Serverless Deployment Designer
Design serverless function deployments for AWS Lambda, Azure Functions, and Google Cloud Functions with event sources, IAM, and cold start optimization.
Best use case
Serverless Deployment Designer is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Design serverless function deployments for AWS Lambda, Azure Functions, and Google Cloud Functions with event sources, IAM, and cold start optimization.
Teams using Serverless Deployment Designer should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/cloud-serverless-designer/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How Serverless Deployment Designer Compares
| Feature / Agent | Serverless Deployment Designer | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Design serverless function deployments for AWS Lambda, Azure Functions, and Google Cloud Functions with event sources, IAM, and cold start optimization.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
## Purpose & When-To-Use
**Trigger conditions:**
- Designing event-driven serverless architecture
- Converting application logic to serverless functions
- Configuring event sources and triggers for functions
- Implementing least-privilege IAM for serverless workloads
- Optimizing serverless cold start performance
- Deploying HTTP APIs with API Gateway + Lambda
**Not for:**
- Long-running processes >15 minutes (use containers instead)
- Stateful applications requiring persistent connections
- Complete orchestration across multiple deployment types (use cloud-native-orchestrator agent)
- Container-based serverless (Fargate, Cloud Run) - use kubernetes-manifest-generator
---
## Pre-Checks
**Time normalization:**
- Compute `NOW_ET` using NIST/time.gov semantics (America/New_York, ISO-8601): 2025-10-26T01:33:54-04:00
- Use `NOW_ET` for all citation access dates
**Input validation:**
- `cloud_provider` must be: aws, azure, or gcp
- `runtime` must be supported by cloud provider (check version compatibility)
- `trigger_type` must be: http, s3, queue, schedule, stream, or custom
- `memory_mb` must be within provider limits (AWS: 128-10240, Azure: 128-4096)
- `timeout_seconds` must be ≤900 (15 minutes max across all providers)
**Source freshness:**
- AWS Lambda Best Practices (accessed 2025-10-26T01:33:54-04:00): https://docs.aws.amazon.com/lambda/latest/dg/best-practices.html
- Azure Functions Best Practices (accessed 2025-10-26T01:33:54-04:00): https://learn.microsoft.com/en-us/azure/azure-functions/functions-best-practices
- Google Cloud Functions Best Practices (accessed 2025-10-26T01:33:54-04:00): https://cloud.google.com/functions/docs/bestpractices
**Decision thresholds:**
- T1 for basic function configuration with single event source
- T2 for production deployment with IAM, VPC, and optimization
---
## Procedure
### T1: Basic Function Configuration (≤2k tokens)
**Step 1: Generate function configuration**
- Create platform-specific function definition (AWS Lambda config, Azure function.json)
- Configure runtime, memory, and timeout
- Add basic environment variables placeholder
- Define handler entry point
**Step 2: Configure event source**
- Map trigger type to platform-specific event source
- HTTP → API Gateway (AWS), HTTP Trigger (Azure), HTTP Functions (GCP)
- Queue → SQS/SNS (AWS), Queue Trigger (Azure), Pub/Sub (GCP)
- Schedule → EventBridge (AWS), Timer Trigger (Azure), Cloud Scheduler (GCP)
**Output:**
- Basic function configuration
- Event source mapping
- Deployment command
**Abort conditions:**
- Runtime not supported by selected cloud provider
- Trigger type incompatible with cloud provider
---
### T2: Production-Ready Deployment (≤6k tokens)
**All T1 steps plus:**
**Step 1: IAM and security configuration**
- Generate least-privilege IAM policy/managed identity
- Add permissions for event sources (S3 read, SQS poll, etc.)
- Configure VPC access if required (security groups, subnets)
- Add encryption for environment variables
- Enable dead letter queue for failure handling
**Step 2: Cold start optimization**
- Minimize package size (exclude dev dependencies)
- Configure provisioned concurrency if needed
- Use appropriate runtime version (latest ARM64 for AWS)
- Implement connection pooling for database clients
- Add lambda layers for shared dependencies (AWS)
**Step 3: Deployment template generation**
- Create SAM template (AWS) or Serverless Framework config
- Add API Gateway resource with throttling and caching
- Configure CORS and authorization
- Add CloudWatch Logs retention policy
- Include X-Ray tracing configuration
**Step 4: Cost and performance optimization**
- Calculate cost estimate based on invocations and memory
- Recommend memory sizing based on workload type
- Configure concurrency limits to prevent runaway costs
- Add CloudWatch alarms for error rate and throttling
**Output:**
- Complete SAM/Serverless Framework template
- IAM policy with least-privilege permissions
- VPC configuration (if applicable)
- Cost estimate with optimization recommendations
- Deployment and testing commands
**Abort conditions:**
- VPC requirements conflict with cold start performance needs
- Timeout requirements exceed platform limits
- Concurrency requirements exceed account limits
---
### T3: Advanced Serverless Architecture (≤12k tokens)
**All T1 + T2 steps plus:**
**Step 1: Multi-function orchestration**
- Design Step Functions (AWS) or Durable Functions (Azure) workflow
- Add retry policies and error handling
- Configure function chaining and parallel execution
**Step 2: Advanced monitoring**
- Structured logging with correlation IDs
- Custom CloudWatch metrics
- Distributed tracing with X-Ray/Application Insights
- Cost anomaly detection alerts
**Step 3: CI/CD integration**
- GitHub Actions or GitLab CI pipeline for deployment
- Blue/green deployment strategy
- Automated integration tests
- Canary deployment with traffic shifting
**Output:**
- Multi-function orchestration workflow
- Complete CI/CD pipeline
- Observability stack configuration
- Disaster recovery and rollback procedures
---
## Decision Rules
**Cloud provider-specific features:**
- **AWS Lambda**: Best ARM64 support, extensive event sources, Step Functions orchestration
- **Azure Functions**: .NET integration, Durable Functions for stateful workflows, Premium plan for VNet
- **Google Cloud Functions**: Integrated with Pub/Sub, Cloud Run for containerized, Eventarc for event routing
**Memory sizing:**
- **Small functions** (simple transforms): 128-512 MB
- **Medium functions** (API handlers): 512-1024 MB
- **Large functions** (data processing): 1024-3008 MB
- **Memory-intensive** (ML inference): 3008-10240 MB
**Runtime selection:**
- **Node.js**: Fast cold starts, good for I/O-bound tasks
- **Python**: ML/data processing libraries, moderate cold starts
- **Go**: Fastest cold starts, compiled binary, low memory footprint
- **Java**: Enterprise libraries, slower cold starts (use SnapStart on AWS)
- **.NET**: C# integration, moderate cold starts, Azure-optimized
**Concurrency strategy:**
- **On-demand**: Variable traffic, cost-sensitive
- **Provisioned**: Latency-sensitive, predictable traffic, cold start elimination
- **Reserved**: High throughput, cost predictable, guaranteed capacity
**Ambiguity handling:**
- If trigger_type unclear → request application event flow diagram
- If memory_mb not specified → start with 512 MB and recommend load testing
- If vpc_required unclear → ask about private resource dependencies
---
## Output Contract
**Required fields (all tiers):**
```yaml
function_config:
name: "function-name"
runtime: "nodejs18.x | python3.11 | go1.x | etc"
handler: "index.handler"
memory_mb: integer
timeout_seconds: integer
environment_variables:
- key: value (placeholders)
event_source:
type: "http | s3 | queue | schedule"
configuration: "platform-specific event source config"
deployment_command: "aws deploy | func deploy | gcloud deploy"
```
**Additional T2 fields:**
```yaml
iam_policy:
platform: "aws-iam | azure-managed-identity | gcp-service-account"
permissions: ["array of least-privilege permissions"]
policy_document: "JSON or YAML policy"
vpc_config:
enabled: boolean
security_group_ids: ["sg-xxx"]
subnet_ids: ["subnet-xxx"]
cold_start_optimization:
package_size_mb: float
provisioned_concurrency: integer
optimization_techniques: ["array of applied optimizations"]
cost_estimate:
monthly_invocations: integer
estimated_cost_usd: float
cost_per_million_requests: float
```
**Additional T3 fields:**
```yaml
orchestration:
workflow_type: "step-functions | durable-functions | workflows"
workflow_definition: "ASL or workflow config"
ci_cd_pipeline:
platform: "github-actions | gitlab-ci"
pipeline_config: "YAML workflow definition"
deployment_strategy: "blue-green | canary | rolling"
observability:
logging: "structured logging configuration"
metrics: "custom metrics definitions"
tracing: "x-ray | application-insights config"
alerts: ["array of CloudWatch/Azure Monitor alerts"]
```
---
## Examples
```yaml
# T1 Example: AWS Lambda with API Gateway (SAM)
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Resources:
ApiFunction:
Type: AWS::Serverless::Function
Properties:
Handler: index.handler
Runtime: nodejs18.x
MemorySize: 512
Timeout: 30
Environment:
Variables:
NODE_ENV: production
Events:
ApiEvent:
Type: Api
Properties:
Path: /api
Method: GET
```
```python
# T2 Example: IAM Policy (AWS Lambda)
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents"],
"Resource": "arn:aws:logs:*:*:*"
}
]
}
```
---
## Quality Gates
**Token budgets (enforced):**
- **T1**: ≤2,000 tokens - basic function and event source configuration
- **T2**: ≤6,000 tokens - production IAM, VPC, optimization, deployment template
- **T3**: ≤12,000 tokens - orchestration, CI/CD, advanced observability
**Safety checks:**
- No hardcoded secrets in function code or environment variables
- IAM policies follow least-privilege principle
- Dead letter queues configured for async invocations (T2+)
- Timeout set appropriately to prevent runaway executions
- Concurrency limits prevent cost overruns
**Auditability:**
- Runtime versions explicitly specified (not :latest)
- IAM permissions documented with justification
- Event source configurations cite official documentation
- Cost estimates include methodology and assumptions
**Determinism:**
- Same inputs produce identical configuration
- Memory and timeout settings based on documented guidelines
- IAM policies generated from standard templates
**Validation requirements:**
- Function config validates against platform schema (SAM validate, etc.)
- IAM policies pass IAM policy validator
- T2+ configs include cost estimate with breakdown
---
## Resources
**Official Documentation (accessed 2025-10-26T01:33:54-04:00):**
- AWS Lambda Developer Guide: https://docs.aws.amazon.com/lambda/latest/dg/welcome.html
- AWS Lambda Best Practices: https://docs.aws.amazon.com/lambda/latest/dg/best-practices.html
- AWS SAM Documentation: https://docs.aws.amazon.com/serverless-application-model/
- Azure Functions Documentation: https://learn.microsoft.com/en-us/azure/azure-functions/
- Google Cloud Functions Documentation: https://cloud.google.com/functions/docs
- Serverless Framework: https://www.serverless.com/framework/docs
**Cold Start Optimization:**
- AWS Lambda Cold Starts: https://aws.amazon.com/blogs/compute/operating-lambda-performance-optimization-part-1/
- Azure Functions Performance: https://learn.microsoft.com/en-us/azure/azure-functions/performance-reliability
- Lambda SnapStart: https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html
**IAM and Security:**
- AWS Lambda Security Best Practices: https://docs.aws.amazon.com/lambda/latest/dg/lambda-security.html
- Azure Functions Security: https://learn.microsoft.com/en-us/azure/azure-functions/security-concepts
- Least Privilege IAM: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
**Cost Optimization:**
- AWS Lambda Pricing: https://aws.amazon.com/lambda/pricing/
- AWS Lambda Power Tuning: https://github.com/alexcasalboni/aws-lambda-power-tuningRelated Skills
UX Wireframe Designer
Design user experience wireframes, user flows, and interactive mockups for web and mobile applications using industry-standard notation
Load Testing Scenario Designer
Design load testing scenarios using k6, JMeter, Gatling, or Locust with ramp-up patterns, think time modeling, and performance SLI validation.
Integration Testing Designer
Design integration test scenarios with database fixtures, external service mocks, contract testing, and test environment setup for microservices and APIs.
Chaos Engineering Experiment Designer
Design chaos engineering experiments to test system resilience with controlled failure injection, hypothesis formulation, and blast radius control.
Zero Trust Architecture Designer
Design zero-trust architectures with identity-centric security, micro-segmentation, continuous verification, and CISA ZTMM maturity assessment.
RabbitMQ Architecture Designer
Design RabbitMQ architectures with exchanges, quorum queues, routing patterns, clustering, dead letter exchanges, and AMQP best practices.
Message Queue Pattern Designer
Design message queue patterns for RabbitMQ, Kafka, SQS, Azure Service Bus with dead-letter queues, idempotency, ordering guarantees, and backpressure
Deployment Strategy Designer
Design deployment strategies (rolling, blue-green, canary) with platform-specific implementations and automated rollback procedures.
Database Schema Designer
Design normalized database schemas with ERDs, migration plans, and indexing strategies for relational and document databases
Data Engineering Pipeline Designer
Design data pipelines with quality checks, orchestration, and governance using modern data stack patterns for robust ELT/ETL workflows.
Edge Computing Architecture Designer
Design edge computing solutions with CDN integration, edge functions, IoT device management, and latency-optimized deployment patterns.
REST API Designer
Design RESTful APIs with OpenAPI 3.1/3.2, resource modeling, HTTP semantics, versioning, pagination, HATEOAS, and OWASP API Security.