Skills

terraform-aws

Installation
SKILL.md

Terraform AWS

Quick Reference

Topic Reference File Key Insight
Module structure references/terraform-structure.md Don't wrap single resources in modules
Naming conventions references/terraform-structure.md Consistent name_prefix locals pattern
State management references/terraform-structure.md S3 native locking (Terraform 1.10+) — DynamoDB lock is deprecated
State backend bootstrap references/terraform-structure.md Separate bootstrap project with local state, SSE-KMS, CI/CD access policy
IAM & security references/security-iam.md LeadingKeys for multi-tenant, policy composition, confused deputy, KMS key policy
Checkov (DynamoDB, Lambda, API GW) references/security-iam.md CKV_AWS_28/119 (DynamoDB), CKV_AWS_258 (Lambda URL), CKV_AWS_76/CKV2_AWS_29 (API GW)
Secrets in Terraform state references/security-iam.md Use ephemeral resource (Terraform 1.10+); protect state with SSE-KMS S3 backend
CI/CD OIDC federation references/security-iam.md + references/cicd-patterns.md aws_iam_openid_connect_provider + sts:AssumeRoleWithWebIdentity — no static keys
CI/CD pipelines references/cicd-patterns.md Use OIDC — never store AWS keys as secrets
Multi-env pipelines references/cicd-patterns.md Per-branch backend keys, env resolver, ephemeral cleanup
Pipeline safety references/cicd-patterns.md Concurrency per env, environment protection gates, drift detection

Critical Anti-Patterns

Installs
3
Repository
a-pavithraa/aws…ss-skill
GitHub Stars
4
First Seen
Mar 5, 2026
Security Audits
Gen Agent Trust HubPass
SnykPass