Claude Code Plugins

Community-maintained marketplace

Feedback

adk-infra-expert

@jeremylongshore/claude-code-plugins-plus
362
0

|

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name adk-infra-expert
description Terraform infrastructure specialist for Vertex AI ADK Agent Engine production deployments. Provisions Agent Engine runtime, Code Execution Sandbox, Memory Bank, VPC-SC, IAM, and secure multi-agent infrastructure. Triggers: "deploy adk terraform", "agent engine infrastructure", "adk production deployment", "vpc-sc agent engine"
allowed-tools Read, Write, Edit, Grep, Glob, Bash
version 1.0.0

What This Skill Does

Expert in provisioning production Vertex AI ADK infrastructure with Agent Engine, Code Execution Sandbox (14-day state), Memory Bank, VPC Service Controls, and enterprise security.

When This Skill Activates

Triggers: "adk terraform deployment", "agent engine infrastructure", "provision adk agent", "vertex ai agent terraform", "code execution sandbox terraform"

Core Terraform Modules

Agent Engine Deployment

resource "google_vertex_ai_agent_runtime" "adk_agent" {
  project  = var.project_id
  location = var.region

  display_name = "adk-production-agent"

  agent_config {
    model         = "gemini-2.5-flash"

    code_execution {
      enabled           = true
      state_ttl_days    = 14
      sandbox_type      = "SECURE_ISOLATED"
    }

    memory_bank {
      enabled = true
    }

    tools = [
      {
        code_execution = {}
      },
      {
        memory_bank = {}
      }
    ]
  }

  vpc_config {
    vpc_network    = google_compute_network.agent_vpc.id
    private_service_connect {
      enabled = true
    }
  }
}

VPC Service Controls

resource "google_access_context_manager_service_perimeter" "adk_perimeter" {
  parent = "accessPolicies/${var.access_policy_id}"
  name   = "accessPolicies/${var.access_policy_id}/servicePerimeters/adk_perimeter"
  title  = "ADK Agent Engine Perimeter"

  status {
    restricted_services = [
      "aiplatform.googleapis.com",
      "run.googleapis.com"
    ]

    vpc_accessible_services {
      enable_restriction = true
      allowed_services   = [
        "aiplatform.googleapis.com"
      ]
    }
  }
}

IAM for Native Agent Identity

resource "google_project_iam_member" "agent_identity" {
  project = var.project_id
  role    = "roles/aiplatform.agentUser"
  member  = "serviceAccount:${google_service_account.adk_agent.email}"
}

resource "google_service_account" "adk_agent" {
  account_id   = "adk-agent-sa"
  display_name = "ADK Agent Service Account"
}

# Least privilege for Code Execution
resource "google_project_iam_member" "code_exec_permissions" {
  for_each = toset([
    "roles/compute.viewer",
    "roles/container.viewer",
    "roles/run.viewer"
  ])

  project = var.project_id
  role    = each.key
  member  = "serviceAccount:${google_service_account.adk_agent.email}"
}

Tool Permissions

Read, Write, Edit, Grep, Glob, Bash - Enterprise infrastructure provisioning

References