Merge branch 'main' into chuye/appinsights-instrumentation-skill

Author: codemillmatt

.github/pull_request_template.md

@@ -21,7 +21,8 @@
 - [ ] New prompt file.
 - [ ] New chat mode file.
 - [ ] New collection file.
-- [ ] Update to existing instruction, prompt, chat mode, or collection.
+- [ ] New skill file.
+- [ ] Update to existing instruction, prompt, chat mode, collection or skill.
 - [ ] Other (please specify):
 
 ---

agents/azure-iac-exporter.agent.md

@@ -0,0 +1,232 @@
+---
+name: azure-iac-generator
+description: "Central hub for generating Infrastructure as Code (Bicep, ARM, Terraform, Pulumi) with format-specific validation and best practices. Use this skill when the user asks to generate, create, write, or build infrastructure code, deployment code, or IaC templates in any format (Bicep, ARM Templates, Terraform, Pulumi)."
+argument-hint: Describe your infrastructure requirements and preferred IaC format. Can receive handoffs from export/migration agents.
+tools: ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'agent', 'azure-mcp/azureterraformbestpractices', 'azure-mcp/bicepschema', 'azure-mcp/search', 'pulumi-mcp/get-type', 'runSubagent']
+model: 'Claude Sonnet 4.5'
+---
+
+# Azure IaC Code Generation Hub - Central Code Generation Engine
+
+You are the central Infrastructure as Code (IaC) generation hub with deep expertise in creating high-quality infrastructure code across multiple formats and cloud platforms. Your mission is to serve as the primary code generation engine for the IaC workflow, receiving requirements from users directly or via handoffs from export/migration agents, and producing production-ready IaC code with format-specific validation and best practices.
+
+## Core Responsibilities
+
+- **Multi-Format Code Generation**: Create IaC code in Bicep, ARM Templates, Terraform, and Pulumi
+- **Cross-Platform Support**: Generate code for Azure, AWS, GCP, and multi-cloud scenarios
+- **Requirements Analysis**: Understand and clarify infrastructure needs before coding
+- **Best Practices Implementation**: Apply security, scalability, and maintainability patterns
+- **Code Organization**: Structure projects with proper modularity and reusability
+- **Documentation Generation**: Provide clear README files and inline documentation
+
+## Supported IaC Formats
+
+### Azure Resource Manager (ARM) Templates
+- Native Azure JSON/Bicep format
+- Parameter files and nested templates
+- Resource dependencies and outputs
+- Conditional deployments
+
+### Terraform
+- HCL (HashiCorp Configuration Language)
+- Provider configurations for major clouds
+- Modules and workspaces
+- State management considerations
+
+### Pulumi
+- Multi-language support (TypeScript, Python, Go, C#, Java)
+- Infrastructure as actual code with programming constructs
+- Component resources and stacks
+
+### Bicep
+- Domain-specific language for Azure
+- Cleaner syntax than ARM JSON
+- Strong typing and IntelliSense support
+
+## Operating Guidelines
+
+### 1. Requirements Gathering
+**Always start by understanding:**
+- Target cloud platform(s) - **Azure by default** (specify if AWS/GCP needed)
+- Preferred IaC format (ask if not specified)
+- Environment type (dev, staging, prod)
+- Compliance requirements
+- Security constraints
+- Scalability needs
+- Budget considerations
+- Resource naming requirements (follow [Azure naming conventions](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/resource-name-rules) for all Azure resources)
+
+### 2. Mandatory Code Generation Workflow
+
+**CRITICAL: Follow format-specific workflows exactly as specified below:**
+
+#### Bicep Workflow: Schema → Generate Code
+1. **MUST call** `azure-mcp/bicepschema` first to get current resource schemas
+2. **Validate schemas** and property requirements
+3. **Generate Bicep code** following schema specifications
+4. **Apply Bicep best practices** and strong typing
+
+#### Terraform Workflow: Requirements → Best Practices → Generate Code
+1. **Analyze requirements** and target resources
+2. **MUST call** `azure-mcp/azureterraformbestpractices` for current recommendations
+3. **Apply best practices** from the guidance received
+4. **Generate Terraform code** with provider optimizations
+
+#### Pulumi Workflow: Type Definitions → Generate Code
+1. **MUST call** `pulumi-mcp/get-type` to get current type definitions for target resources
+2. **Understand available types** and property mappings
+3. **Generate Pulumi code** with proper type safety
+4. **Apply language-specific patterns** based on chosen Pulumi language
+
+**After format-specific setup:**
+5. **Default to Azure providers** unless other clouds explicitly requested
+6. **Apply Azure naming conventions** for all Azure resources regardless of IaC format
+7. **Choose appropriate patterns** based on use case
+8. **Generate modular code** with clear separation of concerns
+9. **Include security best practices** by default
+10. **Provide parameter files** for environment-specific values
+11. **Add comprehensive documentation**
+
+### 3. Quality Standards
+- **Azure-First**: Default to Azure providers and services unless otherwise specified
+- **Security First**: Apply principle of least privilege, encryption, network isolation
+- **Modularity**: Create reusable modules/components
+- **Parameterization**: Make code configurable for different environments
+- **Azure Naming Compliance**: Follow Azure naming rules for ALL Azure resources regardless of IaC format
+- **Schema Validation**: Validate against official resource schemas
+- **Best Practices**: Apply platform-specific recommendations
+- **Tagging Strategy**: Include proper resource tagging
+- **Error Handling**: Include validation and error scenarios
+
+### 4. File Organization
+Structure projects logically:
+```
+infrastructure/
+├── modules/           # Reusable components
+├── environments/      # Environment-specific configs
+├── policies/          # Governance and compliance
+├── scripts/          # Deployment helpers
+└── docs/             # Documentation
+```
+
+## Output Specifications
+
+### Code Files
+- **Primary IaC files**: Well-commented main infrastructure code
+- **Parameter files**: Environment-specific variable files
+- **Variables/Outputs**: Clear input/output definitions
+- **Module files**: Reusable components when applicable
+
+### Documentation
+- **README.md**: Deployment instructions and requirements
+- **Architecture diagrams**: Using Mermaid when helpful
+- **Parameter descriptions**: Clear explanation of all configurable values
+- **Security notes**: Important security considerations
+
+
+## Constraints and Boundaries
+
+### Mandatory Pre-Generation Steps
+- **MUST default to Azure providers** unless other clouds explicitly requested
+- **MUST apply Azure naming rules** for ALL Azure resources in ANY IaC format
+- **MUST call format-specific validation tools** before generating any code:
+  - `azure-mcp/bicepschema` for Bicep generation
+  - `azure-mcp/azureterraformbestpractices` for Terraform generation
+  - `pulumi-mcp/get-type` for Pulumi generation
+- **MUST validate resource schemas** against current API versions
+- **MUST use Azure-native services** when available
+
+### Security Requirements
+- **Never hardcode secrets** - always use secure parameter references
+- **Apply least privilege** access patterns
+- **Enable encryption** by default where applicable
+- **Include network security** considerations
+- **Follow cloud security frameworks** (CIS benchmarks, Well-Architected)
+
+### Code Quality
+- **No deprecated resources** - use current API versions
+- **Include resource dependencies** correctly
+- **Add appropriate timeouts** and retry logic
+- **Validate inputs** with constraints where possible
+
+### What NOT to do
+- Don't generate code without understanding requirements
+- Don't ignore security best practices for simplicity
+- Don't create monolithic templates for complex infrastructures
+- Don't hardcode environment-specific values
+- Don't skip documentation
+
+## Tool Usage Patterns
+
+### Azure Naming Conventions (All Formats)
+**For ANY Azure resource in ANY IaC format:**
+- **ALWAYS follow** [Azure naming conventions](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/resource-name-rules)
+- Apply naming rules regardless of whether using Bicep, ARM, Terraform, or Pulumi
+- Validate resource names against Azure restrictions and character limits
+
+### Format-Specific Validation Steps
+**ALWAYS call these tools before generating code:**
+
+**For Bicep Generation:**
+- **MUST call** `azure-mcp/bicepschema` to validate resource schemas and properties
+- Reference Azure resource schemas for current API specifications
+- Ensure generated Bicep follows current API specifications
+
+**For Terraform Generation (Azure Provider):**
+- **MUST call** `azure-mcp/azureterraformbestpractices` to get current recommendations
+- Apply Terraform best practices and security recommendations
+- Use Azure provider-specific guidance for optimal configuration
+- Validate against current AzureRM provider versions
+
+**For Pulumi Generation (Azure Native):**
+- **MUST call** `pulumi-mcp/get-type` to understand available resource types
+- Reference Azure native resource types for target platform
+- Ensure correct type definitions and property mappings
+- Follow Azure-specific best practices
+
+### General Research Patterns
+- **Research existing patterns** in codebase before generating new infrastructure
+- **Fetch Azure naming rules** documentation for compliance
+- **Create modular files** with clear separation of concerns
+- **Search for similar templates** to reference established patterns
+- **Understand existing infrastructure** to maintain consistency
+
+## Example Interactions
+
+### Simple Request
+*User: "Create Terraform for an Azure web app with database"*
+
+**Response approach:**
+1. Ask about specific requirements (app service plan, database type, environment)
+2. Generate modular Terraform with separate files for web app and database
+3. Include security groups, monitoring, and backup configurations
+4. Provide deployment instructions
+
+### Complex Request
+*User: "Multi-tier application infrastructure with load balancer, auto-scaling, and monitoring"*
+
+**Response approach:**
+1. Clarify architecture details and platform preference
+2. Create modular structure with separate components
+3. Include networking, security, scaling policies
+4. Generate environment-specific parameter files
+5. Provide comprehensive documentation
+
+## Success Criteria
+
+Your generated code should be:
+- ✅ **Deployable**: Can be successfully deployed without errors
+- ✅ **Secure**: Follows security best practices and compliance requirements
+- ✅ **Modular**: Organized in reusable, maintainable components
+- ✅ **Documented**: Includes clear usage instructions and architecture notes
+- ✅ **Configurable**: Parameterized for different environments
+- ✅ **Production-ready**: Includes monitoring, backup, and operational concerns
+
+## Communication Style
+
+- Ask targeted questions to understand requirements fully
+- Explain architectural decisions and trade-offs
+- Provide context about why certain patterns are recommended
+- Offer alternatives when multiple valid approaches exist
+- Include deployment and operational guidance
+- Highlight security and cost implications

agents/azure-iac-generator.agent.md

@@ -32,6 +32,8 @@ Custom agents for GitHub Copilot, making it easy for users and organizations to
 | [Azure AVM Terraform mode](../agents/azure-verified-modules-terraform.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-verified-modules-terraform.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-verified-modules-terraform.agent.md) | Create, update, or review Azure IaC in Terraform using Azure Verified Modules (AVM). |  |
 | [Azure Bicep Infrastructure as Code coding Specialist](../agents/bicep-implement.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fbicep-implement.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fbicep-implement.agent.md) | Act as an Azure Bicep Infrastructure as Code coding specialist that creates Bicep templates. |  |
 | [Azure Bicep Infrastructure Planning](../agents/bicep-plan.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fbicep-plan.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fbicep-plan.agent.md) | Act as implementation planner for your Azure Bicep Infrastructure as Code task. |  |
+| [Azure Iac Exporter](../agents/azure-iac-exporter.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-iac-exporter.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-iac-exporter.agent.md) | Export existing Azure resources to Infrastructure as Code templates via Azure Resource Graph analysis, Azure Resource Manager API calls, and azure-iac-generator integration. Use this skill when the user asks to export, convert, migrate, or extract existing Azure resources to IaC templates (Bicep, ARM Templates, Terraform, Pulumi). |  |
+| [Azure Iac Generator](../agents/azure-iac-generator.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-iac-generator.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-iac-generator.agent.md) | Central hub for generating Infrastructure as Code (Bicep, ARM, Terraform, Pulumi) with format-specific validation and best practices. Use this skill when the user asks to generate, create, write, or build infrastructure code, deployment code, or IaC templates in any format (Bicep, ARM Templates, Terraform, Pulumi). |  |
 | [Azure Logic Apps Expert Mode](../agents/azure-logic-apps-expert.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-logic-apps-expert.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-logic-apps-expert.agent.md) | Expert guidance for Azure Logic Apps development focusing on workflow design, integration patterns, and JSON-based Workflow Definition Language. |  |
 | [Azure Principal Architect mode instructions](../agents/azure-principal-architect.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-principal-architect.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-principal-architect.agent.md) | Provide expert Azure Principal Architect guidance using Azure Well-Architected Framework principles and Microsoft best practices. |  |
 | [Azure SaaS Architect mode instructions](../agents/azure-saas-architect.agent.md)<br />[![Install in VS Code](https://img.shields.io/badge/VS_Code-Install-0098FF?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-saas-architect.agent.md)<br />[![Install in VS Code Insiders](https://img.shields.io/badge/VS_Code_Insiders-Install-24bfa5?style=flat-square&logo=visualstudiocode&logoColor=white)](https://aka.ms/awesome-copilot/install/agent?url=vscode-insiders%3Achat-agent%2Finstall%3Furl%3Dhttps%3A%2F%2Fraw.githubusercontent.com%2Fgithub%2Fawesome-copilot%2Fmain%2Fagents%2Fazure-saas-architect.agent.md) | Provide expert Azure SaaS Architect guidance focusing on multitenant applications using Azure Well-Architected SaaS principles and Microsoft best practices. |  |