289 -0
- package/roles/devops/ci-cd/examples.md +429 -0
- package/roles/devops/cloud-platforms/README.md +109 -0
- package/roles/devops/cost-optimization/README.md +131 -0
- package/roles/devops/disaster-recovery/README.md +118 -0
- package/roles/devops/docker/README.md +6 -0
- package/roles/devops/examples/README.md +6 -0
- package/roles/devops/examples.md +775 -0
- package/roles/devops/github-actions/README.md +6 -0
- package/roles/devops/helm/README.md +6 -0
- package/roles/devops/infrastructure-as-code/README.md +160 -0
- package/roles/devops/infrastructure-as-code/checklists.md +124 -0
- package/roles/devops/jenkins/README.md +6 -0
- package/roles/devops/kubernetes/README.md +150 -0
- package/roles/devops/kubernetes/checklists.md +192 -0
- package/roles/devops/kubernetes/examples.md +189 -0
- package/roles/devops/monitoring/README.md +93 -0
- package/roles/devops/networking/README.md +83 -0
- package/roles/devops/performance/README.md +104 -0
- package/roles/devops/responsibilities.md +95 -0
- package/roles/devops/role.md +130 -0
- package/roles/devops/security/README.md +126 -0
- package/roles/devops/skill-map.md +162 -0
- package/roles/devops/terraform/README.md +6 -0
- package/roles/devops/triggers.md +241 -0
- package/roles/devops/workflow.md +197 -0
- package/roles/qa/README.md +16 -0
- package/roles/qa/api-testing/README.md +6 -0
- package/roles/qa/automation/README.md +6 -0
- package/roles/qa/checklists.md +24 -0
- package/roles/qa/examples/README.md +6 -0
- package/roles/qa/examples.md +27 -0
- package/roles/qa/performance/README.md +6 -0
- package/roles/qa/playwright/README.md +6 -0
- package/roles/qa/responsibilities.md +16 -0
- package/roles/qa/role.md +47 -0
- package/roles/qa/selenium/README.md +6 -0
- package/roles/qa/skill-map.md +14 -0
- package/roles/qa/triggers.md +10 -0
- package/roles/qa/workflow.md +9 -0
- package/roles/software-architect/README.md +16 -0
- package/roles/software-architect/agents/README.md +6 -0
- package/roles/software-architect/ai-architecture/README.md +6 -0
- package/roles/software-architect/aws/README.md +6 -0
- package/roles/software-architect/azure/README.md +6 -0
- package/roles/software-architect/caching/README.md +6 -0
- package/roles/software-architect/checklists.md +25 -0
- package/roles/software-architect/cloud/README.md +6 -0
- package/roles/software-architect/database-design/README.md +6 -0
- package/roles/software-architect/diagrams/README.md +6 -0
- package/roles/software-architect/distributed-systems/README.md +7 -0
- package/roles/software-architect/docker/README.md +6 -0
- package/roles/software-architect/event-driven/README.md +7 -0
- package/roles/software-architect/examples/README.md +6 -0
- package/roles/software-architect/examples.md +22 -0
- package/roles/software-architect/gcp/README.md +6 -0
- package/roles/software-architect/kubernetes/README.md +6 -0
- package/roles/software-architect/messaging/README.md +6 -0
- package/roles/software-architect/rag/README.md +7 -0
- package/roles/software-architect/responsibilities.md +17 -0
- package/roles/software-architect/role.md +46 -0
- package/roles/software-architect/scalability/README.md +6 -0
- package/roles/software-architect/security/README.md +6 -0
- package/roles/software-architect/skill-map.md +15 -0
- package/roles/software-architect/system-design/README.md +6 -0
- package/roles/software-architect/triggers.md +10 -0
- package/roles/software-architect/vector-db/README.md +6 -0
- package/roles/software-architect/workflow.md +9 -0
- package/roles/software-developer/README.md +116 -0
- package/roles/software-developer/api/README.md +365 -0
- package/roles/software-developer/api/checklist.md +131 -0
- package/roles/software-developer/api/examples.md +459 -0
- package/roles/software-developer/authentication/README.md +26 -0
- package/roles/software-developer/authentication/checklists.md +22 -0
- package/roles/software-developer/authentication/examples.md +32 -0
- package/roles/software-developer/authorization/README.md +26 -0
- package/roles/software-developer/authorization/checklists.md +21 -0
- package/roles/software-developer/authorization/examples.md +27 -0
- package/roles/software-developer/backend/README.md +26 -0
- package/roles/software-developer/backend/checklists.md +21 -0
- package/roles/software-developer/backend/examples.md +21 -0
- package/roles/software-developer/cache/README.md +25 -0
- package/roles/software-developer/cache/checklists.md +21 -0
- package/roles/software-developer/cache/examples.md +22 -0
- package/roles/software-developer/checklists.md +122 -0
- package/roles/software-developer/code-review/README.md +23 -0
- package/roles/software-developer/code-review/checklists.md +22 -0
- package/roles/software-developer/code-review/examples.md +20 -0
- package/roles/software-developer/database/README.md +27 -0
- package/roles/software-developer/database/checklists.md +21 -0
- package/roles/software-developer/database/examples.md +27 -0
- package/roles/software-developer/debugging/README.md +24 -0
- package/roles/software-developer/debugging/checklists.md +20 -0
- package/roles/software-developer/debugging/examples.md +28 -0
- package/roles/software-developer/examples/README.md +22 -0
- package/roles/software-developer/examples/checklists.md +8 -0
- package/roles/software-developer/examples/examples.md +25 -0
- package/roles/software-developer/examples.md +378 -0
- package/roles/software-developer/frontend/README.md +76 -0
- package/roles/software-developer/frontend/accessibility/README.md +136 -0
- package/roles/software-developer/frontend/accessibility/best-practices.md +368 -0
- package/roles/software-developer/frontend/code-quality/README.md +136 -0
- package/roles/software-developer/frontend/code-quality/best-practices.md +309 -0
- package/roles/software-developer/frontend/components/README.md +65 -0
- package/roles/software-developer/frontend/components/best-practices.md +273 -0
- package/roles/software-developer/frontend/debugging/README.md +149 -0
- package/roles/software-developer/frontend/debugging/best-practices.md +329 -0
- package/roles/software-developer/frontend/examples/README.md +19 -0
- package/roles/software-developer/frontend/examples/checklists.md +8 -0
- package/roles/software-developer/frontend/examples/examples.md +17 -0
- package/roles/software-developer/frontend/logging-observability/README.md +196 -0
- package/roles/software-developer/frontend/logging-observability/best-practices.md +430 -0
- package/roles/software-developer/frontend/performance/README.md +99 -0
- package/roles/software-developer/frontend/performance/best-practices.md +350 -0
- package/roles/software-developer/frontend/state-management/README.md +85 -0
- package/roles/software-developer/frontend/state-management/best-practices.md +344 -0
- package/roles/software-developer/frontend/testing/README.md +114 -0
- package/roles/software-developer/frontend/testing/best-practices.md +272 -0
- package/roles/software-developer/fullstack/README.md +25 -0
- package/roles/software-developer/fullstack/checklists.md +19 -0
- package/roles/software-developer/fullstack/examples.md +14 -0
- package/roles/software-developer/graphql/README.md +24 -0
- package/roles/software-developer/graphql/checklists.md +20 -0
- package/roles/software-developer/graphql/examples.md +24 -0
- package/roles/software-developer/integration-tests/README.md +25 -0
- package/roles/software-developer/integration-tests/checklists.md +20 -0
- package/roles/software-developer/integration-tests/examples.md +18 -0
- package/roles/software-developer/java/README.md +24 -0
- package/roles/software-developer/java/checklists.md +16 -0
- package/roles/software-developer/java/examples.md +22 -0
- package/roles/software-developer/javascript/README.md +24 -0
- package/roles/software-developer/javascript/checklists.md +15 -0
- package/roles/software-developer/javascript/examples.md +18 -0
- package/roles/software-developer/logging/README.md +105 -0
- package/roles/software-developer/logging/checklists.md +48 -0
- package/roles/software-developer/logging/examples.md +135 -0
- package/roles/software-developer/messaging/README.md +24 -0
- package/roles/software-developer/messaging/checklists.md +21 -0
- package/roles/software-developer/messaging/examples.md +26 -0
- package/roles/software-developer/microservices/README.md +25 -0
- package/roles/software-developer/microservices/checklists.md +21 -0
- package/roles/software-developer/microservices/examples.md +21 -0
- package/roles/software-developer/node/README.md +25 -0
- package/roles/software-developer/node/checklists.md +15 -0
- package/roles/software-developer/node/examples.md +15 -0
- package/roles/software-developer/nosql/README.md +24 -0
- package/roles/software-developer/nosql/checklists.md +21 -0
- package/roles/software-developer/nosql/examples.md +20 -0
- package/roles/software-developer/observability/README.md +25 -0
- package/roles/software-developer/observability/checklists.md +21 -0
- package/roles/software-developer/observability/examples.md +22 -0
- package/roles/software-developer/performance/README.md +26 -0
- package/roles/software-developer/performance/checklists.md +20 -0
- package/roles/software-developer/performance/examples.md +20 -0
- package/roles/software-developer/python/README.md +25 -0
- package/roles/software-developer/python/checklists.md +15 -0
- package/roles/software-developer/python/examples.md +17 -0
- package/roles/software-developer/react/README.md +24 -0
- package/roles/software-developer/react/checklists.md +15 -0
- package/roles/software-developer/react/examples.md +22 -0
- package/roles/software-developer/refactoring/README.md +23 -0
- package/roles/software-developer/refactoring/checklists.md +21 -0
- package/roles/software-developer/refactoring/examples.md +11 -0
- package/roles/software-developer/responsibilities.md +58 -0
- package/roles/software-developer/role.md +127 -0
- package/roles/software-developer/skill-map.md +88 -0
- package/roles/software-developer/springboot/README.md +25 -0
- package/roles/software-developer/springboot/checklists.md +15 -0
- package/roles/software-developer/springboot/examples.md +21 -0
- package/roles/software-developer/sql/README.md +24 -0
- package/roles/software-developer/sql/checklists.md +22 -0
- package/roles/software-developer/sql/examples.md +20 -0
- package/roles/software-developer/testing/README.md +25 -0
- package/roles/software-developer/testing/checklists.md +21 -0
- package/roles/software-developer/testing/examples.md +19 -0
- package/roles/software-developer/triggers.md +550 -0
- package/roles/software-developer/typescript/README.md +25 -0
- package/roles/software-developer/typescript/checklists.md +15 -0
- package/roles/software-developer/typescript/examples.md +18 -0
- package/roles/software-developer/unit-tests/README.md +24 -0
- package/roles/software-developer/unit-tests/checklists.md +19 -0
- package/roles/software-developer/unit-tests/examples.md +22 -0
- package/roles/software-developer/workflow.md +196 -0
- package/roles/sre/README.md +16 -0
- package/roles/sre/alerts/README.md +6 -0
- package/roles/sre/availability/README.md +6 -0
- package/roles/sre/chaos/README.md +6 -0
- package/roles/sre/checklists.md +24 -0
- package/roles/sre/examples/README.md +6 -0
- package/roles/sre/examples.md +19 -0
- package/roles/sre/observability/README.md +6 -0
- package/roles/sre/reliability/README.md +6 -0
- package/roles/sre/responsibilities.md +16 -0
- package/roles/sre/role.md +46 -0
- package/roles/sre/skill-map.md +14 -0
- package/roles/sre/slos/README.md +6 -0
- package/roles/sre/triggers.md +10 -0
- package/roles/sre/workflow.md +9 -0
- package/roles/support-engineer/README.md +16 -0
- package/roles/support-engineer/checklists.md +24 -0
- package/roles/support-engineer/datadog/README.md +6 -0
- package/roles/support-engineer/examples/README.md +6 -0
- package/roles/support-engineer/examples.md +17 -0
- package/roles/support-engineer/incident-response/README.md +6 -0
- package/roles/support-engineer/kubernetes/README.md +6 -0
- package/roles/support-engineer/linux/README.md +6 -0
- package/roles/support-engineer/logs/README.md +6 -0
- package/roles/support-engineer/monitoring/README.md +6 -0
- package/roles/support-engineer/networking/README.md +6 -0
- package/roles/support-engineer/newrelic/README.md +6 -0
- package/roles/support-engineer/postmortem/README.md +6 -0
- package/roles/support-engineer/production/README.md +6 -0
- package/roles/support-engineer/responsibilities.md +16 -0
- package/roles/support-engineer/role.md +47 -0
- package/roles/support-engineer/root-cause-analysis/README.md +6 -0
- package/roles/support-engineer/runbooks/README.md +6 -0
- package/roles/support-engineer/skill-map.md +14 -0
- package/roles/support-engineer/splunk/README.md +6 -0
- package/roles/support-engineer/triggers.md +10 -0
- package/roles/support-engineer/troubleshooting/README.md +6 -0
- package/roles/support-engineer/workflow.md +9 -0
- package/setup.sh +204 -0
- package/skills/.claude/README.md +7 -0
- package/skills/README.md +21 -0
- package/skills/ai-agents/README.md +207 -0
- package/skills/ai-agents/examples.md +335 -0
- package/skills/ai-agents/skill.md +392 -0
- package/skills/architecture/README.md +198 -0
- package/skills/architecture/examples.md +316 -0
- package/skills/architecture/skill.md +189 -0
- package/skills/design-architecture/README.md +107 -0
- package/skills/design-architecture/examples.md +84 -0
- package/skills/design-architecture/skill.md +192 -0
- package/skills/devops/README.md +177 -0
- package/skills/devops/examples.md +376 -0
- package/skills/devops/skill.md +210 -0
- package/skills/documentation/README.md +182 -0
- package/skills/documentation/examples.md +364 -0
- package/skills/documentation/skill.md +200 -0
- package/skills/performance/README.md +177 -0
- package/skills/performance/examples.md +376 -0
- package/skills/performance/skill.md +199 -0
- package/skills/qa/README.md +106 -0
- package/skills/qa/examples.md +84 -0
- package/skills/qa/skill.md +384 -0
- package/skills/security/README.md +108 -0
- package/skills/security/examples.md +85 -0
- package/skills/security/skill.md +223 -0
- package/skills/software-development/README.md +239 -0
- package/skills/software-development/assessment.md +0 -0
- package/skills/software-development/checklists.md +0 -0
- package/skills/software-development/examples.md +375 -0
- package/skills/software-development/prompts.md +0 -0
- package/skills/software-development/skill.md +390 -0
- package/skills/software-development/templates/README.md +7 -0
- package/skills/software-development/templates/api-development.md +0 -0
- package/skills/software-development/templates/bug-fix.md +0 -0
- package/skills/software-development/templates/code-review.md +0 -0
- package/skills/software-development/templates/feature-implementation.md +0 -0
- package/skills/software-development/templates/llm-integration.md +0 -0
- package/skills/software-development/templates/performance-review.md +0 -0
- package/skills/software-development/templates/security-review.md +0 -0
- package/skills/software-development/templates/test-generation.md +0 -0
- package/skills/software-development/tools.md +0 -0
- package/skills/software-development/workflows.md +0 -0
- package/skills/sre/README.md +107 -0
- package/skills/sre/examples.md +379 -0
- package/skills/sre/skill.md +256 -0
- package/skills/support-engineering/README.md +107 -0
- package/skills/support-engineering/examples.md +85 -0
- package/skills/support-engineering/skill.md +103 -0
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
# Infrastructure Security Guidance
|
|
2
|
+
|
|
3
|
+
This folder provides guidance for securing cloud infrastructure, hardening systems, and meeting compliance requirements.
|
|
4
|
+
|
|
5
|
+
## Scope
|
|
6
|
+
|
|
7
|
+
Use this guidance when:
|
|
8
|
+
|
|
9
|
+
- Designing secure infrastructure architecture
|
|
10
|
+
- Implementing access controls (IAM, RBAC)
|
|
11
|
+
- Configuring firewalls and network security
|
|
12
|
+
- Managing secrets and credentials
|
|
13
|
+
- Implementing encryption (at rest and in transit)
|
|
14
|
+
- Meeting compliance requirements (SOC2, HIPAA, GDPR, PCI-DSS)
|
|
15
|
+
- Conducting security audits
|
|
16
|
+
|
|
17
|
+
## Core Principles
|
|
18
|
+
|
|
19
|
+
1. **Least Privilege** – Grant minimum necessary permissions
|
|
20
|
+
2. **Defense in Depth** – Multiple layers of security controls
|
|
21
|
+
3. **Assume Breach** – Design for compromise and recovery
|
|
22
|
+
4. **Automation** – Automate security controls and enforcement
|
|
23
|
+
5. **Auditability** – Log and track security-relevant actions
|
|
24
|
+
6. **Compliance** – Meet regulatory requirements
|
|
25
|
+
|
|
26
|
+
## Access Control
|
|
27
|
+
|
|
28
|
+
### Identity Management
|
|
29
|
+
- Users provisioned with appropriate roles
|
|
30
|
+
- Unused accounts disabled
|
|
31
|
+
- Multi-factor authentication enabled
|
|
32
|
+
- Regular access reviews
|
|
33
|
+
|
|
34
|
+
### Role-Based Access Control (RBAC)
|
|
35
|
+
- Roles defined for specific responsibilities
|
|
36
|
+
- Principle of least privilege applied
|
|
37
|
+
- Roles reviewed and updated regularly
|
|
38
|
+
|
|
39
|
+
### Service Accounts
|
|
40
|
+
- Service accounts used for automation
|
|
41
|
+
- Permissions limited to specific resource
|
|
42
|
+
- Credentials rotated regularly
|
|
43
|
+
- Audit logging enabled
|
|
44
|
+
|
|
45
|
+
## Network Security
|
|
46
|
+
|
|
47
|
+
### Network Segmentation
|
|
48
|
+
- Public, private, and isolated subnets
|
|
49
|
+
- Security groups/NSGs restrict traffic
|
|
50
|
+
- Default deny inbound, allow specific
|
|
51
|
+
- VPCs/vNets for isolation
|
|
52
|
+
|
|
53
|
+
### Data in Transit
|
|
54
|
+
- TLS/SSL for all external communication
|
|
55
|
+
- Encryption for inter-service communication
|
|
56
|
+
- Certificate management automated
|
|
57
|
+
- Weak ciphers disabled
|
|
58
|
+
|
|
59
|
+
### DDoS Protection
|
|
60
|
+
- DDoS mitigation service enabled
|
|
61
|
+
- Rate limiting configured
|
|
62
|
+
- Geographic restrictions if applicable
|
|
63
|
+
|
|
64
|
+
## Data Protection
|
|
65
|
+
|
|
66
|
+
### Data at Rest
|
|
67
|
+
- Encryption enabled for storage
|
|
68
|
+
- Customer-managed keys (where appropriate)
|
|
69
|
+
- Key rotation policy implemented
|
|
70
|
+
|
|
71
|
+
### Data Classification
|
|
72
|
+
- Data classified by sensitivity
|
|
73
|
+
- Encryption policy per classification
|
|
74
|
+
- Access controls per classification
|
|
75
|
+
|
|
76
|
+
## Secrets Management
|
|
77
|
+
|
|
78
|
+
- Secrets never hardcoded or committed
|
|
79
|
+
- External secret management (Vault, Secrets Manager)
|
|
80
|
+
- Secrets encrypted at rest
|
|
81
|
+
- Secret rotation policy implemented
|
|
82
|
+
- Secret access audited
|
|
83
|
+
|
|
84
|
+
## Vulnerability Management
|
|
85
|
+
|
|
86
|
+
- Regular security scanning
|
|
87
|
+
- Patch management process
|
|
88
|
+
- Penetration testing (annual or per change)
|
|
89
|
+
- Vulnerability disclosure program
|
|
90
|
+
|
|
91
|
+
## Compliance
|
|
92
|
+
|
|
93
|
+
### SOC2 Type II
|
|
94
|
+
- Security, availability, integrity, confidentiality controls
|
|
95
|
+
- Annual audit required
|
|
96
|
+
- Evidence collection and documentation
|
|
97
|
+
|
|
98
|
+
### HIPAA
|
|
99
|
+
- PHI encryption and access controls
|
|
100
|
+
- Audit logging required
|
|
101
|
+
- Business Associate Agreements
|
|
102
|
+
- Breach notification procedures
|
|
103
|
+
|
|
104
|
+
### GDPR
|
|
105
|
+
- Data privacy by design
|
|
106
|
+
- Data retention policies
|
|
107
|
+
- Right to be forgotten
|
|
108
|
+
- Data breach notification
|
|
109
|
+
|
|
110
|
+
### PCI-DSS
|
|
111
|
+
- Cardholder data protection
|
|
112
|
+
- Network segmentation
|
|
113
|
+
- Access control and monitoring
|
|
114
|
+
|
|
115
|
+
## Incident Response
|
|
116
|
+
|
|
117
|
+
- Incident detection automated
|
|
118
|
+
- Response procedures documented
|
|
119
|
+
- On-call escalation configured
|
|
120
|
+
- Post-incident reviews conducted
|
|
121
|
+
|
|
122
|
+
## Files in This Folder
|
|
123
|
+
|
|
124
|
+
- `README.md` – This file
|
|
125
|
+
- `checklists.md` – Security hardening checklist
|
|
126
|
+
- `examples.md` – Security configuration examples
|
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
# Skill Map
|
|
2
|
+
|
|
3
|
+
This document maps DevOps tasks to the skills and resources that inform how to execute them.
|
|
4
|
+
When working on a particular task, load the relevant skills in this order.
|
|
5
|
+
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
## Core Skills (load for most work)
|
|
9
|
+
|
|
10
|
+
1. **Engineering Context**
|
|
11
|
+
- `context/engineering.md` – Global engineering standards, tooling, culture, and infrastructure norms.
|
|
12
|
+
- Load when starting any infrastructure work.
|
|
13
|
+
|
|
14
|
+
2. **DevOps Fundamentals**
|
|
15
|
+
- `skills/devops/` – Core DevOps practices, CI/CD principles, infrastructure patterns.
|
|
16
|
+
- Load for any infrastructure design, deployment, or automation work.
|
|
17
|
+
|
|
18
|
+
---
|
|
19
|
+
|
|
20
|
+
## Specialized Skills (load based on task)
|
|
21
|
+
|
|
22
|
+
### Cloud Infrastructure & Platforms
|
|
23
|
+
|
|
24
|
+
| Task | Primary Skill | Secondary Skills |
|
|
25
|
+
| --- | --- | --- |
|
|
26
|
+
| Design AWS infrastructure | `skills/cloud/aws/` | `skills/devops/`, `skills/security/` |
|
|
27
|
+
| Design GCP infrastructure | `skills/cloud/gcp/` | `skills/devops/`, `skills/security/` |
|
|
28
|
+
| Design Azure infrastructure | `skills/cloud/azure/` | `skills/devops/`, `skills/security/` |
|
|
29
|
+
| Multi-region or hybrid setup | `roles/devops/cloud-platforms/` | `skills/disaster-recovery/` |
|
|
30
|
+
|
|
31
|
+
### CI/CD & Deployment
|
|
32
|
+
|
|
33
|
+
| Task | Primary Skill | Secondary Skills |
|
|
34
|
+
| --- | --- | --- |
|
|
35
|
+
| GitHub Actions pipeline | `roles/devops/ci-cd/`, GitHub Actions docs | `skills/devops/`, `skills/security/` |
|
|
36
|
+
| GitLab CI pipeline | `roles/devops/ci-cd/`, GitLab CI docs | `skills/devops/`, `skills/security/` |
|
|
37
|
+
| Jenkins pipeline | `roles/devops/ci-cd/`, Jenkins docs | `skills/devops/`, `skills/security/` |
|
|
38
|
+
| Deployment strategy (blue-green, canary) | `roles/devops/ci-cd/` | `skills/devops/` |
|
|
39
|
+
| Container registry & image management | `roles/devops/ci-cd/` | `skills/devops/` |
|
|
40
|
+
|
|
41
|
+
### Kubernetes & Orchestration
|
|
42
|
+
|
|
43
|
+
| Task | Primary Skill | Secondary Skills |
|
|
44
|
+
| --- | --- | --- |
|
|
45
|
+
| Kubernetes cluster setup (EKS, GKE, AKS) | `roles/devops/kubernetes/` | `roles/devops/cloud-platforms/`, `skills/security/` |
|
|
46
|
+
| Kubernetes workload deployment | `roles/devops/kubernetes/` | `roles/devops/infrastructure-as-code/` |
|
|
47
|
+
| Helm chart design & implementation | `roles/devops/kubernetes/`, `roles/devops/infrastructure-as-code/` | `skills/devops/` |
|
|
48
|
+
| Service mesh (Istio, Linkerd) | `roles/devops/kubernetes/` | `roles/devops/networking/` |
|
|
49
|
+
| Kubernetes security (RBAC, network policies) | `roles/devops/security/`, `roles/devops/kubernetes/` | `skills/security/` |
|
|
50
|
+
|
|
51
|
+
### Monitoring, Logging & Observability
|
|
52
|
+
|
|
53
|
+
| Task | Primary Skill | Secondary Skills |
|
|
54
|
+
| --- | --- | --- |
|
|
55
|
+
| Prometheus metrics setup | `roles/devops/monitoring/` | `skills/observability/` |
|
|
56
|
+
| Grafana dashboards | `roles/devops/monitoring/` | `skills/observability/` |
|
|
57
|
+
| ELK stack (Elasticsearch, Logstash, Kibana) | `roles/devops/monitoring/` | `skills/observability/` |
|
|
58
|
+
| Centralized logging (CloudLogging, Splunk) | `roles/devops/monitoring/` | `skills/observability/` |
|
|
59
|
+
| SLO definition & error budgets | `skills/observability/`, `roles/devops/monitoring/` | `skills/devops/` |
|
|
60
|
+
| Alerting & notification rules | `roles/devops/monitoring/` | `skills/observability/` |
|
|
61
|
+
|
|
62
|
+
### Infrastructure-as-Code
|
|
63
|
+
|
|
64
|
+
| Task | Primary Skill | Secondary Skills |
|
|
65
|
+
| --- | --- | --- |
|
|
66
|
+
| Terraform module design | `roles/devops/infrastructure-as-code/` | `skills/devops/` |
|
|
67
|
+
| Terraform state management | `roles/devops/infrastructure-as-code/` | `skills/security/` |
|
|
68
|
+
| CloudFormation templates | `roles/devops/infrastructure-as-code/` | `roles/devops/cloud-platforms/` |
|
|
69
|
+
| Helm charts | `roles/devops/infrastructure-as-code/`, `roles/devops/kubernetes/` | `skills/devops/` |
|
|
70
|
+
| IaC testing & validation | `roles/devops/infrastructure-as-code/` | `skills/testing/` |
|
|
71
|
+
|
|
72
|
+
### Networking & Security
|
|
73
|
+
|
|
74
|
+
| Task | Primary Skill | Secondary Skills |
|
|
75
|
+
| --- | --- | --- |
|
|
76
|
+
| VPC & subnet design | `roles/devops/networking/` | `roles/devops/cloud-platforms/` |
|
|
77
|
+
| Load balancer configuration | `roles/devops/networking/` | `skills/performance/` |
|
|
78
|
+
| DNS & CDN setup | `roles/devops/networking/` | `roles/devops/cloud-platforms/` |
|
|
79
|
+
| Firewall & security group rules | `roles/devops/security/`, `roles/devops/networking/` | `skills/security/` |
|
|
80
|
+
| Secrets management (Vault, Secrets Manager) | `roles/devops/security/` | `skills/security/` |
|
|
81
|
+
| TLS/SSL certificate management | `roles/devops/security/` | `skills/security/` |
|
|
82
|
+
| Infrastructure security hardening | `roles/devops/security/` | `skills/security/` |
|
|
83
|
+
|
|
84
|
+
### Disaster Recovery & High Availability
|
|
85
|
+
|
|
86
|
+
| Task | Primary Skill | Secondary Skills |
|
|
87
|
+
| --- | --- | --- |
|
|
88
|
+
| Backup strategy design | `roles/devops/disaster-recovery/` | `skills/devops/` |
|
|
89
|
+
| RTO/RPO planning | `roles/devops/disaster-recovery/` | `roles/devops/monitoring/` |
|
|
90
|
+
| Multi-region failover | `roles/devops/disaster-recovery/`, `roles/devops/cloud-platforms/` | `roles/devops/networking/` |
|
|
91
|
+
| Disaster recovery testing | `roles/devops/disaster-recovery/` | `skills/testing/` |
|
|
92
|
+
| Business continuity planning | `roles/devops/disaster-recovery/` | `skills/devops/` |
|
|
93
|
+
|
|
94
|
+
### Performance & Cost Optimization
|
|
95
|
+
|
|
96
|
+
| Task | Primary Skill | Secondary Skills |
|
|
97
|
+
| --- | --- | --- |
|
|
98
|
+
| Capacity planning | `roles/devops/performance/` | `skills/performance/` |
|
|
99
|
+
| Infrastructure performance tuning | `roles/devops/performance/` | `skills/performance/` |
|
|
100
|
+
| Auto-scaling configuration | `roles/devops/performance/` | `roles/devops/kubernetes/` |
|
|
101
|
+
| Cost analysis & optimization | `roles/devops/cost-optimization/` | `roles/devops/cloud-platforms/` |
|
|
102
|
+
| Reserved capacity planning | `roles/devops/cost-optimization/` | `skills/devops/` |
|
|
103
|
+
|
|
104
|
+
### Compliance & Auditing
|
|
105
|
+
|
|
106
|
+
| Task | Primary Skill | Secondary Skills |
|
|
107
|
+
| --- | --- | --- |
|
|
108
|
+
| SOC2 compliance | `roles/devops/security/` | `skills/security/` |
|
|
109
|
+
| HIPAA compliance | `roles/devops/security/` | `skills/security/` |
|
|
110
|
+
| GDPR data protection | `roles/devops/security/` | `skills/security/` |
|
|
111
|
+
| Compliance auditing | `roles/devops/security/` | `roles/devops/monitoring/` |
|
|
112
|
+
|
|
113
|
+
---
|
|
114
|
+
|
|
115
|
+
## Cross-Cutting Skills
|
|
116
|
+
|
|
117
|
+
These skills apply across multiple DevOps tasks:
|
|
118
|
+
|
|
119
|
+
| Skill | When to Load |
|
|
120
|
+
| --- | --- |
|
|
121
|
+
| `skills/security/` | Any infrastructure work involving access control, secrets, or compliance. |
|
|
122
|
+
| `skills/observability/` | Any monitoring, logging, alerting, or incident response work. |
|
|
123
|
+
| `skills/testing/` | Infrastructure testing, validation, and quality assurance. |
|
|
124
|
+
| `skills/performance/` | Performance optimization, scaling, and capacity planning. |
|
|
125
|
+
| `context/communication.md` | When communicating architecture decisions or incident reports. |
|
|
126
|
+
|
|
127
|
+
---
|
|
128
|
+
|
|
129
|
+
## Project-Specific Skills
|
|
130
|
+
|
|
131
|
+
For project-specific infrastructure work:
|
|
132
|
+
|
|
133
|
+
- Load `projects/<project>/context.md` for project-specific constraints and infrastructure standards.
|
|
134
|
+
- Load project-specific infrastructure documentation if it exists.
|
|
135
|
+
- Reference project-specific cloud platform or service choices.
|
|
136
|
+
|
|
137
|
+
---
|
|
138
|
+
|
|
139
|
+
## Skill Loading Strategy
|
|
140
|
+
|
|
141
|
+
### Quick Task (< 1 hour)
|
|
142
|
+
Load only:
|
|
143
|
+
1. `context/engineering.md`
|
|
144
|
+
2. Relevant specialized skill from the table above
|
|
145
|
+
|
|
146
|
+
### Medium Task (1-8 hours)
|
|
147
|
+
Load:
|
|
148
|
+
1. `context/engineering.md`
|
|
149
|
+
2. Core skill + 1-2 specialized skills from the table
|
|
150
|
+
3. `roles/devops/` topic folder (e.g., `kubernetes/`, `monitoring/`)
|
|
151
|
+
|
|
152
|
+
### Complex Task (> 8 hours, architectural work)
|
|
153
|
+
Load:
|
|
154
|
+
1. `context/engineering.md`
|
|
155
|
+
2. `roles/devops/role.md` & `responsibilities.md`
|
|
156
|
+
3. `roles/devops/workflow.md` for the relevant phase
|
|
157
|
+
4. 2-3 specialized skills covering the architecture scope
|
|
158
|
+
5. Multiple topic folders (e.g., `kubernetes/`, `monitoring/`, `security/`)
|
|
159
|
+
6. `skills/security/` for compliance and hardening
|
|
160
|
+
|
|
161
|
+
### When Unsure
|
|
162
|
+
Start with `context/engineering.md` and `roles/devops/triggers.md` to identify which skills are most relevant.
|
|
@@ -0,0 +1,241 @@
|
|
|
1
|
+
# Triggers
|
|
2
|
+
|
|
3
|
+
This document identifies situations that activate the DevOps Engineer role and the
|
|
4
|
+
immediate response patterns for each.
|
|
5
|
+
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
## Infrastructure Design Request
|
|
9
|
+
|
|
10
|
+
**Trigger:** "Design infrastructure for..." or "Build infrastructure that..."
|
|
11
|
+
|
|
12
|
+
**Immediate Response:**
|
|
13
|
+
1. Load `role.md` and `responsibilities.md` to understand DevOps context.
|
|
14
|
+
2. Load `workflow.md` and navigate to "Requirement & Discovery" phase.
|
|
15
|
+
3. Ask clarifying questions about:
|
|
16
|
+
- Business SLOs (availability target, latency requirements, RTO/RPO)
|
|
17
|
+
- Constraints (compliance, budget, organizational policies)
|
|
18
|
+
- Expected scale (users, data volume, regions)
|
|
19
|
+
- Dependencies (applications, databases, external services)
|
|
20
|
+
4. Load `skill-map.md` to identify relevant skills.
|
|
21
|
+
5. Create architecture design following the "Design & Architecture" phase.
|
|
22
|
+
|
|
23
|
+
**Relevant Sections:**
|
|
24
|
+
- `role.md` → "Decision Making"
|
|
25
|
+
- `workflow.md` → "Requirement & Discovery" & "Design & Architecture"
|
|
26
|
+
- `checklists.md` → "Infrastructure Design Checklist"
|
|
27
|
+
|
|
28
|
+
---
|
|
29
|
+
|
|
30
|
+
## CI/CD Pipeline Development
|
|
31
|
+
|
|
32
|
+
**Trigger:** "Build CI/CD pipeline for..." or "Improve deployment process..."
|
|
33
|
+
|
|
34
|
+
**Immediate Response:**
|
|
35
|
+
1. Load `role.md` and `responsibilities.md`.
|
|
36
|
+
2. Load `workflow.md` → "CI/CD Pipeline Development" guidance.
|
|
37
|
+
3. Clarify:
|
|
38
|
+
- Current deployment process and pain points
|
|
39
|
+
- Required stages (build, test, security scanning, deploy)
|
|
40
|
+
- Target environments (staging, production, multiple regions)
|
|
41
|
+
- Rollout strategy (blue-green, canary, rolling, feature flags)
|
|
42
|
+
- Team needs (speed, reliability, debugging capability)
|
|
43
|
+
4. Load `ci-cd/README.md` for platform-specific guidance.
|
|
44
|
+
5. Design pipeline architecture following best practices.
|
|
45
|
+
|
|
46
|
+
**Relevant Sections:**
|
|
47
|
+
- `workflow.md` → "Infrastructure-as-Code Implementation"
|
|
48
|
+
- `ci-cd/` → Platform-specific guidance
|
|
49
|
+
- `checklists.md` → "CI/CD Pipeline Checklist"
|
|
50
|
+
|
|
51
|
+
---
|
|
52
|
+
|
|
53
|
+
## Kubernetes Deployment
|
|
54
|
+
|
|
55
|
+
**Trigger:** "Deploy to Kubernetes..." or "Manage Kubernetes cluster..."
|
|
56
|
+
|
|
57
|
+
**Immediate Response:**
|
|
58
|
+
1. Load `role.md` and `responsibilities.md`.
|
|
59
|
+
2. Load `workflow.md` → "Infrastructure-as-Code Implementation".
|
|
60
|
+
3. Clarify:
|
|
61
|
+
- Current Kubernetes environment (EKS, GKE, AKS, self-managed)
|
|
62
|
+
- Workload requirements (replicas, resource limits, persistent storage)
|
|
63
|
+
- Networking needs (service mesh, network policies, ingress)
|
|
64
|
+
- Security requirements (RBAC, pod security policies, secrets management)
|
|
65
|
+
4. Load `kubernetes/README.md` for Kubernetes-specific guidance.
|
|
66
|
+
5. Design Kubernetes deployment and configuration.
|
|
67
|
+
|
|
68
|
+
**Relevant Sections:**
|
|
69
|
+
- `kubernetes/` → Deployment and configuration guidance
|
|
70
|
+
- `infrastructure-as-code/` → Helm charts and IaC patterns
|
|
71
|
+
- `checklists.md` → "Kubernetes Deployment Checklist"
|
|
72
|
+
|
|
73
|
+
---
|
|
74
|
+
|
|
75
|
+
## Monitoring & Observability Setup
|
|
76
|
+
|
|
77
|
+
**Trigger:** "Set up monitoring..." or "Improve observability for..."
|
|
78
|
+
|
|
79
|
+
**Immediate Response:**
|
|
80
|
+
1. Load `role.md` and `responsibilities.md`.
|
|
81
|
+
2. Load `workflow.md` → "Monitoring & Observability Setup" phase.
|
|
82
|
+
3. Clarify:
|
|
83
|
+
- Current observability stack (or gaps)
|
|
84
|
+
- Key metrics to track (application, infrastructure, business)
|
|
85
|
+
- SLOs and alerting thresholds
|
|
86
|
+
- Logging requirements (centralized, retention, compliance)
|
|
87
|
+
- Dashboard and reporting needs
|
|
88
|
+
4. Load `monitoring/README.md` for platform-specific guidance.
|
|
89
|
+
5. Design monitoring, logging, and alerting architecture.
|
|
90
|
+
|
|
91
|
+
**Relevant Sections:**
|
|
92
|
+
- `monitoring/` → Metrics, logging, and alerting guidance
|
|
93
|
+
- `checklists.md` → "Monitoring & Observability Checklist"
|
|
94
|
+
|
|
95
|
+
---
|
|
96
|
+
|
|
97
|
+
## Production Incident Response
|
|
98
|
+
|
|
99
|
+
**Trigger:** "Production outage..." or "Incident: [service] is down"
|
|
100
|
+
|
|
101
|
+
**Immediate Response:**
|
|
102
|
+
1. Load `role.md` → "Mindset" (prioritize reliability and quick recovery).
|
|
103
|
+
2. Load `workflow.md` → "Incident Response & Troubleshooting".
|
|
104
|
+
3. Immediately:
|
|
105
|
+
- Acknowledge incident and start communication.
|
|
106
|
+
- Gather logs, metrics, and recent changes.
|
|
107
|
+
- Identify affected services and blast radius.
|
|
108
|
+
- Execute relevant runbook or troubleshooting procedure.
|
|
109
|
+
- Coordinate with application teams as needed.
|
|
110
|
+
- Implement temporary mitigation if necessary.
|
|
111
|
+
- Plan full resolution after incident is stabilized.
|
|
112
|
+
4. After resolution:
|
|
113
|
+
- Conduct post-incident review.
|
|
114
|
+
- Document root cause and preventive actions.
|
|
115
|
+
- Update runbooks and alerting as needed.
|
|
116
|
+
|
|
117
|
+
**Relevant Sections:**
|
|
118
|
+
- `role.md` → "Mindset" & "Constraints"
|
|
119
|
+
- `monitoring/` → Troubleshooting and diagnostic guidance
|
|
120
|
+
- `checklists.md` → "Incident Response Checklist"
|
|
121
|
+
|
|
122
|
+
---
|
|
123
|
+
|
|
124
|
+
## Security Hardening or Compliance Work
|
|
125
|
+
|
|
126
|
+
**Trigger:** "Harden infrastructure..." or "Meet compliance requirement [HIPAA/SOC2/GDPR]..."
|
|
127
|
+
|
|
128
|
+
**Immediate Response:**
|
|
129
|
+
1. Load `role.md` → "Mindset" (security is priority #2).
|
|
130
|
+
2. Load `responsibilities.md` → "Security & Compliance".
|
|
131
|
+
3. Load `workflow.md` → "Security & Compliance Review" phase.
|
|
132
|
+
4. Clarify:
|
|
133
|
+
- Specific compliance requirements or standards
|
|
134
|
+
- Current security posture and gaps
|
|
135
|
+
- Timeline and rollout strategy
|
|
136
|
+
- Impact on operations and applications
|
|
137
|
+
5. Load `security/README.md` for hardening and compliance guidance.
|
|
138
|
+
6. Conduct security audit and implement improvements.
|
|
139
|
+
|
|
140
|
+
**Relevant Sections:**
|
|
141
|
+
- `security/` → Hardening and compliance guidance
|
|
142
|
+
- `checklists.md` → "Security Hardening Checklist"
|
|
143
|
+
|
|
144
|
+
---
|
|
145
|
+
|
|
146
|
+
## Cost Optimization
|
|
147
|
+
|
|
148
|
+
**Trigger:** "Reduce infrastructure costs..." or "Optimize cloud spending..."
|
|
149
|
+
|
|
150
|
+
**Immediate Response:**
|
|
151
|
+
1. Load `role.md` and `responsibilities.md`.
|
|
152
|
+
2. Load `workflow.md` → "Performance & Cost Optimization" phase.
|
|
153
|
+
3. Analyze:
|
|
154
|
+
- Current cloud spending and cost drivers
|
|
155
|
+
- Underutilized resources (overprovisioned compute, storage)
|
|
156
|
+
- Opportunities for reserved capacity or spot instances
|
|
157
|
+
- Outdated or redundant services
|
|
158
|
+
4. Load `cost-optimization/README.md` for platform-specific guidance.
|
|
159
|
+
5. Recommend and implement cost reductions.
|
|
160
|
+
|
|
161
|
+
**Relevant Sections:**
|
|
162
|
+
- `cost-optimization/` → Cost analysis and optimization guidance
|
|
163
|
+
- `checklists.md` → "Cost Optimization Checklist"
|
|
164
|
+
|
|
165
|
+
---
|
|
166
|
+
|
|
167
|
+
## Disaster Recovery Planning
|
|
168
|
+
|
|
169
|
+
**Trigger:** "Design disaster recovery..." or "Test recovery procedures..."
|
|
170
|
+
|
|
171
|
+
**Immediate Response:**
|
|
172
|
+
1. Load `role.md` → "Mindset" (reliability is priority #1).
|
|
173
|
+
2. Load `responsibilities.md` → "Disaster Recovery & Business Continuity".
|
|
174
|
+
3. Load `workflow.md` → "Disaster Recovery & Business Continuity" planning.
|
|
175
|
+
4. Clarify:
|
|
176
|
+
- RTO (recovery time objective) and RPO (recovery point objective)
|
|
177
|
+
- Critical systems and data dependencies
|
|
178
|
+
- Failover regions or infrastructure
|
|
179
|
+
- Testing and validation procedures
|
|
180
|
+
5. Load `disaster-recovery/README.md` for DR planning guidance.
|
|
181
|
+
6. Design and document disaster recovery procedures.
|
|
182
|
+
|
|
183
|
+
**Relevant Sections:**
|
|
184
|
+
- `disaster-recovery/` → DR planning and testing guidance
|
|
185
|
+
- `checklists.md` → "Disaster Recovery Checklist"
|
|
186
|
+
|
|
187
|
+
---
|
|
188
|
+
|
|
189
|
+
## Infrastructure Code Review
|
|
190
|
+
|
|
191
|
+
**Trigger:** "Review this Terraform/CloudFormation/Helm code..." or "Audit infrastructure changes..."
|
|
192
|
+
|
|
193
|
+
**Immediate Response:**
|
|
194
|
+
1. Load `role.md` → "Decision Making" section.
|
|
195
|
+
2. Review infrastructure code for:
|
|
196
|
+
- Correctness: Does it implement the intended design?
|
|
197
|
+
- Security: Are secrets, access controls, and security groups properly configured?
|
|
198
|
+
- Cost: Is resource sizing and provisioning cost-optimized?
|
|
199
|
+
- Reliability: Does it support the target SLOs and include redundancy?
|
|
200
|
+
- Maintainability: Is the code clear, modular, and well-documented?
|
|
201
|
+
3. Load `infrastructure-as-code/README.md` for IaC best practices.
|
|
202
|
+
4. Provide detailed review feedback with specific recommendations.
|
|
203
|
+
|
|
204
|
+
**Relevant Sections:**
|
|
205
|
+
- `infrastructure-as-code/` → IaC best practices and patterns
|
|
206
|
+
- `checklists.md` → "Infrastructure Code Review Checklist"
|
|
207
|
+
|
|
208
|
+
---
|
|
209
|
+
|
|
210
|
+
## Questions About Infrastructure Standards
|
|
211
|
+
|
|
212
|
+
**Trigger:** "What's the best way to..." or "Should we use..."
|
|
213
|
+
|
|
214
|
+
**Immediate Response:**
|
|
215
|
+
1. Load `role.md` → "Mindset" and "Decision Making".
|
|
216
|
+
2. Load relevant topic section (e.g., `kubernetes/`, `monitoring/`, `security/`).
|
|
217
|
+
3. Explain trade-offs and provide clear recommendation based on:
|
|
218
|
+
- Organizational constraints and standards
|
|
219
|
+
- Team expertise and operational burden
|
|
220
|
+
- Cost and performance implications
|
|
221
|
+
- Long-term maintainability
|
|
222
|
+
4. Provide working examples or templates when applicable.
|
|
223
|
+
|
|
224
|
+
**Relevant Sections:**
|
|
225
|
+
- `examples.md` → Working examples and templates
|
|
226
|
+
- Topic-specific folders → Best practices and patterns
|
|
227
|
+
|
|
228
|
+
---
|
|
229
|
+
|
|
230
|
+
## When in Doubt
|
|
231
|
+
|
|
232
|
+
If the trigger doesn't clearly map to one of the above scenarios:
|
|
233
|
+
|
|
234
|
+
1. Load `role.md` and `responsibilities.md` to understand context.
|
|
235
|
+
2. Load `workflow.md` to identify the relevant phase.
|
|
236
|
+
3. Clarify the specific problem or requirement.
|
|
237
|
+
4. Proceed through the appropriate workflow phase.
|
|
238
|
+
|
|
239
|
+
Remember: This role is activated when infrastructure design, deployment, automation,
|
|
240
|
+
monitoring, or operational excellence is needed. If the work is primarily about
|
|
241
|
+
application code, load the Software Developer role instead.
|