azure-resource-visualizer
$
npx mdskill add microsoft/GitHub-Copilot-for-Azure/azure-resource-visualizerGenerate Mermaid diagrams mapping Azure resource relationships
- Creates visual architecture maps for complex cloud infrastructure
- Integrates with Azure Resource Manager APIs to query resource groups
- Analyzes interdependencies between services to build accurate topologies
- Outputs formatted Mermaid diagrams embedded in markdown documentation
SKILL.md
.github/skills/azure-resource-visualizerView on GitHub ↗
--- name: azure-resource-visualizer description: "Analyze Azure resource groups and generate detailed Mermaid architecture diagrams showing the relationships between individual resources. WHEN: create architecture diagram, visualize Azure resources, show resource relationships, generate Mermaid diagram, analyze resource group, diagram my resources, architecture visualization, resource topology, map Azure infrastructure." license: MIT metadata: author: Microsoft version: "0.0.0-placeholder" --- # Azure Resource Visualizer - Architecture Diagram Generator A user may ask for help understanding how individual resources fit together, or to create a diagram showing their relationships. Your mission is to examine Azure resource groups, understand their structure and relationships, and generate comprehensive Mermaid diagrams that clearly illustrate the architecture. ## Core Responsibilities 1. **Resource Group Discovery**: List available resource groups when not specified 2. **Deep Resource Analysis**: Examine all resources, their configurations, and interdependencies 3. **Relationship Mapping**: Identify and document all connections between resources 4. **Diagram Generation**: Create detailed, accurate Mermaid diagrams 5. **Documentation Creation**: Produce clear markdown files with embedded diagrams ## Workflow Process ### Step 1: Resource Group Selection If the user hasn't specified a resource group: 1. Use your tools to query available resource groups. If you do not have a tool for this, use `az`. 2. Present a numbered list of resource groups with their locations 3. Ask the user to select one by number or name 4. Wait for user response before proceeding If a resource group is specified, validate it exists and proceed. ### Step 2: Resource Discovery & Analysis For bulk resource discovery across subscriptions, use Azure Resource Graph queries. See [Azure Resource Graph Queries](references/azure-resource-graph.md) for cross-subscription inventory and relationship discovery patterns. Once you have the resource group: 1. **Query all resources** in the resource group using Azure MCP tools or `az`. 2. **Analyze each resource** type and capture: - Resource name and type - SKU/tier information - Location/region - Key configuration properties - Network settings (VNets, subnets, private endpoints) - Identity and access (Managed Identity, RBAC) - Dependencies and connections 3. **Map relationships** by identifying: - **Network connections**: VNet peering, subnet assignments, NSG rules, private endpoints - **Data flow**: Apps → Databases, Functions → Storage, API Management → Backends - **Identity**: Managed identities connecting to resources - **Configuration**: App Settings pointing to Key Vaults, connection strings - **Dependencies**: Parent-child relationships, required resources > **Important**: You must only use placeholder names to represent secret values, such as keys, connection strings, Key Vault secrets, etc. Use meaningful placeholder names to represent each secret in the diagram. Never put secret values in the resource diagram. ### Step 3: Diagram Construction Create a **detailed Mermaid diagram** using the `graph TB` (top-to-bottom) or `graph LR` (left-to-right) format. See [example-diagram.md](./assets/example-diagram.md) for a complete sample architecture diagram. **Key Diagram Requirements:** - **Group by layer or purpose**: Network, Compute, Data, Security, Monitoring - **Include details**: SKUs, tiers, important settings in node labels (use `<br/>` for line breaks) - **Label all connections**: Describe what flows between resources (data, identity, network) - **Use meaningful node IDs**: Abbreviations that make sense (APP, FUNC, SQL, KV) - **Visual hierarchy**: Subgraphs for logical grouping - **Connection types**: - `-->` for data flow or dependencies - `-.->` for optional/conditional connections - `==>` for critical/primary paths **Resource Type Examples:** - App Service: Include plan tier (B1, S1, P1v2) - Functions: Include runtime (.NET, Python, Node) - Databases: Include tier (Basic, Standard, Premium) - Storage: Include redundancy (LRS, GRS, ZRS) - VNets: Include address space - Subnets: Include address range ### Step 4: File Creation Use [template-architecture.md](./assets/template-architecture.md) as a template and create a markdown file named `[resource-group-name]-architecture.md` with: 1. **Header**: Resource group name, subscription, region 2. **Summary**: Brief overview of the architecture (2-3 paragraphs) 3. **Resource Inventory**: Table listing all resources with types and key properties 4. **Architecture Diagram**: The complete Mermaid diagram 5. **Relationship Details**: Explanation of key connections and data flows 6. **Notes**: Any important observations, potential issues, or recommendations ## Operating Guidelines ### Quality Standards - **Accuracy**: Verify all resource details before including in diagram - **Completeness**: Don't omit resources; include everything in the resource group - **Clarity**: Use clear, descriptive labels and logical grouping - **Detail Level**: Include configuration details that matter for architecture understanding - **Relationships**: Show ALL significant connections, not just obvious ones ### Tool Usage Patterns 1. **Azure MCP Search**: - Use `intent="list resource groups"` to discover resource groups - Use `intent="list resources in group"` with group name to get all resources - Use `intent="get resource details"` for individual resource analysis - Use `command` parameter when you need specific Azure operations 2. **File Creation**: - Always create in workspace root or a `docs/` folder if it exists - Use clear, descriptive filenames: `[rg-name]-architecture.md` - Ensure Mermaid syntax is valid (test syntax mentally before output) 3. **Terminal (when needed)**: - Use Azure CLI for complex queries not available via MCP - Example: `az resource list --resource-group <name> --output json` - Example: `az network vnet show --resource-group <name> --name <vnet-name>` ### Constraints & Boundaries **Always Do:** - ✅ List resource groups if not specified - ✅ Wait for user selection before proceeding - ✅ Analyze ALL resources in the group - ✅ Create detailed, accurate diagrams - ✅ Include configuration details in node labels - ✅ Group resources logically with subgraphs - ✅ Label all connections descriptively - ✅ Create a complete markdown file with diagram **Never Do:** - ❌ Skip resources because they seem unimportant - ❌ Make assumptions about resource relationships without verification - ❌ Create incomplete or placeholder diagrams - ❌ Omit configuration details that affect architecture - ❌ Proceed without confirming resource group selection - ❌ Generate invalid Mermaid syntax - ❌ Modify or delete Azure resources (read-only analysis) ### Edge Cases & Error Handling - **No resources found**: Inform user and verify resource group name - **Permission issues**: Explain what's missing and suggest checking RBAC - **Complex architectures (50+ resources)**: Consider creating multiple diagrams by layer - **Cross-resource-group dependencies**: Note external dependencies in diagram notes - **Resources without clear relationships**: Group in "Other Resources" section ## Output Format Specifications ### Mermaid Diagram Syntax - Use `graph TB` (top-to-bottom) for vertical layouts - Use `graph LR` (left-to-right) for horizontal layouts (better for wide architectures) - Subgraph syntax: `subgraph "Descriptive Name"` - Node syntax: `ID["Display Name<br/>Details"]` - Connection syntax: `SOURCE -->|"Label"| TARGET` ### Markdown Structure - Use H1 for main title - Use H2 for major sections - Use H3 for subsections - Use tables for resource inventories - Use bullet lists for notes and recommendations - Use code blocks with `mermaid` language tag for diagrams ## Success Criteria A successful analysis includes: - ✅ Valid resource group identified - ✅ All resources discovered and analyzed - ✅ All significant relationships mapped - ✅ Detailed Mermaid diagram with proper grouping - ✅ Complete markdown file created - ✅ Clear, actionable documentation - ✅ Valid Mermaid syntax that renders correctly - ✅ Professional, architect-level output Your goal is to provide clarity and insight into Azure architectures, making complex resource relationships easy to understand through excellent visualization.
More from microsoft/GitHub-Copilot-for-Azure
- airunway-aks-setupSet up AI Runway on AKS — from bare cluster to running model. Covers cluster verification, controller install, GPU assessment, provider setup, and first deployment. WHEN: \"setup AI Runway\", \"onboard AKS cluster\", \"install AI Runway\", \"airunway setup\", \"deploy model to AKS\", \"GPU inference on AKS\", \"KAITO setup on AKS\", \"run LLM on AKS\", \"vLLM on AKS\", \"set up model serving on AKS\", \"AI Runway controller\".
- analyze-skill-issuesQuery the integration-test storage account to find why a specific skill's tests are failing. Reads blob-stored test result files and surfaces error details. TRIGGERS: why is skill failing, skill test failures, debug skill tests, skill failing tests, analyze skill failures, why are tests failing for skill, skill test errors, investigate skill issues. DO NOT USE FOR: analyzing a GitHub Actions run report or comparing test runs across runs (use analyze-test-run).
- analyze-test-runAnalyze a GitHub Actions integration test run and produce a skill invocation report with failure root-cause issues. TRIGGERS: analyze test run, skill invocation rate, test run report, compare test runs, skill invocation summary, test failure analysis, run report, test results, action run report
- appinsights-instrumentationGuidance for instrumenting webapps with Azure Application Insights. Provides telemetry patterns, SDK setup, and configuration references. WHEN: how to instrument app, App Insights SDK, telemetry patterns, what is App Insights, Application Insights guidance, instrumentation examples, APM best practices.
- azure-aiUse for Azure AI: Search, Speech, OpenAI, Document Intelligence. Helps with search, vector/hybrid search, speech-to-text, text-to-speech, transcription, OCR. WHEN: AI Search, query search, vector search, hybrid search, semantic search, speech-to-text, text-to-speech, transcribe, OCR, convert text to speech.
- azure-aigatewayConfigure Azure API Management as an AI Gateway for AI models, MCP tools, and agents. WHEN: semantic caching, token limit, content safety, load balancing, AI model governance, MCP rate limiting, jailbreak detection, add Azure OpenAI backend, add AI Foundry model, test AI gateway, LLM policies, configure AI backend, token metrics, AI cost control, convert API to MCP, import OpenAPI to gateway.
- azure-cloud-migrateAssess and migrate cross-cloud workloads to Azure with reports and code conversion. Supports Lambda→Functions, Beanstalk/Heroku/App Engine→App Service, Fargate/Kubernetes/Cloud Run→Container Apps. WHEN: migrate Lambda to Functions, AWS to Azure, migrate Beanstalk, migrate Heroku, migrate App Engine, Cloud Run migration, Fargate to ACA, ECS/Kubernetes/GKE/EKS to Container Apps, cross-cloud migration.
- azure-complianceRun Azure compliance and security audits with azqr plus Key Vault expiration checks. Covers best-practice assessment, resource review, policy/compliance validation, and security posture checks. WHEN: compliance scan, security audit, BEFORE running azqr (compliance cli tool), Azure best practices, Key Vault expiration check, expired certificates, expiring secrets, orphaned resources, compliance assessment.
- azure-computeAzure VM and VMSS router for recommendations, pricing, autoscale, orchestration, connectivity troubleshooting, and capacity reservations. WHEN: Azure VM, VMSS, scale set, recommend, compare, server, website, burstable, lightweight, VM family, workload, GPU, learning, simulation, dev/test, backend, autoscale, load balancer, Flexible orchestration, Uniform orchestration, cost estimate, connect, refused, Linux, black screen, reset password, reach VM, port 3389, NSG, troubleshoot, capacity reservation, CRG, reserve VMs, guarantee capacity, pre-provision capacity, CRG association, CRG disassociation.
- azure-costUnified Azure cost management: query historical costs, forecast future spending, and optimize to reduce waste. WHEN: \"Azure costs\", \"Azure spending\", \"Azure bill\", \"cost breakdown\", \"cost by service\", \"cost by resource\", \"how much am I spending\", \"show my bill\", \"monthly cost summary\", \"cost trends\", \"top cost drivers\", \"actual cost\", \"amortized cost\", \"forecast spending\", \"projected costs\", \"estimate bill\", \"future costs\", \"budget forecast\", \"end of month costs\", \"how much will I spend\", \"optimize costs\", \"reduce spending\", \"find cost savings\", \"orphaned resources\", \"rightsize VMs\", \"cost analysis\", \"reduce waste\", \"unused resources\", \"optimize Redis costs\", \"cost by tag\", \"cost by resource group\", \"AKS cost analysis add-on\", \"namespace cost\", \"cost spike\", \"anomaly\", \"budget alert\", \"AKS cost visibility\". DO NOT USE FOR: deploying resources, provisioning infrastructure, diagnostics, security audits, or estimating costs for new resources not yet deployed.