{"id":"6b79abe7-b2cf-4b9e-bc0c-ea8807ce8c9f","shortId":"zp44Ux","kind":"skill","title":"terraform-skill","tagline":"Terraform infrastructure as code best practices","description":"# Terraform Skill for Claude\n\nComprehensive Terraform and OpenTofu guidance covering testing, modules, CI/CD, and production patterns. Based on terraform-best-practices.com and enterprise experience.\n\n## When to Use This Skill\n\n**Activate this skill when:**\n- Creating new Terraform or OpenTofu configurations or modules\n- Setting up testing infrastructure for IaC code\n- Deciding between testing approaches (validate, plan, frameworks)\n- Structuring multi-environment deployments\n- Implementing CI/CD for infrastructure-as-code\n- Reviewing or refactoring existing Terraform/OpenTofu projects\n- Choosing between module patterns or state management approaches\n\n**Don't use this skill for:**\n- Basic Terraform/OpenTofu syntax questions (Claude knows this)\n- Provider-specific API reference (link to docs instead)\n- Cloud platform questions unrelated to Terraform/OpenTofu\n\n## Core Principles\n\n### 1. Code Structure Philosophy\n\n**Module Hierarchy:**\n\n| Type | When to Use | Scope |\n|------|-------------|-------|\n| **Resource Module** | Single logical group of connected resources | VPC + subnets, Security group + rules |\n| **Infrastructure Module** | Collection of resource modules for a purpose | Multiple resource modules in one region/account |\n| **Composition** | Complete infrastructure | Spans multiple regions/accounts |\n\n**Hierarchy:** Resource → Resource Module → Infrastructure Module → Composition\n\n**Directory Structure:**\n```\nenvironments/        # Environment-specific configurations\n├── prod/\n├── staging/\n└── dev/\n\nmodules/            # Reusable modules\n├── networking/\n├── compute/\n└── data/\n\nexamples/           # Module usage examples (also serve as tests)\n├── complete/\n└── minimal/\n```\n\n**Key principle from terraform-best-practices.com:**\n- Separate **environments** (prod, staging) from **modules** (reusable components)\n- Use **examples/** as both documentation and integration test fixtures\n- Keep modules small and focused (single responsibility)\n\n**For detailed module architecture, see:** Code Patterns: Module Types & Hierarchy\n\n### 2. Naming Conventions\n\n**Resources:**\n```hcl\n# Good: Descriptive, contextual\nresource \"aws_instance\" \"web_server\" { }\nresource \"aws_s3_bucket\" \"application_logs\" { }\n\n# Good: \"this\" for singleton resources (only one of that type)\nresource \"aws_vpc\" \"this\" { }\nresource \"aws_security_group\" \"this\" { }\n\n# Avoid: Generic names for non-singletons\nresource \"aws_instance\" \"main\" { }\nresource \"aws_s3_bucket\" \"bucket\" { }\n```\n\n**Singleton Resources:**\n\nUse `\"this\"` when your module creates only one resource of that type:\n\n✅ DO:\n```hcl\nresource \"aws_vpc\" \"this\" {}           # Module creates one VPC\nresource \"aws_security_group\" \"this\" {}  # Module creates one SG\n```\n\n❌ DON'T use \"this\" for multiple resources:\n```hcl\nresource \"aws_subnet\" \"this\" {}  # If creating multiple subnets\n```\n\nUse descriptive names when creating multiple resources of the same type.\n\n**Variables:**\n```hcl\n# Prefix with context when needed\nvar.vpc_cidr_block          # Not just \"cidr\"\nvar.database_instance_class # Not just \"instance_class\"\n```\n\n**Files:**\n- `main.tf` - Primary resources\n- `variables.tf` - Input variables\n- `outputs.tf` - Output values\n- `versions.tf` - Provider versions\n- `data.tf` - Data sources (optional)\n\n## Testing Strategy Framework\n\n### Decision Matrix: Which Testing Approach?\n\n| Your Situation | Recommended Approach | Tools | Cost |\n|----------------|---------------------|-------|------|\n| **Quick syntax check** | Static analysis | `terraform validate`, `fmt` | Free |\n| **Pre-commit validation** | Static + lint | `validate`, `tflint`, `trivy`, `checkov` | Free |\n| **Terraform 1.6+, simple logic** | Native test framework | Built-in `terraform test` | Free-Low |\n| **Pre-1.6, or Go expertise** | Integration testing | Terratest | Low-Med |\n| **Security/compliance focus** | Policy as code | OPA, Sentinel | Free |\n| **Cost-sensitive workflow** | Mock providers (1.7+) | Native tests + mocking | Free |\n| **Multi-cloud, complex** | Full integration | Terratest + real infra | Med-High |\n\n### Testing Pyramid for Infrastructure\n\n```\n        /\\\n       /  \\          End-to-End Tests (Expensive)\n      /____\\         - Full environment deployment\n     /      \\        - Production-like setup\n    /________\\\n   /          \\      Integration Tests (Moderate)\n  /____________\\     - Module testing in isolation\n /              \\    - Real resources in test account\n/________________\\   Static Analysis (Cheap)\n                     - validate, fmt, lint\n                     - Security scanning\n```\n\n### Native Test Best Practices (1.6+)\n\n**Before generating test code:**\n\n1. **Validate schemas with Terraform MCP:**\n   ```\n   Search provider docs → Get resource schema → Identify block types\n   ```\n\n2. **Choose correct command mode:**\n   - `command = plan` - Fast, for input validation\n   - `command = apply` - Required for computed values and set-type blocks\n\n3. **Handle set-type blocks correctly:**\n   - Cannot index with `[0]`\n   - Use `for` expressions to iterate\n   - Or use `command = apply` to materialize\n\n**Common patterns:**\n- S3 encryption rules: **set** (use for expressions)\n- Lifecycle transitions: **set** (use for expressions)\n- IAM policy statements: **set** (use for expressions)\n\n**For detailed testing guides, see:**\n- **Testing Frameworks Guide** - Deep dive into static analysis, native tests, and Terratest\n- **Quick Reference** - Decision flowchart and command cheat sheet\n\n## Code Structure Standards\n\n### Resource Block Ordering\n\n**Strict ordering for consistency:**\n1. `count` or `for_each` FIRST (blank line after)\n2. Other arguments\n3. `tags` as last real argument\n4. `depends_on` after tags (if needed)\n5. `lifecycle` at the very end (if needed)\n\n```hcl\n# ✅ GOOD - Correct ordering\nresource \"aws_nat_gateway\" \"this\" {\n  count = var.create_nat_gateway ? 1 : 0\n\n  allocation_id = aws_eip.this[0].id\n  subnet_id     = aws_subnet.public[0].id\n\n  tags = {\n    Name = \"${var.name}-nat\"\n  }\n\n  depends_on = [aws_internet_gateway.this]\n\n  lifecycle {\n    create_before_destroy = true\n  }\n}\n```\n\n### Variable Block Ordering\n\n1. `description` (ALWAYS required)\n2. `type`\n3. `default`\n4. `validation`\n5. `nullable` (when setting to false)\n\n```hcl\nvariable \"environment\" {\n  description = \"Environment name for resource tagging\"\n  type        = string\n  default     = \"dev\"\n\n  validation {\n    condition     = contains([\"dev\", \"staging\", \"prod\"], var.environment)\n    error_message = \"Environment must be one of: dev, staging, prod.\"\n  }\n\n  nullable = false\n}\n```\n\n**For complete structure guidelines, see:** Code Patterns: Block Ordering & Structure\n\n## Count vs For_Each: When to Use Each\n\n### Quick Decision Guide\n\n| Scenario | Use | Why |\n|----------|-----|-----|\n| Boolean condition (create or don't) | `count = condition ? 1 : 0` | Simple on/off toggle |\n| Simple numeric replication | `count = 3` | Fixed number of identical resources |\n| Items may be reordered/removed | `for_each = toset(list)` | Stable resource addresses |\n| Reference by key | `for_each = map` | Named access to resources |\n| Multiple named resources | `for_each` | Better maintainability |\n\n### Common Patterns\n\n**Boolean conditions:**\n```hcl\n# ✅ GOOD - Boolean condition\nresource \"aws_nat_gateway\" \"this\" {\n  count = var.create_nat_gateway ? 1 : 0\n  # ...\n}\n```\n\n**Stable addressing with for_each:**\n```hcl\n# ✅ GOOD - Removing \"us-east-1b\" only affects that subnet\nresource \"aws_subnet\" \"private\" {\n  for_each = toset(var.availability_zones)\n\n  availability_zone = each.key\n  # ...\n}\n\n# ❌ BAD - Removing middle AZ recreates all subsequent subnets\nresource \"aws_subnet\" \"private\" {\n  count = length(var.availability_zones)\n\n  availability_zone = var.availability_zones[count.index]\n  # ...\n}\n```\n\n**For migration guides and detailed examples, see:** Code Patterns: Count vs For_Each\n\n## Locals for Dependency Management\n\n**Use locals to ensure correct resource deletion order:**\n\n```hcl\n# Problem: Subnets might be deleted after CIDR blocks, causing errors\n# Solution: Use try() in locals to hint deletion order\n\nlocals {\n  # References secondary CIDR first, falling back to VPC\n  # Forces Terraform to delete subnets before CIDR association\n  vpc_id = try(\n    aws_vpc_ipv4_cidr_block_association.this[0].vpc_id,\n    aws_vpc.this.id,\n    \"\"\n  )\n}\n\nresource \"aws_vpc\" \"this\" {\n  cidr_block = \"10.0.0.0/16\"\n}\n\nresource \"aws_vpc_ipv4_cidr_block_association\" \"this\" {\n  count = var.add_secondary_cidr ? 1 : 0\n\n  vpc_id     = aws_vpc.this.id\n  cidr_block = \"10.1.0.0/16\"\n}\n\nresource \"aws_subnet\" \"public\" {\n  vpc_id     = local.vpc_id  # Uses local, not direct reference\n  cidr_block = \"10.1.0.0/24\"\n}\n```\n\n**Why this matters:**\n- Prevents deletion errors when destroying infrastructure\n- Ensures correct dependency order without explicit `depends_on`\n- Particularly useful for VPC configurations with secondary CIDR blocks\n\n**For detailed examples, see:** Code Patterns: Locals for Dependency Management\n\n## Module Development\n\n### Standard Module Structure\n\n```\nmy-module/\n├── README.md           # Usage documentation\n├── main.tf             # Primary resources\n├── variables.tf        # Input variables with descriptions\n├── outputs.tf          # Output values\n├── versions.tf         # Provider version constraints\n├── examples/\n│   ├── minimal/        # Minimal working example\n│   └── complete/       # Full-featured example\n└── tests/              # Test files\n    └── module_test.tftest.hcl  # Or .go\n```\n\n### Best Practices Summary\n\n**Variables:**\n- ✅ Always include `description`\n- ✅ Use explicit `type` constraints\n- ✅ Provide sensible `default` values where appropriate\n- ✅ Add `validation` blocks for complex constraints\n- ✅ Use `sensitive = true` for secrets\n\n**Outputs:**\n- ✅ Always include `description`\n- ✅ Mark sensitive outputs with `sensitive = true`\n- ✅ Consider returning objects for related values\n- ✅ Document what consumers should do with each output\n\n**For detailed module patterns, see:**\n- **Module Patterns Guide** - Variable best practices, output design, ✅ DO vs ❌ DON'T patterns\n- **Quick Reference** - Resource naming, variable naming, file organization\n\n## CI/CD Integration\n\n### Recommended Workflow Stages\n\n1. **Validate** - Format check + syntax validation + linting\n2. **Test** - Run automated tests (native or Terratest)\n3. **Plan** - Generate and review execution plan\n4. **Apply** - Execute changes (with approvals for production)\n\n### Cost Optimization Strategy\n\n1. **Use mocking for PR validation** (free)\n2. **Run integration tests only on main branch** (controlled cost)\n3. **Implement auto-cleanup** (prevent orphaned resources)\n4. **Tag all test resources** (track spending)\n\n**For complete CI/CD templates, see:**\n- **CI/CD Workflows Guide** - GitHub Actions, GitLab CI, Atlantis integration, cost optimization\n- **Quick Reference** - Common CI/CD issues and solutions\n\n## Security & Compliance\n\n### Essential Security Checks\n\n```bash\n# Static security scanning\ntrivy config .\ncheckov -d .\n```\n\n### Common Issues to Avoid\n\n❌ **Don't:**\n- Store secrets in variables\n- Use default VPC\n- Skip encryption\n- Open security groups to 0.0.0.0/0\n\n✅ **Do:**\n- Use AWS Secrets Manager / Parameter Store\n- Create dedicated VPCs\n- Enable encryption at rest\n- Use least-privilege security groups\n\n**For detailed security guidance, see:**\n- **Security & Compliance Guide** - Trivy/Checkov integration, secrets management, state file security, compliance testing\n\n## Version Management\n\n### Version Constraint Syntax\n\n```hcl\nversion = \"5.0.0\"      # Exact (avoid - inflexible)\nversion = \"~> 5.0\"     # Recommended: 5.0.x only\nversion = \">= 5.0\"     # Minimum (risky - breaking changes)\n```\n\n### Strategy by Component\n\n| Component | Strategy | Example |\n|-----------|----------|---------|\n| **Terraform** | Pin minor version | `required_version = \"~> 1.9\"` |\n| **Providers** | Pin major version | `version = \"~> 5.0\"` |\n| **Modules (prod)** | Pin exact version | `version = \"5.1.2\"` |\n| **Modules (dev)** | Allow patch updates | `version = \"~> 5.1\"` |\n\n### Update Workflow\n\n```bash\n# Lock versions initially\nterraform init              # Creates .terraform.lock.hcl\n\n# Update to latest within constraints\nterraform init -upgrade     # Updates providers\n\n# Review and test\nterraform plan\n```\n\n**For detailed version management, see:** Code Patterns: Version Management\n\n## Modern Terraform Features (1.0+)\n\n### Feature Availability by Version\n\n| Feature | Version | Use Case |\n|---------|---------|----------|\n| `try()` function | 0.13+ | Safe fallbacks, replaces `element(concat())` |\n| `nullable = false` | 1.1+ | Prevent null values in variables |\n| `moved` blocks | 1.1+ | Refactor without destroy/recreate |\n| `optional()` with defaults | 1.3+ | Optional object attributes |\n| Native testing | 1.6+ | Built-in test framework |\n| Mock providers | 1.7+ | Cost-free unit testing |\n| Provider functions | 1.8+ | Provider-specific data transformation |\n| Cross-variable validation | 1.9+ | Validate relationships between variables |\n| Write-only arguments | 1.11+ | Secrets never stored in state |\n\n### Quick Examples\n\n```hcl\n# try() - Safe fallbacks (0.13+)\noutput \"sg_id\" {\n  value = try(aws_security_group.this[0].id, \"\")\n}\n\n# optional() - Optional attributes with defaults (1.3+)\nvariable \"config\" {\n  type = object({\n    name    = string\n    timeout = optional(number, 300)  # Default: 300\n  })\n}\n\n# Cross-variable validation (1.9+)\nvariable \"environment\" { type = string }\nvariable \"backup_days\" {\n  type = number\n  validation {\n    condition     = var.environment == \"prod\" ? var.backup_days >= 7 : true\n    error_message = \"Production requires backup_days >= 7\"\n  }\n}\n```\n\n**For complete patterns and examples, see:** Code Patterns: Modern Terraform Features\n\n## Version-Specific Guidance\n\n### Terraform 1.0-1.5\n- Use Terratest for testing\n- No native testing framework available\n- Focus on static analysis and plan validation\n\n### Terraform 1.6+ / OpenTofu 1.6+\n- **New:** Native `terraform test` / `tofu test` command\n- Consider migrating from external frameworks for simple tests\n- Keep Terratest only for complex integration tests\n\n### Terraform 1.7+ / OpenTofu 1.7+\n- **New:** Mock providers for unit testing\n- Reduce cost by mocking external dependencies\n- Use real integration tests for final validation\n\n### Terraform vs OpenTofu\n\nBoth are fully supported by this skill. For licensing, governance, and feature comparison, see Quick Reference: Terraform vs OpenTofu.\n\n## Detailed Guides\n\nThis skill uses **progressive disclosure** - essential information is in this main file, detailed guides are available when needed:\n\n📚 **Reference Files:**\n- **Testing Frameworks** - In-depth guide to static analysis, native tests, and Terratest\n- **Module Patterns** - Module structure, variable/output best practices, ✅ DO vs ❌ DON'T patterns\n- **CI/CD Workflows** - GitHub Actions, GitLab CI templates, cost optimization, automated cleanup\n- **Security & Compliance** - Trivy/Checkov integration, secrets management, compliance testing\n- **Quick Reference** - Command cheat sheets, decision flowcharts, troubleshooting guide\n\n**How to use:** When you need detailed information on a topic, reference the appropriate guide. Claude will load it on demand to provide comprehensive guidance.\n\n## License\n\nThis skill is licensed under the **Apache License 2.0**. See the LICENSE file for full terms.\n\n**Copyright © 2026 Anton Babenko**\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["terraform","skill","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows"],"capabilities":["skill","source-sickn33","skill-terraform-skill","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/terraform-skill","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34460 github stars · SKILL.md body (15,746 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T06:52:00.258Z","embedding":null,"createdAt":"2026-04-18T21:46:08.357Z","updatedAt":"2026-04-22T06:52:00.258Z","lastSeenAt":"2026-04-22T06:52:00.258Z","tsv":"'-1.5':1596 '-1.6':436 '/0':1305 '/16':984,1005 '/24':1022 '/____':487 '/________':495 '/____________':499 '/________________':509 '0':574,690,694,699,797,857,973,998,1530 '0.0.0.0':1304 '0.13':1447,1523 '1':119,527,643,689,716,796,856,997,1184,1217 '1.0':1436,1595 '1.1':1455,1463 '1.11':1511 '1.3':1470,1537 '1.6':421,522,1476,1614,1616 '1.7':460,1484,1640,1642 '1.8':1492 '1.9':1378,1502,1554 '10.0.0.0':983 '10.1.0.0':1004,1021 '1b':869 '2':235,542,652,720,1191,1224 '2.0':1793 '2026':1802 '3':564,655,722,805,1199,1234 '300':1547,1549 '4':661,724,1206,1242 '5':668,726 '5.0':1355,1357,1361,1384 '5.0.0':1350 '5.1':1398 '5.1.2':1391 '7':1570,1578 'access':829 'account':508 'action':1258,1734 'activ':37 'add':1118 'address':821,859 'affect':871 'alloc':691 'allow':1394 'also':191 'alway':718,1105,1130 'analysi':404,511,620,1609,1714 'anton':1803 'apach':1791 'api':105 'appli':554,583,1207 'applic':252 'approach':59,88,393,397 'appropri':1117,1772 'approv':1211 'architectur':228 'argument':654,660,1510 'ask':1838 'associ':968,991 'atlanti':1261 'attribut':1473,1534 'auto':1237 'auto-cleanup':1236 'autom':1194,1740 'avail':883,902,1438,1605,1701 'avoid':273,1288,1352 'aw':244,249,265,269,281,285,306,314,331,681,848,875,895,978,986,1007,1308 'aws_eip.this':693 'aws_internet_gateway.this':707 'aws_security_group.this':1529 'aws_subnet.public':698 'aws_vpc.this.id':976,1001 'aws_vpc_ipv4_cidr_block_association.this':972 'az':889 'babenko':1804 'back':958 'backup':1560,1576 'bad':886 'base':26 'bash':1277,1401 'basic':95 'best':8,520,1101,1162,1724 'better':837 'blank':649 'block':358,540,563,569,637,714,771,940,982,990,1003,1020,1048,1120,1462 'boolean':788,841,845 'boundari':1846 'branch':1231 'break':1364 'bucket':251,287,288 'built':428,1478 'built-in':427,1477 'cannot':571 'case':1444 'caus':941 'chang':1209,1365 'cheap':512 'cheat':631,1753 'check':402,1187,1276 'checkov':418,1283 'choos':81,543 'ci':1260,1736 'ci/cd':22,69,1179,1251,1254,1268,1731 'cidr':357,361,939,955,967,981,989,996,1002,1019,1047 'clarif':1840 'class':364,368 'claud':13,99,1774 'cleanup':1238,1741 'clear':1813 'cloud':111,467 'code':7,55,74,120,230,450,526,633,769,914,1053,1429,1585 'collect':145 'command':545,547,553,582,630,1623,1752 'commit':411 'common':586,839,1267,1285 'comparison':1677 'complet':159,195,765,1090,1250,1580 'complex':468,1122,1636 'complianc':1273,1332,1341,1743,1748 'compon':208,1368,1369 'composit':158,170 'comprehens':14,1782 'comput':185,557 'concat':1452 'condit':746,789,795,842,846,1565 'config':1282,1539 'configur':46,177,1044 'connect':136 'consid':1139,1624 'consist':642 'constraint':1084,1111,1123,1346,1413 'consum':1147 'contain':747 'context':353 'contextu':242 'control':1232 'convent':237 'copyright':1801 'core':117 'correct':544,570,678,928,1033 'cost':399,455,1214,1233,1263,1486,1650,1738 'cost-fre':1485 'cost-sensit':454 'count':644,685,774,794,804,852,898,916,993 'count.index':906 'cover':19 'creat':41,296,310,319,335,342,709,790,1313,1407 'criteria':1849 'cross':1499,1551 'cross-vari':1498,1550 'd':1284 'data':186,383,1496 'data.tf':382 'day':1561,1569,1577 'decid':56 'decis':389,627,783,1755 'dedic':1314 'deep':616 'default':723,743,1114,1296,1469,1536,1548 'delet':930,937,950,964,1027 'demand':1779 'depend':662,705,922,1034,1038,1057,1654 'deploy':67,490 'depth':1710 'describ':1817 'descript':241,339,717,735,1077,1107,1132 'design':1165 'destroy':711,1030 'destroy/recreate':1466 'detail':226,609,911,1050,1154,1327,1425,1684,1698,1765 'dev':180,744,748,759,1393 'develop':1060 'direct':1017 'directori':171 'disclosur':1690 'dive':617 'doc':109,535 'document':213,1069,1145 'each.key':885 'east':868 'element':1451 'enabl':1316 'encrypt':589,1299,1317 'end':482,484,673 'end-to-end':481 'ensur':927,1032 'enterpris':30 'environ':66,173,175,202,489,734,736,754,1556,1829 'environment-specif':174,1828 'error':752,942,1028,1572 'essenti':1274,1691 'exact':1351,1388 'exampl':187,190,210,912,1051,1085,1089,1094,1371,1518,1583 'execut':1204,1208 'exist':78 'expens':486 'experi':31 'expert':1834 'expertis':439 'explicit':1037,1109 'express':577,594,600,607 'extern':1627,1653 'fall':957 'fallback':1449,1522 'fals':731,763,1454 'fast':549 'featur':1093,1435,1437,1441,1589,1676 'file':369,1097,1177,1339,1697,1705,1797 'final':1660 'first':648,956 'fix':806 'fixtur':217 'flowchart':628,1756 'fmt':407,514 'focus':222,447,1606 'forc':961 'format':1186 'framework':62,388,426,614,1481,1604,1628,1707 'free':408,419,433,453,464,1223,1487 'free-low':432 'full':469,488,1092,1799 'full-featur':1091 'fulli':1667 'function':1446,1491 'gateway':683,688,850,855 'generat':524,1201 'generic':274 'get':536 'github':1257,1733 'gitlab':1259,1735 'go':438,1100 'good':240,254,677,844,864 'govern':1674 'group':134,141,271,316,1302,1325 'guid':611,615,784,909,1160,1256,1333,1685,1699,1711,1758,1773 'guidanc':18,1329,1593,1783 'guidelin':767 'handl':565 'hcl':239,304,329,350,676,732,843,863,932,1348,1519 'hierarchi':124,164,234 'high':476 'hint':949 'iac':54 'iam':601 'id':692,695,697,700,970,975,1000,1011,1013,1526,1531 'ident':809 'identifi':539 'implement':68,1235 'in-depth':1708 'includ':1106,1131 'index':572 'inflex':1353 'inform':1692,1766 'infra':473 'infrastructur':5,52,72,143,160,168,480,1031 'infrastructure-as-cod':71 'init':1406,1415 'initi':1404 'input':374,551,1074,1843 'instanc':245,282,363,367 'instead':110 'integr':215,440,470,496,1180,1226,1262,1335,1637,1657,1745 'ipv4':988 'isol':503 'issu':1269,1286 'item':811 'iter':579 'keep':218,1632 'key':197,824 'know':100 'last':658 'latest':1411 'least':1322 'least-privileg':1321 'length':899 'licens':1673,1784,1788,1792,1796 'lifecycl':595,669,708 'like':493 'limit':1805 'line':650 'link':107 'lint':414,515,1190 'list':818 'load':1776 'local':920,925,947,952,1015,1055 'local.vpc':1012 'lock':1402 'log':253 'logic':133,423 'low':434,444 'low-m':443 'main':283,1230,1696 'main.tf':370,1070 'maintain':838 'major':1381 'manag':87,923,1058,1310,1337,1344,1427,1432,1747 'map':827 'mark':1133 'match':1814 'materi':585 'matrix':390 'matter':1025 'may':812 'mcp':532 'med':445,475 'med-high':474 'messag':753,1573 'middl':888 'might':935 'migrat':908,1625 'minim':196,1086,1087 'minimum':1362 'minor':1374 'miss':1851 'mock':458,463,1219,1482,1644,1652 'mode':546 'moder':498 'modern':1433,1587 'modul':21,48,83,123,131,144,148,154,167,169,181,183,188,206,219,227,232,295,309,318,500,1059,1062,1066,1155,1158,1385,1392,1719,1721 'module_test.tftest.hcl':1098 'move':1461 'multi':65,466 'multi-cloud':465 'multi-environ':64 'multipl':152,162,327,336,343,832 'must':755 'my-modul':1064 'name':236,275,340,702,737,828,833,1174,1176,1542 'nat':682,687,704,849,854 'nativ':424,461,518,621,1196,1474,1602,1618,1715 'need':355,667,675,1703,1764 'network':184 'never':1513 'new':42,1617,1643 'non':278 'non-singleton':277 'null':1457 'nullabl':727,762,1453 'number':807,1546,1563 'numer':802 'object':1141,1472,1541 'on/off':799 'one':156,260,298,311,320,757 'opa':451 'open':1300 'opentofu':17,45,1615,1641,1664,1683 'optim':1215,1264,1739 'option':385,1467,1471,1532,1533,1545 'order':638,640,679,715,772,931,951,1035 'organ':1178 'orphan':1240 'output':377,1079,1129,1135,1152,1164,1524,1823 'outputs.tf':376,1078 'paramet':1311 'particular':1040 'patch':1395 'pattern':25,84,231,587,770,840,915,1054,1156,1159,1170,1430,1581,1586,1720,1730 'permiss':1844 'philosophi':122 'pin':1373,1380,1387 'plan':61,548,1200,1205,1423,1611 'platform':112 'polici':448,602 'pr':1221 'practic':9,521,1102,1163,1725 'pre':410,435 'pre-commit':409 'prefix':351 'prevent':1026,1239,1456 'primari':371,1071 'principl':118,198 'privat':877,897 'privileg':1323 'problem':933 'prod':178,203,750,761,1386,1567 'product':24,492,1213,1574 'production-lik':491 'progress':1689 'project':80 'provid':103,380,459,534,1082,1112,1379,1418,1483,1490,1494,1645,1781 'provider-specif':102,1493 'public':1009 'purpos':151 'pyramid':478 'question':98,113 'quick':400,625,782,1171,1265,1517,1679,1750 'readme.md':1067 'real':472,504,659,1656 'recommend':396,1181,1356 'recreat':890 'reduc':1649 'refactor':77,1464 'refer':106,626,822,953,1018,1172,1266,1680,1704,1751,1770 'region/account':157 'regions/accounts':163 'relat':1143 'relationship':1504 'remov':865,887 'reordered/removed':814 'replac':1450 'replic':803 'requir':555,719,1376,1575,1842 'resourc':130,137,147,153,165,166,238,243,248,258,264,268,280,284,290,299,305,313,328,330,344,372,505,537,636,680,739,810,820,831,834,847,874,894,929,977,985,1006,1072,1173,1241,1246 'respons':224 'rest':1319 'return':1140 'reusabl':182,207 'review':75,1203,1419,1835 'riski':1363 'rule':142,590 'run':1193,1225 's3':250,286,588 'safe':1448,1521 'safeti':1845 'scan':517,1280 'scenario':785 'schema':529,538 'scope':129,1816 'search':533 'secondari':954,995,1046 'secret':1128,1292,1309,1336,1512,1746 'secur':140,270,315,516,1272,1275,1279,1301,1324,1328,1331,1340,1742 'security/compliance':446 'see':229,612,768,913,1052,1157,1253,1330,1428,1584,1678,1794 'sensibl':1113 'sensit':456,1125,1134,1137 'sentinel':452 'separ':201 'serv':192 'server':247 'set':49,561,567,591,597,604,729 'set-typ':560,566 'setup':494 'sg':321,1525 'sheet':632,1754 'simpl':422,798,801,1630 'singl':132,223 'singleton':257,279,289 'situat':395 'skill':3,11,36,39,93,1671,1687,1786,1808 'skill-terraform-skill' 'skip':1298 'small':220 'solut':943,1271 'sourc':384 'source-sickn33' 'span':161 'specif':104,176,1495,1592,1830 'spend':1248 'stabl':819,858 'stage':179,204,749,760,1183 'standard':635,1061 'state':86,1338,1516 'statement':603 'static':403,413,510,619,1278,1608,1713 'stop':1836 'store':1291,1312,1514 'strategi':387,1216,1366,1370 'strict':639 'string':742,1543,1558 'structur':63,121,172,634,766,773,1063,1722 'subnet':139,332,337,696,873,876,893,896,934,965,1008 'subsequ':892 'substitut':1826 'success':1848 'summari':1103 'support':1668 'syntax':97,401,1188,1347 'tag':656,665,701,740,1243 'task':1812 'templat':1252,1737 'term':1800 'terraform':2,4,10,15,43,405,420,430,531,962,1372,1405,1414,1422,1434,1588,1594,1613,1619,1639,1662,1681 'terraform-best-practices.com':28,200 'terraform-skil':1 'terraform.lock.hcl':1408 'terraform/opentofu':79,96,116 'terratest':442,471,624,1198,1598,1633,1718 'test':20,51,58,194,216,386,392,425,431,441,462,477,485,497,501,507,519,525,610,613,622,1095,1096,1192,1195,1227,1245,1342,1421,1475,1480,1489,1600,1603,1620,1622,1631,1638,1648,1658,1706,1716,1749,1832 'tflint':416 'timeout':1544 'tofu':1621 'toggl':800 'tool':398 'topic':1769 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'toset':817,880 'track':1247 'transform':1497 'transit':596 'treat':1821 'tri':945,971,1445,1520,1528 'trivi':417,1281 'trivy/checkov':1334,1744 'troubleshoot':1757 'true':712,1126,1138,1571 'type':125,233,263,302,348,541,562,568,721,741,1110,1540,1557,1562 'unit':1488,1647 'unrel':114 'updat':1396,1399,1409,1417 'upgrad':1416 'us':867 'us-east-1b':866 'usag':189,1068 'use':34,91,128,209,291,324,338,575,581,592,598,605,780,786,924,944,1014,1041,1108,1124,1218,1295,1307,1320,1443,1597,1655,1688,1761,1806 'valid':60,406,412,415,513,528,552,725,745,1119,1185,1189,1222,1501,1503,1553,1564,1612,1661,1831 'valu':378,558,1080,1115,1144,1458,1527 'var.add':994 'var.availability':881,900,904 'var.backup':1568 'var.create':686,853 'var.database':362 'var.environment':751,1566 'var.name':703 'var.vpc':356 'variabl':349,375,713,733,1075,1104,1161,1175,1294,1460,1500,1506,1538,1552,1555,1559 'variable/output':1723 'variables.tf':373,1073 'version':381,1083,1343,1345,1349,1354,1360,1375,1377,1382,1383,1389,1390,1397,1403,1426,1431,1440,1442,1591 'version-specif':1590 'versions.tf':379,1081 'vpc':138,266,307,312,960,969,974,979,987,999,1010,1043,1297 'vpcs':1315 'vs':775,917,1167,1663,1682,1727 'web':246 'within':1412 'without':1036,1465 'work':1088 'workflow':457,1182,1255,1400,1732 'write':1508 'write-on':1507 'x':1358 'zone':882,884,901,903,905","prices":[{"id":"d4d4fc35-fc6e-403f-93df-702ca67da9fa","listingId":"6b79abe7-b2cf-4b9e-bc0c-ea8807ce8c9f","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:46:08.357Z"}],"sources":[{"listingId":"6b79abe7-b2cf-4b9e-bc0c-ea8807ce8c9f","source":"github","sourceId":"sickn33/antigravity-awesome-skills/terraform-skill","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/terraform-skill","isPrimary":false,"firstSeenAt":"2026-04-18T21:46:08.357Z","lastSeenAt":"2026-04-22T06:52:00.258Z"}],"details":{"listingId":"6b79abe7-b2cf-4b9e-bc0c-ea8807ce8c9f","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"terraform-skill","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34460,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-22T06:40:00Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"d191b8f288ee42bc3ca04119d32bbbf36e3cb5aa","skill_md_path":"skills/terraform-skill/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/terraform-skill"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"terraform-skill","description":"Terraform infrastructure as code best practices"},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/terraform-skill"},"updatedAt":"2026-04-22T06:52:00.258Z"}}