AgentSkillsCN

azure-cost-analyzer

分析 Azure 资源组成本,识别优化机会,并生成专业的 FinOps 报告。当用户希望分析 Azure 资源组支出、查找孤立资源、获取成本优化建议,或生成成本分析报告时,应使用此技能。只需提供资源组名称及可选的区域即可调用。

SKILL.md
--- frontmatter
name: azure-cost-analyzer
description: Analyzes Azure resource group costs, identifies optimization opportunities, and generates professional FinOps reports. This skill should be used when the user wants to analyze Azure resource group spending, find orphaned resources, get cost optimization recommendations, or generate cost analysis reports. Invoked with a resource group name and optional region.

Azure Resource Group Cost Analyzer

Analyze an Azure resource group to produce a comprehensive cost optimization report following Microsoft Well-Architected Framework and FinOps Foundation best practices.

Arguments:

  • $0 - Resource Group name (required)
  • $1 - Region for pricing context (optional, defaults to auto-detect from RG)

Output: ~/azure-cost-analysis/{rg-name}-cost-analysis.md


Workflow

Phase 1: Pre-flight Validation

Run the pre-flight check script to validate the environment:

bash
bash scripts/az-preflight-check.sh "$0"

If pre-flight fails, report the specific failure and stop. Common issues:

  • Azure CLI not installed
  • Not logged in (az login needed)
  • Resource group does not exist
  • Subscription not accessible

Phase 2: Resource Discovery

Enumerate all resources in the resource group and categorize by type:

bash
az resource list --resource-group "$0" --output json

Build a resource inventory table with: Name, Type, SKU/Tier, Location, Tags.

Determine which analysis categories apply based on discovered resource types:

  • Compute & Apps: App Service Plans, Web Apps, Functions, VMs, VMSS, Container Apps
  • Data & Cache: Storage Accounts, Redis, SQL, PostgreSQL, Cosmos DB
  • Monitoring & Certs: Log Analytics, App Insights, Alerts, Key Vault, Certificates
  • Cost Management: Cost trends, Advisor recommendations, Activity logs

Phase 3: Parallel Deep Analysis

Spawn 4 azure-infra-engineer agents via the Task tool, each analyzing their assigned category. Pass the resource group name and the list of relevant resources to each agent.

Agent 1 - Compute & Apps Analyst:

Instruct the agent to analyze compute and application resources in resource group $0. For each resource found:

  • App Service Plans: SKU, worker count, app count, CPU/memory utilization (last 30 days), slot configurations
  • Web Apps / Function Apps: Runtime, always-on setting, deployment slots, custom domains, SSL bindings, app settings count, connection strings, outbound IP dependencies
  • VMs: Size, OS, disk configuration, CPU/memory utilization, auto-shutdown settings
  • Container Apps: Revision mode, scaling rules, resource limits

Use commands from the references/azure-cli-commands.md reference. Save findings to ~/azure-cost-analysis/$0-compute-analysis.md.

Agent 2 - Data & Cache Analyst:

Instruct the agent to analyze data and caching resources in resource group $0. For each resource found:

  • Storage Accounts: SKU, replication, access tier, container count, blob metrics (capacity, transaction count), lifecycle policies, CORS rules
  • Redis Cache: SKU/tier, memory usage, connected clients, cache hit ratio, eviction policy, clustering config
  • SQL/PostgreSQL: SKU, DTU/vCore, storage used vs allocated, connection count, long-running queries, backup retention
  • Cosmos DB: Throughput model (provisioned vs serverless), RU consumption, partition key distribution

Use commands from the references/azure-cli-commands.md reference. Save findings to ~/azure-cost-analysis/$0-data-analysis.md.

Agent 3 - Monitoring & Certs Analyst:

Instruct the agent to analyze monitoring and certificate resources in resource group $0. For each resource found:

  • Log Analytics Workspaces: SKU, daily cap, retention period, ingestion volume (last 30 days), connected sources
  • Application Insights: Type, daily cap, retention, ingestion volume, sampling rate
  • Alert Rules: Count, action groups, frequency, evaluation windows
  • Key Vault: SKU, secret/key/certificate count, access policies, soft-delete status
  • Certificates: Expiration dates, issuer, associated bindings

Use commands from the references/azure-cli-commands.md reference. Save findings to ~/azure-cost-analysis/$0-monitoring-analysis.md.

Agent 4 - Cost & Governance Analyst:

Instruct the agent to analyze cost trends and governance for resource group $0:

  • Cost Management: Last 6 months of cost data by resource, identify cost spikes and trends
  • Azure Advisor: Pull all recommendations (cost, security, reliability, performance)
  • Activity Logs: Last 6 months of resource modifications, identify unused/stale resources
  • Resource Graph: Run orphaned resource queries from references/resource-graph-queries.md
  • Tags: Audit tag compliance, identify untagged resources
  • Resource Locks: Check for delete/read-only locks

Use commands from the references/azure-cli-commands.md reference. Save findings to ~/azure-cost-analysis/$0-cost-governance-analysis.md.

Phase 4: Azure Advisor & Resource Graph

After parallel agents complete, run additional cross-cutting analysis:

bash
# Orphaned resource detection
az graph query -q "Resources | where resourceGroup =~ '$0' | where type =~ 'microsoft.network/publicipaddresses' | where properties.ipConfiguration == ''" --output json

Load queries from references/resource-graph-queries.md and execute each one scoped to the target resource group. Compile a list of orphaned/zombie resources.

Phase 5: Report Compilation

Merge all agent findings into a single professional report. Use the template structure from references/report-template.md:

  1. Read all agent output files from ~/azure-cost-analysis/$0-*-analysis.md
  2. Compile into the report template structure
  3. Cross-reference findings between agents (e.g., App Service connecting to Redis)
  4. Calculate estimated monthly costs using references/pricing-reference.md
  5. Generate 3 optimization scenarios (Conservative, Moderate, Aggressive)
  6. Produce the final report at ~/azure-cost-analysis/$0-cost-analysis.md

Phase 6: Summary & Recommendations

Present to the user:

  1. Executive summary (total estimated monthly cost, top 3 savings opportunities)
  2. Critical issues requiring immediate attention (security, expiring certs, governance gaps)
  3. Recommended next steps with the safety checklist from references/safety-checklist.md
  4. Link to the full report file

Reference Files

Load these as needed during analysis:

Scripts


Key Design Principles

  1. Adaptive Analysis: Dynamically adjust analysis based on discovered resource types -- never assume a fixed resource list
  2. FinOps-Aligned: Follow Microsoft Well-Architected Framework Cost Optimization pillar
  3. Safety-First: Never recommend hard deletes without the safety checklist; always recommend resource locks before deletion
  4. Parallel Execution: Use 4 agents for speed on large resource groups
  5. Cross-Reference Dependencies: Map connections between resources (e.g., App Service -> Redis, Web App -> Storage) before recommending deletions
  6. Actionable Output: Every recommendation includes an az CLI command to execute it