Route FinOps tasks to the narrowest specialist or team of specialists from the catalog. Use when you do not already know the specialist.
Govern Huawei Cloud SWR (Software Repository for Container) — image retention policy, vulnerability scanning via VSS (Vulnerability Scan Service) integration, namespace permission…
Analyze BigQuery slot reservation sizing, BI Engine acceleration, query cost estimation, dataset governance (expiration, access controls), and partitioning/clustering optimization…
Design Alibaba Cloud solutions — product selection (PolarDB vs RDS, ACK vs ASK vs SAE, MaxCompute vs AnalyticDB), architecture patterns, landing zone design, and disaster recovery…
Gate CCE deployment mutations, node pool upgrades, and cluster version changes against rollback posture and workload disruption budget before any production change.
Gate IAM fine-grained policy and SCP mutations — account-wide blast radius, privilege escalation, and potential full access denial.
Route marketing-governance review tasks to the narrowest specialist or team of specialists from the catalog.
Review Microsoft Entra identity governance posture for Azure operators, with focus on standing versus eligible access, Privileged Identity Management, access reviews, entitlement…
Review Scaleway IAM policies, API key governance, service account bindings, and organization/project-level permission sets for least-privilege posture.
Route Kubernetes tasks to the narrowest specialist or team of specialists from the catalog. Use when you do not already know the specialist.
Triage Huawei Cloud operational alerts, incidents, and support tickets — P0/P1/P2/P3 classification, Huawei Cloud Premium Support SLA enforcement, Account Manager escalation, AOM…
Review and design Scaleway network topology for security and high availability: VPC layout, Private Network attachment across zones, security group rules, Load Balancer…
Gate ACK deployment mutations, node pool scaling, and cluster version upgrades against rollback posture and workload disruption budget.
Review Amazon EKS Kubernetes platform operations across cluster access, IRSA, IAM roles for service accounts, pod identity, node groups, Karpenter, autoscaling, CNI/network…
Route and classify Hetzner Cloud tasks to the narrowest qualified specialist — cost optimization, infrastructure review, capacity planning, firewall guard, or server lifecycle…
Configure Assured Workloads for regulated workloads (FedRAMP High/Moderate, HIPAA, PCI-DSS, ITAR, IL4/IL5), audit controls implementation, and gather compliance evidence using…
Assess Huawei Cloud workload reliability using the Well-Architected Framework Reliability pillar: AZ distribution, ELB load balancing, Auto Scaling, GaussDB and RDS multi-AZ HA,…
Plan Alibaba Cloud migrations using SMC (Server Migration Center), DTS (Data Transmission Service) for data sync, OSSImport for object storage migration, and design cutover…
Assess AWS change impact using change sets, deployment blast radius, rollback readiness, dependency mapping, risk, go/no-go context, approval context, and stakeholder…
Operate Huawei DWS (GaussDB DWS data warehouse), DLI (Data Lake Insight serverless Spark/Flink), MRS (MapReduce Service), and DataArts Studio for data governance and pipeline…
Review and design AWS landing zones, AWS Control Tower environments, Organizations structures, OUs, account vending patterns, guardrails, central logging, security/audit accounts,…
Analyze GCP spend via Billing exports, optimize committed-use and sustained-use discounts, design cost attribution (labels/tags), investigate budget alert drift, and recommend…
Patch AWS deployment hotfix config, release parameters, manifest mistakes, environment drift, rollback blockers, and rollout blockers in-repo.
Review Alibaba Cloud EventBridge, MNS (Message Notification Service), RocketMQ, and MSE event-driven designs — dead-letter queues, message ordering, idempotency, retry storm…
Design, review, and improve AWS DevOps Agent-compatible skills, investigation workflows, learned skills, tool-use best practices, agent type targeting, frontmatter descriptions,…
Audit GCP IAM bindings across the resource hierarchy (org/folder/project), identify overprivileged Service Accounts, review Workload Identity Federation configurations, evaluate…
Operate as a ruthless OCI storage and backup steward for Object Storage, Block Volume, File Storage, backup policies, retention, replication, lifecycle rules, restore readiness,…
Analyze Oracle Cloud Infrastructure cost, usage, budgets, tagging, rightsizing, commitment coverage, and FinOps governance.
Review AWS CI/CD and release safety across CodePipeline, CodeBuild, CodeDeploy, GitHub Actions, GitLab, artifact provenance, deployment gates, approvals, tests, progressive…
Guard OKE deployment rollouts via DevOps Service approval stages with canary and blue-green evidence, rollout health verification, and kubectl rollout undo gates.
Evaluate GCP workload security posture against the Google Cloud Well-Architected Framework security pillar — covering zero trust, shift-left security, preemptive cyber defense, AI…
Review Alibaba Cloud workload HA and BCDR designs — RDS High-Availability Edition failover, PolarDB Global Database Network, ACK multi-zone, ECS disaster recovery cross-region,…
Pre-change blast radius analysis for GCP — cross-project resource dependency mapping, org policy cascade effects, Shared VPC peering impact, Service Account impersonation chain…
Review OVHcloud IAM policies for overly permissive allow rules, missing deny blocks, unscoped URNs, absent condition blocks (IP CIDR, resource tag, expiration), and identity-group…
Guard live CloudFormation, SAM, CDK, and Terraform-backed AWS infrastructure changes with change set, drift, stack policy, rollback trigger, approval, and execute gates.
Design Huawei Cloud solutions — product selection, enterprise-project model design, region selection for MLPS/sovereignty requirements, architecture patterns, multi-zone and…
Analyze OVHcloud Public Cloud cost posture across projects and regions: identify idle instances and unattached volumes, review Savings Plans and commitment coverage, recommend…
Deploy and operate Cloud Run services, Cloud Functions gen2, Eventarc triggers, traffic splitting for progressive delivery, and cold-start optimization strategies.
Gate IAM binding mutations, org policy changes, and Service Account key creation against the GCP resource hierarchy.
Gate RAM policy/role mutations against the Alibaba Cloud account hierarchy. RAM AdministratorAccess assignment, policy deletion with active STS tokens, and Resource Directory…
Operate PolarDB (MySQL/PG/Oracle) clusters and RDS instances — DAS diagnostics, database proxy, Global Database Network, backup strategy, and performance tuning.
Review Azure cost estimates, pricing calculator assumptions, SKU and region choices, environment sizing realism, and uncertainty handling using official Microsoft cost-management…
Assess Alibaba Cloud workload reliability: multi-AZ ECS topology, SLB/ALB/NLB load balancing, Auto Scaling health policies, RDS/PolarDB HA failover, backup and cross-region DR,…
Analyze Alibaba Cloud spend via Cost Manager, optimize Savings Plans and Reserved Instance coverage, design resource tagging strategy, investigate budget drift, and right-size…
Review Amazon Bedrock agents, AgentCore, Guardrails, knowledge bases, action groups, memory, MCP/tool integrations, prompt-injection and prompt-leakage defenses, PII handling,…
Manage Huawei DEW (Data Encryption Workshop) — KMS key lifecycle and rotation, CSMS secret rotation automation, CBH (Cloud Bastion Host) privileged access session management, and…
Query Alibaba Cloud ActionTrail management API call history, build governance audit reports, create SLS-based compliance evidence trails, and detect anomalous admin activity…
Review broad AWS security posture across Security Hub CSPM, GuardDuty, Inspector, Macie, Config, CloudTrail, IAM, public exposure, vulnerability findings, and remediation…
OCI Maestro routing skill. Classify the user's OCI task, select the narrowest specialist agent or the right team of specialists from the catalog, and dispatch them — single…
Execute and advise on IONOS DBaaS lifecycle operations for PostgreSQL, MariaDB, and MongoDB managed databases.
Design Alibaba Cloud network topology — VPC peering, CEN for multi-VPC/multi-region connectivity, Express Connect for private circuits, SLB/ALB/NLB/CLB load balancer selection,…
Configure and operate Alibaba MSE (Microservice Engine) — Nacos service discovery and configuration management, Sentinel rate limiting and circuit breaking, Seata distributed…
Govern Google Cloud Storage data perimeters — uniform bucket-level access enforcement, public access prevention, VPC Service Controls perimeter coverage, IAM Conditions for…
Build CI/CD pipelines with RDC (Research and Development Collaboration), Cloud Build, Flow pipeline automation, ACR (Container Registry) image lifecycle, and environment promotion…
Analyze Huawei Cloud CBC (Customer Business Console) spend, optimize Reserved Instance and CUD (Committed Use Discount) coverage, manage Cost Center allocation tags, and govern…
Assess Huawei Cloud cost efficiency using the Well-Architected Framework Cost Optimization pillar: ECS flavor selection including Kunpeng Arm, Yearly/Monthly vs Pay-Per-Use…
Govern Huawei Cloud OBS (Object Storage Service) data perimeters — bucket policy and ACL public exposure, Block Public Access configuration, VPC endpoint binding for private…
Deploy and operate Huawei FunctionGraph functions (event triggers, cold start optimization, concurrency), ServiceStage application lifecycle management, and CSE (Cloud Service…
Guard live Amazon ECS and Fargate rollout actions with ecs service, task definition, deployment circuit breaker, alarms, rollback, health check, and approval gates.
Design, review, and troubleshoot AWS network, hybrid, and multi-cloud connectivity across VPCs, Transit Gateway, Direct Connect, VPN, Cloud WAN, Route 53 Resolver, private DNS,…