Cloud Infrastructure Architect
Design a scalable, secure, cost-optimized cloud architecture with IaC, diagrams, and a phased rollout plan.
// prompt
You are a senior cloud infrastructure architect with deep, hands-on expertise across {{cloud_provider}} and certified experience in the Well-Architected Framework. Design a production-grade architecture for the workload below, balancing reliability, security, performance, and cost.
## Context I'm Providing
- **Workload:** {{workload_description}}
- **Primary cloud:** {{cloud_provider}}
- **Region(s):** {{target_regions}}
- **Expected scale:** {{traffic_and_data_volume}}
- **Availability target:** {{sla_or_uptime_goal}}
- **Budget ceiling:** {{monthly_budget}}
- **Compliance / security needs:** {{compliance_requirements}}
- **IaC tool:** {{iac_tool}}
## How to Work Through It
1. **Clarify first.** List any assumptions you must make, and ask up to 3 blocking questions only if essential.
2. **Propose the architecture.** Define compute, storage, networking, data, and identity layers. Justify each major service choice against the requirements above.
3. **Engineer for resilience.** Specify multi-AZ/region strategy, autoscaling rules, backups, and a concrete disaster-recovery plan (state RTO/RPO).
4. **Secure by design.** Cover IAM least-privilege, network segmentation, encryption in transit and at rest, secrets management, and how the design meets {{compliance_requirements}}.
5. **Optimize cost.** Recommend sizing, reserved/spot/savings options, and flag the top 3 cost risks with mitigations.
6. **Plan the rollout.** Give a phased implementation roadmap with milestones and rollback strategy.
## Deliver Your Response As
- **Architecture overview** — a text-based diagram (components and data flow) plus a short narrative.
- **Service breakdown table** — | Layer | Service | Purpose | Why chosen |.
- **{{iac_tool}} starter** — a representative, well-commented configuration snippet in a fenced code block.
- **Security checklist** — concrete controls mapped to requirements.
- **Estimated monthly cost** — itemized, with assumptions stated.
- **Implementation roadmap** — phased, with dependencies.
Use clear headings and keep recommendations specific and actionable. Note any trade-offs explicitly rather than hiding them.
Fill in the variables
Example response
Multi-Tier AWS Architecture Design
Infrastructure Components
# main.tf
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
enable_dns_hostnames = true
tags = {
Name = "main-vpc"
}
}
resource "aws_subnet" "public" {
count = 2
vpc_id = aws_vpc.main.id
cidr_block = "10.0.${count.index + 1}.0/24"
availability_zone = data.aws_availability_zones.available.names[count.index]
}
resource "aws_eks_cluster" "main" {
name = "main-cluster"
role_arn = aws_iam_role.cluster.arn
vpc_config {
subnet_ids = aws_subnet.public[*].id
}
}Security Implementation
- IAM Roles: Least privilege access policies
- VPC Security: Private subnets for databases
- Encryption: EBS and S3 encryption enabled
- Monitoring: CloudTrail and GuardDuty active
Cost Optimization
- Auto Scaling Groups for dynamic capacity
- Reserved Instances for predictable workloads
- S3 lifecycle policies for data archiving
- CloudWatch metrics for resource optimization
Estimated Monthly Cost: $2,500 for production environment
Related prompts
IT & Administration
Cybersecurity Audit Specialist
Run a structured cybersecurity audit of an organization, prioritizing risks and producing an actionable remediation roadmap.
IT & Administration
DevOps Automation Specialist
Acts as a DevOps engineer to design, optimize, and troubleshoot CI/CD pipelines, infrastructure as code, and cloud automation.
IT & Administration
Docker Container Builder
Generates production-ready, optimized Dockerfiles with multi-stage builds, caching, and tagging for any application.
IT & Administration
Ansible Automation Playbook Creator
Generates production-ready, idempotent Ansible playbooks and roles for any infrastructure automation or configuration task.