{"id":"1c5a5a05-c08d-45dd-86b6-1fe13bebb05c","shortId":"DcCfQ7","kind":"skill","title":"terraform-specialist","tagline":"Expert Terraform/OpenTofu specialist mastering advanced IaC automation, state management, and enterprise infrastructure patterns.","description":"You are a Terraform/OpenTofu specialist focused on advanced infrastructure automation, state management, and modern IaC practices.\n\n## Use this skill when\n\n- Designing Terraform/OpenTofu modules or environments\n- Managing state backends, workspaces, or multi-cloud stacks\n- Implementing policy-as-code and CI/CD automation for IaC\n\n## Do not use this skill when\n\n- You only need a one-off manual infrastructure change\n- You are locked to a different IaC tool or platform\n- You cannot store or secure state remotely\n\n## Instructions\n\n1. Define environments, providers, and security constraints.\n2. Design modules and choose a remote state backend.\n3. Implement plan/apply workflows with reviews and policies.\n4. Validate drift, costs, and rollback strategies.\n\n## Safety\n\n- Always review plans before applying changes.\n- Protect state files and avoid exposing secrets.\n\n## Purpose\nExpert Infrastructure as Code specialist with comprehensive knowledge of Terraform, OpenTofu, and modern IaC ecosystems. Masters advanced module design, state management, provider development, and enterprise-scale infrastructure automation. Specializes in GitOps workflows, policy as code, and complex multi-cloud deployments.\n\n## Capabilities\n\n### Terraform/OpenTofu Expertise\n- **Core concepts**: Resources, data sources, variables, outputs, locals, expressions\n- **Advanced features**: Dynamic blocks, for_each loops, conditional expressions, complex type constraints\n- **State management**: Remote backends, state locking, state encryption, workspace strategies\n- **Module development**: Composition patterns, versioning strategies, testing frameworks\n- **Provider ecosystem**: Official and community providers, custom provider development\n- **OpenTofu migration**: Terraform to OpenTofu migration strategies, compatibility considerations\n\n### Advanced Module Design\n- **Module architecture**: Hierarchical module design, root modules, child modules\n- **Composition patterns**: Module composition, dependency injection, interface segregation\n- **Reusability**: Generic modules, environment-specific configurations, module registries\n- **Testing**: Terratest, unit testing, integration testing, contract testing\n- **Documentation**: Auto-generated documentation, examples, usage patterns\n- **Versioning**: Semantic versioning, compatibility matrices, upgrade guides\n\n### State Management & Security\n- **Backend configuration**: S3, Azure Storage, GCS, Terraform Cloud, Consul, etcd\n- **State encryption**: Encryption at rest, encryption in transit, key management\n- **State locking**: DynamoDB, Azure Storage, GCS, Redis locking mechanisms\n- **State operations**: Import, move, remove, refresh, advanced state manipulation\n- **Backup strategies**: Automated backups, point-in-time recovery, state versioning\n- **Security**: Sensitive variables, secret management, state file security\n\n### Multi-Environment Strategies\n- **Workspace patterns**: Terraform workspaces vs separate backends\n- **Environment isolation**: Directory structure, variable management, state separation\n- **Deployment strategies**: Environment promotion, blue/green deployments\n- **Configuration management**: Variable precedence, environment-specific overrides\n- **GitOps integration**: Branch-based workflows, automated deployments\n\n### Provider & Resource Management\n- **Provider configuration**: Version constraints, multiple providers, provider aliases\n- **Resource lifecycle**: Creation, updates, destruction, import, replacement\n- **Data sources**: External data integration, computed values, dependency management\n- **Resource targeting**: Selective operations, resource addressing, bulk operations\n- **Drift detection**: Continuous compliance, automated drift correction\n- **Resource graphs**: Dependency visualization, parallelization optimization\n\n### Advanced Configuration Techniques\n- **Dynamic configuration**: Dynamic blocks, complex expressions, conditional logic\n- **Templating**: Template functions, file interpolation, external data integration\n- **Validation**: Variable validation, precondition/postcondition checks\n- **Error handling**: Graceful failure handling, retry mechanisms, recovery strategies\n- **Performance optimization**: Resource parallelization, provider optimization\n\n### CI/CD & Automation\n- **Pipeline integration**: GitHub Actions, GitLab CI, Azure DevOps, Jenkins\n- **Automated testing**: Plan validation, policy checking, security scanning\n- **Deployment automation**: Automated apply, approval workflows, rollback strategies\n- **Policy as Code**: Open Policy Agent (OPA), Sentinel, custom validation\n- **Security scanning**: tfsec, Checkov, Terrascan, custom security policies\n- **Quality gates**: Pre-commit hooks, continuous validation, compliance checking\n\n### Multi-Cloud & Hybrid\n- **Multi-cloud patterns**: Provider abstraction, cloud-agnostic modules\n- **Hybrid deployments**: On-premises integration, edge computing, hybrid connectivity\n- **Cross-provider dependencies**: Resource sharing, data passing between providers\n- **Cost optimization**: Resource tagging, cost estimation, optimization recommendations\n- **Migration strategies**: Cloud-to-cloud migration, infrastructure modernization\n\n### Modern IaC Ecosystem\n- **Alternative tools**: Pulumi, AWS CDK, Azure Bicep, Google Deployment Manager\n- **Complementary tools**: Helm, Kustomize, Ansible integration\n- **State alternatives**: Stateless deployments, immutable infrastructure patterns\n- **GitOps workflows**: ArgoCD, Flux integration, continuous reconciliation\n- **Policy engines**: OPA/Gatekeeper, native policy frameworks\n\n### Enterprise & Governance\n- **Access control**: RBAC, team-based access, service account management\n- **Compliance**: SOC2, PCI-DSS, HIPAA infrastructure compliance\n- **Auditing**: Change tracking, audit trails, compliance reporting\n- **Cost management**: Resource tagging, cost allocation, budget enforcement\n- **Service catalogs**: Self-service infrastructure, approved module catalogs\n\n### Troubleshooting & Operations\n- **Debugging**: Log analysis, state inspection, resource investigation\n- **Performance tuning**: Provider optimization, parallelization, resource batching\n- **Error recovery**: State corruption recovery, failed apply resolution\n- **Monitoring**: Infrastructure drift monitoring, change detection\n- **Maintenance**: Provider updates, module upgrades, deprecation management\n\n## Behavioral Traits\n- Follows DRY principles with reusable, composable modules\n- Treats state files as critical infrastructure requiring protection\n- Always plans before applying with thorough change review\n- Implements version constraints for reproducible deployments\n- Prefers data sources over hardcoded values for flexibility\n- Advocates for automated testing and validation in all workflows\n- Emphasizes security best practices for sensitive data and state management\n- Designs for multi-environment consistency and scalability\n- Values clear documentation and examples for all modules\n- Considers long-term maintenance and upgrade strategies\n\n## Knowledge Base\n- Terraform/OpenTofu syntax, functions, and best practices\n- Major cloud provider services and their Terraform representations\n- Infrastructure patterns and architectural best practices\n- CI/CD tools and automation strategies\n- Security frameworks and compliance requirements\n- Modern development workflows and GitOps practices\n- Testing frameworks and quality assurance approaches\n- Monitoring and observability for infrastructure\n\n## Response Approach\n1. **Analyze infrastructure requirements** for appropriate IaC patterns\n2. **Design modular architecture** with proper abstraction and reusability\n3. **Configure secure backends** with appropriate locking and encryption\n4. **Implement comprehensive testing** with validation and security checks\n5. **Set up automation pipelines** with proper approval workflows\n6. **Document thoroughly** with examples and operational procedures\n7. **Plan for maintenance** with upgrade strategies and deprecation handling\n8. **Consider compliance requirements** and governance needs\n9. **Optimize for performance** and cost efficiency\n\n## Example Interactions\n- \"Design a reusable Terraform module for a three-tier web application with proper testing\"\n- \"Set up secure remote state management with encryption and locking for multi-team environment\"\n- \"Create CI/CD pipeline for infrastructure deployment with security scanning and approval workflows\"\n- \"Migrate existing Terraform codebase to OpenTofu with minimal disruption\"\n- \"Implement policy as code validation for infrastructure compliance and cost control\"\n- \"Design multi-cloud Terraform architecture with provider abstraction\"\n- \"Troubleshoot state corruption and implement recovery procedures\"\n- \"Create enterprise service catalog with approved infrastructure modules\"\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["terraform","specialist","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows"],"capabilities":["skill","source-sickn33","skill-terraform-specialist","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/terraform-specialist","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34460 github stars · SKILL.md body (9,145 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T06:52:00.340Z","embedding":null,"createdAt":"2026-04-18T21:46:09.194Z","updatedAt":"2026-04-22T06:52:00.340Z","lastSeenAt":"2026-04-22T06:52:00.340Z","tsv":"'1':95,842 '2':102,850 '3':111,859 '4':119,868 '5':877 '6':886 '7':894 '8':904 '9':911 'abstract':547,856,990 'access':630,636 'account':638 'action':488 'address':428 'advanc':8,24,157,195,243,333,444 'advoc':748 'agent':515 'agnost':550 'alias':406 'alloc':660 'altern':592,609 'alway':127,726 'analysi':676 'analyz':843 'ansibl':606 'appli':131,505,694,729 'applic':931 'approach':834,841 'appropri':847,864 'approv':506,669,884,960,1003 'architectur':247,810,853,987 'argocd':617 'ask':1039 'assur':833 'audit':648,651 'auto':282 'auto-gener':281 'autom':10,26,58,169,338,394,435,484,494,503,504,750,816,880 'avoid':137 'aw':595 'azur':301,321,491,597 'backend':44,110,210,298,365,862 'backup':336,339 'base':392,635,792 'batch':687 'behavior':709 'best':759,797,811 'bicep':598 'block':198,450 'blue/green':378 'boundari':1047 'branch':391 'branch-bas':390 'budget':661 'bulk':429 'cannot':88 'capabl':183 'catalog':664,671,1001 'cdk':596 'chang':76,132,649,700,732 'check':467,499,537,876 'checkov':523 'child':253 'choos':106 'ci':490 'ci/cd':57,483,813,951 'clarif':1041 'clear':776,1014 'cloud':49,181,305,540,544,549,583,585,800,985 'cloud-agnost':548 'cloud-to-cloud':582 'code':55,144,176,512,974 'codebas':965 'commit':532 'communiti':229 'compat':241,291 'complementari':602 'complex':178,204,451 'complianc':434,536,640,647,653,821,906,978 'compos':716 'composit':219,255,258 'comprehens':147,870 'comput':419,559 'concept':187 'condit':202,453 'configur':269,299,380,400,445,448,860 'connect':561 'consid':783,905 'consider':242 'consist':772 'constraint':101,206,402,736 'consul':306 'continu':433,534,620 'contract':278 'control':631,981 'core':186 'correct':437 'corrupt':691,993 'cost':122,572,576,655,659,916,980 'creat':950,998 'creation':409 'criteria':1050 'critic':722 'cross':563 'cross-provid':562 'custom':231,518,525 'data':189,414,417,461,568,741,763 'debug':674 'defin':96 'depend':259,421,440,565 'deploy':182,374,379,395,502,553,600,611,739,955 'deprec':707,902 'describ':1018 'design':37,103,159,245,250,767,851,920,982 'destruct':411 'detect':432,701 'develop':163,218,233,824 'devop':492 'differ':82 'directori':368 'disrupt':970 'document':280,284,777,887 'dri':712 'drift':121,431,436,698 'dss':644 'dynam':197,447,449 'dynamodb':320 'ecosystem':155,226,591 'edg':558 'effici':917 'emphas':757 'encrypt':214,309,310,313,867,942 'enforc':662 'engin':623 'enterpris':14,166,628,999 'enterprise-scal':165 'environ':41,97,267,357,366,376,385,771,949,1030 'environment-specif':266,384,1029 'error':468,688 'estim':577 'etcd':307 'exampl':285,779,890,918 'exist':963 'expert':4,141,1035 'expertis':185 'expos':138 'express':194,203,452 'extern':416,460 'fail':693 'failur':471 'featur':196 'file':135,353,458,720 'flexibl':747 'flux':618 'focus':22 'follow':711 'framework':224,627,819,830 'function':457,795 'gate':529 'gcs':303,323 'generat':283 'generic':264 'github':487 'gitlab':489 'gitop':172,388,615,827 'googl':599 'govern':629,909 'grace':470 'graph':439 'guid':294 'handl':469,472,903 'hardcod':744 'helm':604 'hierarch':248 'hipaa':645 'hook':533 'hybrid':541,552,560 'iac':9,31,60,83,154,590,848 'immut':612 'implement':51,112,734,869,971,995 'import':329,412 'infrastructur':15,25,75,142,168,587,613,646,668,697,723,807,839,844,954,977,1004 'inject':260 'input':1044 'inspect':678 'instruct':94 'integr':276,389,418,462,486,557,607,619 'interact':919 'interfac':261 'interpol':459 'investig':680 'isol':367 'jenkin':493 'key':316 'knowledg':148,791 'kustom':605 'lifecycl':408 'limit':1006 'local':193 'lock':79,212,319,325,865,944 'log':675 'logic':454 'long':785 'long-term':784 'loop':201 'mainten':702,787,897 'major':799 'manag':12,28,42,161,208,296,317,351,371,381,398,422,601,639,656,708,766,940 'manipul':335 'manual':74 'master':7,156 'match':1015 'matric':292 'mechan':326,474 'migrat':235,239,580,586,962 'minim':969 'miss':1052 'modern':30,153,588,589,823 'modul':39,104,158,217,244,246,249,252,254,257,265,270,551,670,705,717,782,924,1005 'modular':852 'monitor':696,699,835 'move':330 'multi':48,180,356,539,543,770,947,984 'multi-cloud':47,179,538,542,983 'multi-environ':355,769 'multi-team':946 'multipl':403 'nativ':625 'need':69,910 'observ':837 'offici':227 'on-premis':554 'one':72 'one-off':71 'opa':516 'opa/gatekeeper':624 'open':513 'opentofu':151,234,238,967 'oper':328,426,430,673,892 'optim':443,478,482,573,578,684,912 'output':192,1024 'overrid':387 'parallel':442,480,685 'pass':569 'pattern':16,220,256,287,360,545,614,808,849 'pci':643 'pci-dss':642 'perform':477,681,914 'permiss':1045 'pipelin':485,881,952 'plan':129,496,727,895 'plan/apply':113 'platform':86 'point':341 'point-in-tim':340 'polici':53,118,174,498,510,514,527,622,626,972 'policy-as-cod':52 'practic':32,760,798,812,828 'pre':531 'pre-commit':530 'preced':383 'precondition/postcondition':466 'prefer':740 'premis':556 'principl':713 'procedur':893,997 'promot':377 'proper':855,883,933 'protect':133,725 'provid':98,162,225,230,232,396,399,404,405,481,546,564,571,683,703,801,989 'pulumi':594 'purpos':140 'qualiti':528,832 'rbac':632 'recommend':579 'reconcili':621 'recoveri':344,475,689,692,996 'redi':324 'refresh':332 'registri':271 'remot':93,108,209,938 'remov':331 'replac':413 'report':654 'represent':806 'reproduc':738 'requir':724,822,845,907,1043 'resolut':695 'resourc':188,397,407,423,427,438,479,566,574,657,679,686 'respons':840 'rest':312 'retri':473 'reusabl':263,715,858,922 'review':116,128,733,1036 'rollback':124,508 'root':251 's3':300 'safeti':126,1046 'scalabl':774 'scale':167 'scan':501,521,958 'scope':1017 'secret':139,350 'secur':91,100,297,347,354,500,520,526,758,818,861,875,937,957 'segreg':262 'select':425 'self':666 'self-servic':665 'semant':289 'sensit':348,762 'sentinel':517 'separ':364,373 'servic':637,663,667,802,1000 'set':878,935 'share':567 'skill':35,65,1009 'skill-terraform-specialist' 'soc2':641 'sourc':190,415,742 'source-sickn33' 'special':170 'specialist':3,6,21,145 'specif':268,386,1031 'stack':50 'state':11,27,43,92,109,134,160,207,211,213,295,308,318,327,334,345,352,372,608,677,690,719,765,939,992 'stateless':610 'stop':1037 'storag':302,322 'store':89 'strategi':125,216,222,240,337,358,375,476,509,581,790,817,900 'structur':369 'substitut':1027 'success':1049 'syntax':794 'tag':575,658 'target':424 'task':1013 'team':634,948 'team-bas':633 'techniqu':446 'templat':455,456 'term':786 'terraform':2,150,236,304,361,805,923,964,986 'terraform-specialist':1 'terraform/opentofu':5,20,38,184,793 'terrascan':524 'terratest':273 'test':223,272,275,277,279,495,751,829,871,934,1033 'tfsec':522 'thorough':731,888 'three':928 'three-tier':927 'tier':929 'time':343 'tool':84,593,603,814 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'track':650 'trail':652 'trait':710 'transit':315 'treat':718,1022 'troubleshoot':672,991 'tune':682 'type':205 'unit':274 'updat':410,704 'upgrad':293,706,789,899 'usag':286 'use':33,63,1007 'valid':120,463,465,497,519,535,753,873,975,1032 'valu':420,745,775 'variabl':191,349,370,382,464 'version':221,288,290,346,401,735 'visual':441 'vs':363 'web':930 'workflow':114,173,393,507,616,756,825,885,961 'workspac':45,215,359,362","prices":[{"id":"e5dd7717-9a40-4489-be3b-5abbd9a2ba6c","listingId":"1c5a5a05-c08d-45dd-86b6-1fe13bebb05c","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:46:09.194Z"}],"sources":[{"listingId":"1c5a5a05-c08d-45dd-86b6-1fe13bebb05c","source":"github","sourceId":"sickn33/antigravity-awesome-skills/terraform-specialist","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/terraform-specialist","isPrimary":false,"firstSeenAt":"2026-04-18T21:46:09.194Z","lastSeenAt":"2026-04-22T06:52:00.340Z"}],"details":{"listingId":"1c5a5a05-c08d-45dd-86b6-1fe13bebb05c","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"terraform-specialist","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34460,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-22T06:40:00Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"435a2caa8e0c45cfd5e4dd6af5c27dfe75cfbc73","skill_md_path":"skills/terraform-specialist/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/terraform-specialist"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"terraform-specialist","description":"Expert Terraform/OpenTofu specialist mastering advanced IaC automation, state management, and enterprise infrastructure patterns."},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/terraform-specialist"},"updatedAt":"2026-04-22T06:52:00.340Z"}}