terraform-skill
Installation
Summary
Terraform and OpenTofu guidance for modules, testing, CI/CD, and infrastructure-as-code architecture.
- Covers module hierarchy, naming conventions, code structure standards, and count vs. for_each patterns with decision matrices
- Testing strategy framework spanning static analysis, native test framework (1.6+), Terratest, and security scanning tools (Trivy, Checkov)
- CI/CD integration guidance including workflow stages, cost optimization, and automated cleanup strategies
- Version management, modern Terraform features (1.0+), and version-specific recommendations for Terraform 1.0–1.11 and OpenTofu
SKILL.md
Terraform Skill for Claude
Diagnose-first guidance for Terraform and OpenTofu. Core file is a workflow; depth lives in references loaded on demand.
Response Contract
Every Terraform/OpenTofu response must include:
- Assumptions & version floor — runtime (
terraformortofu), exact version, providers, state backend, execution path (local/CI/Cloud/Atlantis), environment criticality. State assumptions explicitly if the user did not provide them. - Risk category addressed — one or more of: identity churn, secret exposure, blast radius, CI drift, compliance gaps, state corruption, provider upgrade risk, testing blind spots.
- Chosen remediation & tradeoffs — what was chosen, what was traded off, why.
- Validation plan — exact commands (
fmt -check,validate,plan -out, policy check) tailored to runtime and risk tier. - Rollback notes — for any destructive or state-mutating change: how to undo, what evidence to keep.
Never recommend direct production apply without a reviewed plan artifact and approval.