Back to Blog
DevOps
6 min read

How I Use Claude Code for Azure Infrastructure Projects in 2026

Claude CodeAIDevOpsTerraformProductivity

Most content about AI coding assistants focuses on application development: React components, Python scripts, unit tests. The infrastructure engineering use case gets far less attention, which is a shame because it is arguably where AI assistants deliver the most value. Infrastructure work involves enormous context surfaces, complex dependency chains, and documentation-heavy workflows that benefit hugely from an assistant that can hold it all in memory.

Here is how Claude Code fits into actual Azure infrastructure work, focused on the parts of the day-to-day where it has changed how we operate.

CLAUDE.md as Living Documentation

Every project gets a CLAUDE.md file in the repository root. This is not a README or an architecture document. It is an instruction file that Claude Code reads at the start of every session, providing project-specific context that persists across conversations.

A typical CLAUDE.md for an Azure infrastructure project:

# Project: Customer-Name Azure Landing Zone

## Architecture
- Hub-spoke topology with Azure Firewall
- Three spokes: NPD, UAT, PRD
- ExpressRoute connectivity to on-premises
- Terraform state in Azure Storage (backend.tf)

## Conventions
- All resources tagged with: Environment, Owner, CostCentre
- Naming: {resource-type}-{workload}-{environment}-{region}
- Module source: ./modules/{module-name}
- No inline security rules — all NSGs use separate rule resources

## Security Requirements
- All secrets in Key Vault, never in tfvars
- Private endpoints for all PaaS services
- Diagnostic settings on every resource
- No public endpoints in PRD

## Known Issues
- ExpressRoute module has circular dependency on route table
- Firewall policy rules must be applied in priority order
- DNS zone group naming must match private endpoint name

This file serves several purposes. It gives Claude Code the architectural context it needs to make sensible suggestions. It codifies conventions so Claude does not need to infer them from existing code. And it captures known issues that would otherwise require the engineer to remember and mention every session.

The CLAUDE.md evolves with the project. When we discover a new gotcha — a Terraform provider bug, a naming constraint, an API quirk — it goes in the file immediately. Next session, Claude knows about it without being told.

Plan Mode for Architecture Decisions

For non-trivial changes — adding a new spoke, introducing a new service, refactoring a module — Plan Mode is invaluable. Rather than jumping straight into code generation, Plan Mode lets Claude analyse the existing codebase, identify dependencies, and propose an implementation approach before writing anything.

A typical workflow:

  1. Describe the requirement: "Add a new spoke for the data analytics workload with Synapse, ADLS Gen2, and Databricks, all with private endpoints"
  2. Claude enters Plan Mode, reads the existing Terraform structure, identifies which modules to reuse and which need extending
  3. Claude proposes a plan: files to create, modules to modify, variables to add, dependency ordering
  4. Review and approve the plan
  5. Claude executes the implementation

The plan review step catches architectural decisions that would be expensive to fix later. "You're proposing a new route table for the analytics spoke, but the existing hub already has a route table that could be extended" is the kind of feedback that saves hours of refactoring.

Terraform Development

Infrastructure as Code is where Claude Code earns its keep. Terraform development involves:

  • Managing hundreds of resource blocks across dozens of files
  • Tracking dependencies between resources in different modules
  • Handling provider version constraints and API compatibility
  • Writing variable definitions with proper validation and descriptions
  • Generating outputs that downstream modules consume

Claude handles all of this while maintaining consistency with existing patterns. If the existing codebase uses for_each with maps for resource iteration, Claude follows suit. If diagnostic settings are implemented as a separate module, Claude creates diagnostic settings the same way.

The pattern that works best:

Me: "Add a Key Vault in the analytics spoke with private endpoint,
     diagnostic settings, and access policies for the Synapse
     managed identity"

Claude: [Reads existing Key Vault implementations in other spokes]
        [Follows the same module structure, naming, tagging]
        [Adds the private endpoint using the existing PE module]
        [Configures diagnostic settings matching existing pattern]
        [Creates access policy for the Synapse identity]

The output is consistent with the rest of the codebase because Claude has read the rest of the codebase. A human writing the same code would need to manually reference existing implementations for consistency. Claude does it automatically.

Analysis Work

Cost analysis and architecture review used to be half-day jobs of spreadsheet wrangling and tab-flipping. Claude Code shortens the mechanical part dramatically. The judgement part, deciding what matters and what to do about it, still takes the same time, and that is where the value sits.

We keep our own analytical frameworks out of Claude. The tool processes data quickly. Pattern recognition built up across customer engagements is what turns that data into recommendations a CFO will sign off on.

What Does Not Work Well

Honest assessment of the limitations:

Terraform plan/apply feedback loops. Claude can write Terraform, but the write-plan-fix cycle still needs human intervention at each step. This is improving but is not seamless yet.

Azure portal changes. Some Azure configuration is easier in the portal than in Terraform or CLI. Claude cannot interact with the Azure portal. For portal-based tasks, Claude's value is limited to generating the documentation or the equivalent CLI/Terraform code.

Real-time debugging. When a deployment fails with a cryptic Azure error, the troubleshooting cycle still needs a human to gather the right data. Claude helps interpret error messages and suggest fixes, but the legwork is manual.

Proprietary internal knowledge. Claude knows Azure documentation but not your organisation's internal standards, change management process, or political dynamics. The CLAUDE.md file helps with technical context but cannot capture everything.

The Cost Perspective

Claude Code on the Max plan costs approximately the same as a few hours of senior engineer time per month. The productivity gain on documentation, code generation, and analysis is substantially more than a few hours.

Getting Started

If you are an infrastructure engineer considering Claude Code:

  1. Start with CLAUDE.md. Before asking Claude to do anything, write the project context file. This investment pays off in every subsequent interaction.
  2. Use Plan Mode for anything non-trivial. The time spent reviewing a plan is always less than the time spent fixing an incorrect implementation.
  3. Feed it your conventions. Claude follows whatever patterns it sees. If your existing code is well-structured, Claude's output will be too.
  4. Automate the repetitive parts. Terraform boilerplate, documentation generation, cost report formatting — these are high-value automation targets.
  5. Keep the human in the loop. Claude generates. You validate. The combination is stronger than either alone.

If your cloud bill has grown faster than your estate, we can help. Get in touch for a conversation about where the savings usually hide.

Previous
100× cheaper than GPT-4o, what a £1.61/hr H100 spot VM actually delivers for IaC

Need help with your Azure environment?

Get in touch for a free consultation.

Get in Touch