💼 ビジネスコミュニティ

azure-cloud-architect

Design Azure architectures for startups and enterprises. Use when asked to design Azure infrastructure, create Bicep/ARM templates, optimize Azure costs, set up Azure DevOps pipelines, or migrate to Azure. Covers AKS, App Service, Azure Functions, Cosmos DB, and cost optimization.

⚡ おすすめ: コマンド1行でインストール(60秒)

下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。ダウンロード → 解凍 → 配置まで全自動。

🍎 Mac / 🐧 Linux

mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o azure-cloud-architect.zip https://jpskill.com/download/21780.zip && unzip -o azure-cloud-architect.zip && rm azure-cloud-architect.zip

🪟 Windows (PowerShell)

$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/21780.zip -OutFile "$d\azure-cloud-architect.zip"; Expand-Archive "$d\azure-cloud-architect.zip" -DestinationPath $d -Force; ri "$d\azure-cloud-architect.zip"

完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。

💾 手動でダウンロードしたい(コマンドが難しい人向け)

1. 下の青いボタンを押して azure-cloud-architect.zip をダウンロード
2. ZIPファイルをダブルクリックで解凍 → azure-cloud-architect フォルダができる
3. そのフォルダを C:\Users\あなたの名前\.claude\skills\(Win)または ~/.claude/skills/(Mac)へ移動
4. Claude Code を再起動

⬇ .zip でダウンロード(推奨) ⬇ .skill 形式(上級者用) 元のソース ↗

⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。

🎯 このSkillでできること

下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。

📦 インストール方法 (3ステップ)

1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
3. 展開してできたフォルダを、ホームフォルダの .claude/skills/ に置く
- · macOS / Linux: ~/.claude/skills/
- · Windows: %USERPROFILE%\.claude\skills\

Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。

詳しい使い方ガイドを見る →

最終更新: 2026-05-18
取得日時: 2026-05-18
同梱ファイル: 7

📖 Skill本文(日本語訳)

※ 原文(英語/中国語)を Gemini で日本語化したものです。Claude 自身は原文を読みます。誤訳がある場合は原文をご確認ください。

Azure クラウドアーキテクト

Bicep の Infrastructure-as-Code テンプレートを使用して、スタートアップ企業やエンタープライズ企業向けにスケーラブルで費用対効果の高い Azure アーキテクチャを設計します。

ワークフロー

ステップ 1: 要件の収集

アプリケーションの仕様を収集します。

- アプリケーションの種類 (Web アプリ、モバイルバックエンド、データパイプライン、SaaS、マイクロサービス)
- 想定ユーザー数と 1 秒あたりのリクエスト数
- 予算制約 (月間支出上限)
- チーム規模と Azure 経験レベル
- コンプライアンス要件 (GDPR、HIPAA、SOC 2、ISO 27001)
- 可用性要件 (SLA、RPO/RTO)
- リージョンの好み (データレジデンシー、レイテンシー)

ステップ 2: アーキテクチャの設計

アーキテクチャデザイナーを実行して、パターンの推奨事項を取得します。

python scripts/architecture_designer.py \
  --app-type web_app \
  --users 10000 \
  --requirements '{"budget_monthly_usd": 500, "compliance": ["SOC2"]}'

出力例:

{
  "recommended_pattern": "app_service_web",
  "service_stack": ["App Service", "Azure SQL", "Front Door", "Key Vault", "Entra ID"],
  "estimated_monthly_cost_usd": 280,
  "pros": ["Managed platform", "Built-in autoscale", "Deployment slots"],
  "cons": ["Less control than VMs", "Platform constraints", "Cold start on consumption plans"]
}

推奨パターンから選択します。

App Service Web: Front Door + App Service + Azure SQL + Redis Cache
Microservices on AKS: AKS + Service Bus + Cosmos DB + API Management
Serverless Event-Driven: Functions + Event Grid + Service Bus + Cosmos DB
Data Pipeline: Data Factory + Synapse Analytics + Data Lake Storage + Event Hubs

詳細なパターン仕様については、references/architecture_patterns.md を参照してください。

検証チェックポイント: ステップ 3 に進む前に、推奨パターンがチームの運用成熟度とコンプライアンス要件に合致していることを確認してください。

ステップ 3: IaC テンプレートの生成

選択したパターンに対して Infrastructure-as-Code を作成します。

# Web アプリスタック (Bicep)
python scripts/bicep_generator.py --arch-type web-app --output main.bicep

Bicep 出力例 (コア Web アプリリソース):

@description('The environment name')
param environment string = 'dev'

@description('The Azure region for resources')
param location string = resourceGroup().location

@description('The application name')
param appName string = 'myapp'

// App Service Plan
resource appServicePlan 'Microsoft.Web/serverfarms@2023-01-01' = {
  name: '${environment}-${appName}-plan'
  location: location
  sku: {
    name: 'P1v3'
    tier: 'PremiumV3'
    capacity: 1
  }
  properties: {
    reserved: true // Linux
  }
}

// App Service
resource appService 'Microsoft.Web/sites@2023-01-01' = {
  name: '${environment}-${appName}-web'
  location: location
  properties: {
    serverFarmId: appServicePlan.id
    httpsOnly: true
    siteConfig: {
      linuxFxVersion: 'NODE|20-lts'
      minTlsVersion: '1.2'
      ftpsState: 'Disabled'
      alwaysOn: true
    }
  }
  identity: {
    type: 'SystemAssigned'
  }
}

// Azure SQL Database
resource sqlServer 'Microsoft.Sql/servers@2023-05-01-preview' = {
  name: '${environment}-${appName}-sql'
  location: location
  properties: {
    administrators: {
      azureADOnlyAuthentication: true
    }
    minimalTlsVersion: '1.2'
  }
}

resource sqlDatabase 'Microsoft.Sql/servers/databases@2023-05-01-preview' = {
  parent: sqlServer
  name: '${appName}-db'
  location: location
  sku: {
    name: 'GP_S_Gen5_2'
    tier: 'GeneralPurpose'
  }
  properties: {
    autoPauseDelay: 60
    minCapacity: json('0.5')
  }
}

Front Door、Key Vault、Managed Identity、および監視を含む完全なテンプレートは、bicep_generator.py によって生成され、references/architecture_patterns.md でも利用できます。

Bicep は Azure に推奨される IaC 言語です。 ARM JSON テンプレートよりも Bicep を優先してください。Bicep は ARM JSON にコンパイルされ、よりクリーンな構文を持ち、モジュールをサポートし、Microsoft によってファーストパーティでサポートされています。

ステップ 4: コストのレビュー

推定コストと最適化の機会を分析します。

python scripts/cost_optimizer.py \
  --config current_resources.json \
  --json

出力例:

{
  "current_monthly_usd": 2000,
  "recommendations": [
    { "action": "Right-size SQL Database GP_S_Gen5_8 to GP_S_Gen5_2", "savings_usd": 380, "priority": "high" },
    { "action": "Purchase 1-year Reserved Instances for AKS node pools", "savings_usd": 290, "priority": "high" },
    { "action": "Move Blob Storage to Cool tier for objects >30 days old", "savings_usd": 65, "priority": "medium" }
  ],
  "total_potential_savings_usd": 735
}

出力には以下が含まれます。

サービスごとの月間コストの内訳
適正化の推奨事項
Reserved Instance と Savings Plan の機会
月間の潜在的な節約額

ステップ 5: CI/CD の構成

Azure DevOps Pipelines または GitHub Actions を Azure で設定します。

# GitHub Actions — deploy Bicep to Azure
name: Deploy Infrastructure
on:
  push:
    branches: [main]

permissions:
  id-token: write
  contents: read

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: azure/login@v2
        with:
          client-id: ${{ secrets.AZURE_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

      - uses: azure/arm-deploy@v2
        with:
          resourceGroupName: rg-myapp-dev
          template: ./infra/main.bicep
          parameters: environment=dev

# Azure DevOps Pipeline
trigger:
  branches:
    include:
      - main

pool:
  vmImage: 'ubuntu-latest'

steps:
  - task: AzureCLI@2
    inputs:
      azureSubscription: 'MyServiceConnection'
      scriptType: 'bash'
      scriptLocation: 'inlineScript'
      inlineScript: |
        az deployment group create \
          --resource-group rg-myapp-dev \
          --template-file infra/main.bicep \
          --parameters environment=dev

ステップ 6: セキュリティレビュー

本番環境に移行する前にセキュリティ体制を検証します。

📜 原文 SKILL.md(Claudeが読む英語/中国語)を展開

Azure Cloud Architect

Design scalable, cost-effective Azure architectures for startups and enterprises with Bicep infrastructure-as-code templates.

Workflow

Step 1: Gather Requirements

Collect application specifications:

- Application type (web app, mobile backend, data pipeline, SaaS, microservices)
- Expected users and requests per second
- Budget constraints (monthly spend limit)
- Team size and Azure experience level
- Compliance requirements (GDPR, HIPAA, SOC 2, ISO 27001)
- Availability requirements (SLA, RPO/RTO)
- Region preferences (data residency, latency)

Step 2: Design Architecture

Run the architecture designer to get pattern recommendations:

python scripts/architecture_designer.py \
  --app-type web_app \
  --users 10000 \
  --requirements '{"budget_monthly_usd": 500, "compliance": ["SOC2"]}'

Example output:

{
  "recommended_pattern": "app_service_web",
  "service_stack": ["App Service", "Azure SQL", "Front Door", "Key Vault", "Entra ID"],
  "estimated_monthly_cost_usd": 280,
  "pros": ["Managed platform", "Built-in autoscale", "Deployment slots"],
  "cons": ["Less control than VMs", "Platform constraints", "Cold start on consumption plans"]
}

Select from recommended patterns:

App Service Web: Front Door + App Service + Azure SQL + Redis Cache
Microservices on AKS: AKS + Service Bus + Cosmos DB + API Management
Serverless Event-Driven: Functions + Event Grid + Service Bus + Cosmos DB
Data Pipeline: Data Factory + Synapse Analytics + Data Lake Storage + Event Hubs

See references/architecture_patterns.md for detailed pattern specifications.

Validation checkpoint: Confirm the recommended pattern matches the team's operational maturity and compliance requirements before proceeding to Step 3.

Step 3: Generate IaC Templates

Create infrastructure-as-code for the selected pattern:

# Web app stack (Bicep)
python scripts/bicep_generator.py --arch-type web-app --output main.bicep

Example Bicep output (core web app resources):

@description('The environment name')
param environment string = 'dev'

@description('The Azure region for resources')
param location string = resourceGroup().location

@description('The application name')
param appName string = 'myapp'

// App Service Plan
resource appServicePlan 'Microsoft.Web/serverfarms@2023-01-01' = {
  name: '${environment}-${appName}-plan'
  location: location
  sku: {
    name: 'P1v3'
    tier: 'PremiumV3'
    capacity: 1
  }
  properties: {
    reserved: true // Linux
  }
}

// App Service
resource appService 'Microsoft.Web/sites@2023-01-01' = {
  name: '${environment}-${appName}-web'
  location: location
  properties: {
    serverFarmId: appServicePlan.id
    httpsOnly: true
    siteConfig: {
      linuxFxVersion: 'NODE|20-lts'
      minTlsVersion: '1.2'
      ftpsState: 'Disabled'
      alwaysOn: true
    }
  }
  identity: {
    type: 'SystemAssigned'
  }
}

// Azure SQL Database
resource sqlServer 'Microsoft.Sql/servers@2023-05-01-preview' = {
  name: '${environment}-${appName}-sql'
  location: location
  properties: {
    administrators: {
      azureADOnlyAuthentication: true
    }
    minimalTlsVersion: '1.2'
  }
}

resource sqlDatabase 'Microsoft.Sql/servers/databases@2023-05-01-preview' = {
  parent: sqlServer
  name: '${appName}-db'
  location: location
  sku: {
    name: 'GP_S_Gen5_2'
    tier: 'GeneralPurpose'
  }
  properties: {
    autoPauseDelay: 60
    minCapacity: json('0.5')
  }
}

Full templates including Front Door, Key Vault, Managed Identity, and monitoring are generated by bicep_generator.py and also available in references/architecture_patterns.md.

Bicep is the recommended IaC language for Azure. Prefer Bicep over ARM JSON templates: Bicep compiles to ARM JSON, has cleaner syntax, supports modules, and is first-party supported by Microsoft.

Step 4: Review Costs

Analyze estimated costs and optimization opportunities:

python scripts/cost_optimizer.py \
  --config current_resources.json \
  --json

Example output:

{
  "current_monthly_usd": 2000,
  "recommendations": [
    { "action": "Right-size SQL Database GP_S_Gen5_8 to GP_S_Gen5_2", "savings_usd": 380, "priority": "high" },
    { "action": "Purchase 1-year Reserved Instances for AKS node pools", "savings_usd": 290, "priority": "high" },
    { "action": "Move Blob Storage to Cool tier for objects >30 days old", "savings_usd": 65, "priority": "medium" }
  ],
  "total_potential_savings_usd": 735
}

Output includes:

Monthly cost breakdown by service
Right-sizing recommendations
Reserved Instance and Savings Plan opportunities
Potential monthly savings

Step 5: Configure CI/CD

Set up Azure DevOps Pipelines or GitHub Actions with Azure:

# GitHub Actions — deploy Bicep to Azure
name: Deploy Infrastructure
on:
  push:
    branches: [main]

permissions:
  id-token: write
  contents: read

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: azure/login@v2
        with:
          client-id: ${{ secrets.AZURE_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

      - uses: azure/arm-deploy@v2
        with:
          resourceGroupName: rg-myapp-dev
          template: ./infra/main.bicep
          parameters: environment=dev

# Azure DevOps Pipeline
trigger:
  branches:
    include:
      - main

pool:
  vmImage: 'ubuntu-latest'

steps:
  - task: AzureCLI@2
    inputs:
      azureSubscription: 'MyServiceConnection'
      scriptType: 'bash'
      scriptLocation: 'inlineScript'
      inlineScript: |
        az deployment group create \
          --resource-group rg-myapp-dev \
          --template-file infra/main.bicep \
          --parameters environment=dev

Step 6: Security Review

Validate security posture before production:

Identity: Entra ID (Azure AD) with RBAC, Managed Identity for service-to-service auth — never store credentials in code
Secrets: Key Vault for all secrets, certificates, and connection strings
Network: NSGs on all subnets, Private Endpoints for PaaS services, Application Gateway with WAF
Encryption: TLS 1.2+ in transit, Azure-managed or customer-managed keys at rest
Monitoring: Microsoft Defender for Cloud enabled, Azure Policy for guardrails
Compliance: Azure Policy assignments for SOC 2 / HIPAA / ISO 27001 initiatives

If deployment fails:

Check the deployment status:

az deployment group show \
  --resource-group rg-myapp-dev \
  --name main \
  --query 'properties.error'

Review Activity Log for RBAC or policy errors.

Validate the Bicep template before deploying:

az bicep build --file main.bicep
az deployment group validate \
  --resource-group rg-myapp-dev \
  --template-file main.bicep

Common failure causes:

RBAC permission errors — verify the deploying principal has Contributor on the resource group
Resource provider not registered — run az provider register --namespace Microsoft.Web
Naming conflicts — Azure resource names are often globally unique (storage accounts, web apps)
Quota exceeded — request quota increase via Azure Portal > Subscriptions > Usage + quotas

Tools

architecture_designer.py

Generates architecture pattern recommendations based on requirements.

python scripts/architecture_designer.py \
  --app-type web_app \
  --users 50000 \
  --requirements '{"budget_monthly_usd": 1000, "compliance": ["HIPAA"]}' \
  --json

Input: Application type, expected users, JSON requirements Output: Recommended pattern, service stack, cost estimate, pros/cons

cost_optimizer.py

Analyzes Azure resource configurations for cost savings.

python scripts/cost_optimizer.py --config resources.json --json

Input: JSON file with current Azure resource inventory Output: Recommendations for:

Idle resource removal
VM and database right-sizing
Reserved Instance purchases
Storage tier transitions
Unused public IPs and load balancers

bicep_generator.py

Generates Bicep template scaffolds from architecture type.

python scripts/bicep_generator.py --arch-type microservices --output main.bicep

Output: Production-ready Bicep templates with:

Managed Identity (no passwords)
Key Vault integration
Diagnostic settings for Azure Monitor
Network security groups
Tags for cost allocation

Quick Start

Web App Architecture (< $100/month)

Ask: "Design an Azure web app for a startup with 5000 users"

Result:
- App Service (B1 Linux) for the application
- Azure SQL Serverless for relational data
- Azure Blob Storage for static assets
- Front Door (free tier) for CDN and routing
- Key Vault for secrets
- Estimated: $40-80/month

Microservices on AKS ($500-2000/month)

Ask: "Design a microservices architecture on Azure for a SaaS platform with 50k users"

Result:
- AKS cluster with 3 node pools (system, app, jobs)
- API Management for gateway and rate limiting
- Cosmos DB for multi-model data
- Service Bus for async messaging
- Azure Monitor + Application Insights for observability
- Multi-zone deployment

Serverless Event-Driven (< $200/month)

Ask: "Design an event-driven backend for processing orders"

Result:
- Azure Functions (Consumption plan) for compute
- Event Grid for event routing
- Service Bus for reliable messaging
- Cosmos DB for order data
- Application Insights for monitoring
- Estimated: $30-150/month depending on volume

Data Pipeline ($300-1500/month)

Ask: "Design a data pipeline for ingesting 10M events/day"

Result:
- Event Hubs for ingestion
- Stream Analytics or Functions for processing
- Data Lake Storage Gen2 for raw data
- Synapse Analytics for warehouse
- Power BI for dashboards

Input Requirements

Provide these details for architecture design:

Requirement	Description	Example
Application type	What you're building	SaaS platform, mobile backend
Expected scale	Users, requests/sec	10k users, 100 RPS
Budget	Monthly Azure limit	$500/month max
Team context	Size, Azure experience	3 devs, intermediate
Compliance	Regulatory needs	HIPAA, GDPR, SOC 2
Availability	Uptime requirements	99.9% SLA, 1hr RPO

JSON Format:

{
  "application_type": "saas_platform",
  "expected_users": 10000,
  "requests_per_second": 100,
  "budget_monthly_usd": 500,
  "team_size": 3,
  "azure_experience": "intermediate",
  "compliance": ["SOC2"],
  "availability_sla": "99.9%"
}

Anti-Patterns

Anti-Pattern	Why It Fails	Do This Instead
ARM JSON templates for new projects	Verbose, hard to read, no modules	Use Bicep — compiles to ARM, cleaner syntax
Storing secrets in App Settings	Secrets visible in portal, no rotation	Use Key Vault references in App Settings
Single large AKS node pool	Cannot optimize for different workloads	Use multiple node pools: system, app, jobs
Public endpoints on PaaS services	Exposed attack surface	Use Private Endpoints + VNet integration
Over-provisioning "just in case"	Wastes budget month one	Start small, use autoscale, right-size monthly
Shared resource groups for everything	Blast radius, RBAC nightmares	One resource group per environment per workload
No tagging strategy	Cannot track costs or ownership	Tag: environment, owner, cost-center, app-name
Using classic resources	Deprecated, limited features	Use ARM/Bicep resources exclusively

Output Formats

Architecture Design

Pattern recommendation with rationale
Service stack diagram (ASCII)
Monthly cost estimate and trade-offs

IaC Templates

Bicep: Recommended — first-party, module support, clean syntax
ARM JSON: Generated from Bicep when needed
Terraform HCL: Multi-cloud compatible using azurerm provider

Cost Analysis

Current spend breakdown with optimization recommendations
Priority action list (high/medium/low) and implementation checklist

Cross-References

Skill	Relationship
`engineering-team/aws-solution-architect`	AWS equivalent — same 6-step workflow, different services
`engineering-team/gcp-cloud-architect`	GCP equivalent — completes the cloud trifecta
`engineering-team/senior-devops`	Broader DevOps scope — pipelines, monitoring, containerization
`engineering/terraform-patterns`	IaC implementation — use for Terraform modules targeting Azure
`engineering/ci-cd-pipeline-builder`	Pipeline construction — automates Azure DevOps and GitHub Actions

Reference Documentation

Document	Contents
`references/architecture_patterns.md`	5 patterns: web app, microservices/AKS, serverless, data pipeline, multi-region
`references/service_selection.md`	Decision matrices for compute, database, storage, messaging, networking
`references/best_practices.md`	Naming conventions, tagging, RBAC, network security, monitoring, DR

同梱ファイル

※ ZIPに含まれるファイル一覧。`SKILL.md` 本体に加え、参考資料・サンプル・スクリプトが入っている場合があります。

📄 SKILL.md (13,702 bytes)
📎 references/architecture_patterns.md (17,911 bytes)
📎 references/best_practices.md (12,257 bytes)
📎 references/service_selection.md (11,119 bytes)
📎 scripts/architecture_designer.py (21,966 bytes)
📎 scripts/bicep_generator.py (23,663 bytes)
📎 scripts/cost_optimizer.py (21,203 bytes)