Agentic InfraOps

A multi-agent orchestration system for Azure infrastructure development
Requirements → Architecture → Plan → Code → Deploy → Documentation

Quick Start » · Sample Outputs · Prompt Guide · Report Bug

---

Agentic InfraOps coordinates specialized AI agents through a complete infrastructure development cycle. Instead of context-switching between requirements, architecture decisions, IaC authoring (Bicep or Terraform), and documentation, you get a structured 7-step workflow with built-in WAF alignment, AVM-first code generation, and mandatory human approval gates. Choose your IaC track — Bicep or Terraform — and the system routes to the right agents, subagents, and validation pipelines automatically.

---

Agentic Workflow

sequenceDiagram
    autonumber
    participant U as 👤 User
    participant C as 🎼 Conductor
    participant R as 📋 Requirements
    participant X as ⚔️ Challenger
    participant A as 🏛️ Architect
    participant IaC as 📐 IaC Plan
    participant Gen as ⚒️ IaC Code
    participant D as 🚀 Deploy
    participant W as 📚 As-Built

    Note over C: ORCHESTRATION LAYER<br/>AI prepares. Humans decide.

    %% --- Step 1: Requirements ---
    U->>C: Describe infrastructure intent
    C->>R: Translate intent into structured requirements
    R-->>C: 01-requirements.md (includes iac_tool selection)
    C->>X: Challenge requirements
    X-->>C: challenge-findings.json
    C->>U: Present requirements + challenge findings

    rect rgba(255, 200, 0, 0.15)
    Note over U,C: 🛑 HUMAN APPROVAL GATE
    U-->>C: Approve requirements
    end

    %% --- Step 2: Architecture Assessment ---
    C->>A: Assess architecture (WAF + Cost)
    Note right of A: cost-estimate-subagent<br/>handles pricing queries
    A-->>C: 02-assessment.md + 03-cost-estimate.md
    C->>X: Challenge architecture
    X-->>C: challenge-findings.json
    C->>U: Present architecture + challenge findings

    rect rgba(255, 200, 0, 0.15)
    Note over U,C: 🛑 HUMAN APPROVAL GATE
    U-->>C: Approve architecture
    end

    %% --- Step 4: Planning & Governance ---
    C->>IaC: Create implementation plan + governance
    Note right of IaC: governance-discovery-subagent<br/>queries Azure Policy via REST API
    Note right of IaC: Bicep → bicep-planner<br/>Terraform → terraform-planner
    IaC-->>C: 04-plan.md + governance constraints
    C->>X: Challenge implementation plan
    X-->>C: challenge-findings.json
    C->>U: Present plan + challenge findings

    rect rgba(255, 200, 0, 0.15)
    Note over U,C: 🛑 HUMAN APPROVAL GATE
    U-->>C: Approve plan
    end

    %% --- Step 5: IaC Generation & Validation ---
    C->>Gen: Generate IaC templates (AVM-first)
    Note right of Gen: Bicep → bicep-codegen<br/>Terraform → terraform-codegen
    Gen-->>C: infra/bicep/{project} or infra/terraform/{project}

    rect rgba(0, 150, 255, 0.08)
    Note over C,Gen: 🔍 Subagent Validation Loop
    Note right of Gen: Bicep: lint → review subagents<br/>Terraform: lint → review subagents
    alt ✅ Validation passes
        C->>U: Present templates for deployment
        rect rgba(255, 200, 0, 0.15)
        Note over U,C: 🛑 HUMAN APPROVAL GATE
        U-->>C: Approve for deployment
        end
    else ⚠️ Validation fails
        C->>Gen: Revise with feedback
    end
    end

    %% --- Step 6: Deployment ---
    C->>D: Execute deployment
    Note right of D: Bicep: whatif-subagent<br/>Terraform: plan-subagent
    D-->>C: 06-deployment-summary.md
    C->>U: Present deployment summary

    rect rgba(255, 200, 0, 0.15)
    Note over U,D: 🛑 HUMAN VERIFICATION
    U-->>C: Verify deployment
    end

    %% --- Step 7: As-Built Documentation ---
    C->>W: Generate workload documentation
    Note right of W: Reads all prior artifacts (01-06)<br/>+ queries deployed resource state
    W-->>C: 07-*.md documentation suite
    C->>U: Present as-built docs

    Note over U,W: ✅ AI Orchestrated. Human Governed. Azure Ready.

Loading

(back to top)

---

⚡ Quick Start

Prerequisites: Docker Desktop (or Podman/Rancher), VS Code with Dev Containers, GitHub Copilot.

git clone https://github.com/jonathan-vella/azure-agentic-infraops.git
cd azure-agentic-infraops
code .

1. Press F1 → Dev Containers: Reopen in Container (first build: ~2-3 min, all tools pre-installed)
2. Enable the required VS Code setting:

   { "chat.customAgentInSubagent.enabled": true }

3. Press Ctrl+Shift+I → select InfraOps Conductor → describe your infrastructure

Create a web app with Azure App Service, Key Vault, and SQL Database

The Conductor guides you through all 7 steps with approval gates.

📖 Full Quick Start Guide →

(back to top)

---

Agents

View full agent roster

Conductor

Agent	Role
InfraOps Conductor	Master orchestrator — manages all 7 steps

Core Agents

Steps 1-3 and 7 are shared. Steps 4-6 have Bicep and Terraform variants.

Step	Agent	Role
1	requirements	Captures functional, NFR, and compliance needs
2	architect	WAF assessment, design decisions, cost estimate
3	design	Architecture diagrams and ADRs (optional)
4b	bicep-planner	Bicep implementation planning with governance
4t	terraform-planner	Terraform implementation planning with governance
5b	bicep-codegen	AVM-first Bicep template generation
5t	terraform-codegen	AVM-TF Terraform configuration generation
6b	bicep-deploy	Bicep deployment via deploy.ps1
6t	terraform-deploy	Terraform deployment via bootstrap.sh / deploy.sh
7	as-built	As-built documentation suite

Subagents

Subagent	Track	Role
cost-estimate-subagent	Shared	Azure Pricing MCP queries
governance-discovery-subagent	Shared	Azure Policy REST API discovery
bicep-lint-subagent	Bicep	Syntax validation (bicep lint, bicep build)
bicep-review-subagent	Bicep	Code review (AVM standards, security, naming)
bicep-whatif-subagent	Bicep	Deployment preview (az deployment what-if)
terraform-lint-subagent	Terraform	Syntax validation (terraform validate, fmt)
terraform-review-subagent	Terraform	Code review (AVM-TF, security, naming)
terraform-plan-subagent	Terraform	Deployment preview (terraform plan)

Standalone Agents

Agent	Role
challenger	Adversarial reviewer — challenges requirements, architecture, and plans for blind spots
diagnose	Resource health assessment and troubleshooting

(back to top)

---

🧩 MCP Integration

MCP Server	Purpose
Azure MCP Server	40+ Azure service tools — governance, monitoring, RBAC
Pricing MCP	Real-time Azure retail pricing for cost-aware decisions
Terraform MCP Server	Terraform registry, plan/apply, workspace management
GitHub MCP Server	Issues, PRs, repositories, Actions (MCP-first approach)
Microsoft Learn MCP Server	Official Microsoft documentation search and fetch

(back to top)

---

Related Repositories

🚀 azure-agentic-infraops-accelerator

A curated collection of pre-built, production-ready Azure infrastructure patterns generated and validated by the Agentic InfraOps workflow. Use it as a starting point for common workload archetypes—each pattern ships with Bicep templates, agent artifacts, and deployment scripts.

🎓 azure-agentic-infraops-workshops

Hands-on workshop material for teams and individuals learning the Agentic InfraOps workflow. Structured labs walk you through each of the 7 steps with guided exercises, sample prompts, and reference solutions—from first Conductor run to full deployment.

(back to top)

---

🤝 Contributing & License

Contributions are welcome — see CONTRIBUTING.md for guidelines. MIT License — see LICENSE for details.

Built upon copilot-orchestra and Github-Copilot-Atlas.

---

Made with ❤️ by Jonathan Vella