zhongwei/gh-josiahsiegel-claude-code-marketplace-plugins-terraform-master
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
91ec8d924a042fb8792b7e5ca54e8ad8a8dd9a8a
gh-josiahsiegel-claude-code…/skills/terraform-tasks/SKILL.md
Zhongwei Li 91ec8d924a Initial commit
2025-11-30 08:29:21 +08:00

348 lines
9.3 KiB
Markdown
Raw Blame History

---
name: terraform-tasks
description: Specialized Terraform task execution skill for autonomous infrastructure operations. Handles code generation, debugging, version management, security scanning, and architecture design across all providers and platforms.
---
# Terraform Tasks Skill
## 🚨 CRITICAL GUIDELINES
### Windows File Path Requirements
**MANDATORY: Always Use Backslashes on Windows for File Paths**
When using Edit or Write tools on Windows, you MUST use backslashes (`\`) in file paths, NOT forward slashes (`/`).
**Examples:**
- ❌ WRONG: `D:/repos/project/file.tsx`
- ✅ CORRECT: `D:\repos\project\file.tsx`
This applies to:
- Edit tool file_path parameter
- Write tool file_path parameter
- All file operations on Windows systems
### Documentation Guidelines
**NEVER create new documentation files unless explicitly requested by the user.**
- **Priority**: Update existing README.md files rather than creating new documentation
- **Repository cleanliness**: Keep repository root clean - only README.md unless user requests otherwise
- **Style**: Documentation should be concise, direct, and professional - avoid AI-generated tone
- **User preference**: Only create additional .md files when user specifically asks for documentation
---
This skill enables autonomous execution of complex Terraform tasks with comprehensive provider knowledge and platform awareness.
## Capabilities
### 1. Infrastructure Code Generation
Generate complete, production-ready Terraform code for any cloud provider:
**Process**:
1. Determine provider and version from user context
2. Research latest provider documentation if needed
3. Generate complete configurations with:
- Provider version constraints
- Resource configurations
- Variables with validation
- Outputs
- Security best practices
- Platform-specific considerations
**Example Tasks**:
- "Create Azure Storage Account with private endpoints and customer-managed keys"
- "Generate AWS VPC with 3-tier architecture and NAT gateways"
- "Build GCP GKE cluster with Workload Identity and node pools"
### 2. Version Management
Handle Terraform and provider version upgrades:
**Process**:
1. Check current versions
2. Research changelogs and breaking changes
3. Propose upgrade path
4. Generate migration code
5. Provide testing strategy
**Example Tasks**:
- "Upgrade from AzureRM provider 2.x to 3.x"
- "Migrate Terraform 0.12 code to 1.x"
- "Update all providers to latest compatible versions"
### 3. Debugging and Troubleshooting
Diagnose and fix Terraform issues:
**Process**:
1. Gather diagnostic information
2. Analyze error messages and logs
3. Identify root cause
4. Provide platform-specific solution
5. Suggest preventive measures
**Example Tasks**:
- "Debug state lock timeout on Windows"
- "Fix provider authentication failure in Azure DevOps pipeline"
- "Resolve circular dependency in module structure"
### 4. Security Scanning and Remediation
Scan and fix security issues:
**Process**:
1. Run security scanners (tfsec, Checkov)
2. Analyze findings
3. Prioritize issues
4. Generate fixes
5. Explain security implications
**Example Tasks**:
- "Run tfsec and fix all HIGH severity issues"
- "Ensure all S3 buckets have encryption enabled"
- "Implement Azure storage account with all security best practices"
### 5. Architecture Review
Review and improve Terraform architecture:
**Process**:
1. Analyze current structure
2. Identify anti-patterns
3. Propose improvements
4. Generate refactoring plan
5. Document decisions (ADRs)
**Example Tasks**:
- "Review state management strategy for 500+ resources"
- "Design multi-region architecture for high availability"
- "Refactor monolithic state into layered approach"
### 6. CI/CD Pipeline Generation
Create complete CI/CD pipelines:
**Process**:
1. Determine CI/CD platform
2. Understand environment strategy
3. Generate pipeline configuration
4. Include security scanning
5. Add approval gates
6. Implement drift detection
**Example Tasks**:
- "Create Azure DevOps pipeline with multi-stage deployment"
- "Generate GitHub Actions workflow with OIDC authentication"
- "Build GitLab CI pipeline with Terraform Cloud backend"
### 7. Module Development
Create reusable Terraform modules:
**Process**:
1. Design module interface
2. Implement with best practices
3. Add variable validation
4. Generate documentation
5. Create examples
6. Set up testing
**Example Tasks**:
- "Create Azure networking module with hub-spoke pattern"
- "Build AWS ECS module with auto-scaling and ALB"
- "Develop GCP Cloud Run module with custom domains"
### 8. Migration Tasks
Migrate infrastructure to Terraform:
**Process**:
1. Inventory existing resources
2. Generate import commands
3. Create matching Terraform code
4. Validate configurations
5. Test import process
6. Plan cutover strategy
**Example Tasks**:
- "Import existing Azure resources into Terraform"
- "Migrate from CloudFormation to Terraform"
- "Convert ARM templates to Terraform HCL"
## Autonomous Behavior
This skill operates autonomously with minimal user intervention:
### Information Gathering
- Automatically detect Terraform and provider versions
- Identify platform (Windows/Linux/macOS)
- Detect CI/CD environment
- Check for existing configurations
### Research
- Use WebSearch to find current documentation
- Check provider changelogs for breaking changes
- Research best practices
- Find platform-specific solutions
### Code Generation
- Generate complete, working code
- Include all necessary files (main.tf, variables.tf, outputs.tf, etc.)
- Add comprehensive comments
- Follow naming conventions
- Apply security best practices
### Validation
- Run terraform fmt on generated code
- Validate syntax
- Check for security issues
- Test configurations when possible
### Documentation
- Explain architectural decisions
- Document usage examples
- Note version compatibility
- Include troubleshooting tips
## Error Handling
When encountering issues:
1. **Gather Context**: Collect all relevant information
2. **Research**: Look up error messages and solutions
3. **Platform Awareness**: Consider OS-specific issues
4. **Multiple Solutions**: Provide alternatives when available
5. **Prevention**: Suggest how to avoid similar issues
## Platform-Specific Considerations
### Windows
- PowerShell syntax for commands
- Path handling (backslashes)
- Line ending considerations
- Execution policy issues
- Credential management
### Linux/macOS
- Bash syntax for commands
- File permissions
- Package managers
- Environment variables
### CI/CD Environments
- Pipeline-specific syntax
- Agent capabilities
- Authentication methods
- Artifact handling
## Quality Standards
All generated Terraform code must:
- Be properly formatted (terraform fmt)
- Pass validation (terraform validate)
- Include security best practices
- Have comprehensive variable validation
- Include meaningful descriptions
- Follow naming conventions
- Be version-compatible
- Include usage examples
- Have proper output definitions
## Provider Expertise
### Azure (AzureRM)
- All resource types
- AzAPI for preview features
- Service endpoints and private endpoints
- Managed identities
- RBAC and policies
### AWS
- All services
- IAM roles and policies
- VPC networking
- S3 backend configuration
- Cross-account deployments
### Google Cloud
- All GCP services
- IAM and service accounts
- VPC and networking
- GCS backend configuration
- Organization and folder policies
### Community Providers
- Kubernetes and Helm
- Datadog, PagerDuty
- GitHub, GitLab
- HashiCorp Vault
- And more...
## Examples
### Example 1: Generate Azure Storage Account
**User Request**: "Create an Azure Storage Account with all security best practices"
**Skill Actions**:
1. Detect/ask for AzureRM provider version
2. Research latest security requirements
3. Generate complete configuration:
- Storage account with secure settings
- Private endpoint
- Diagnostic settings
- Customer-managed encryption keys
- Network rules
- Variables with validation
- Outputs
4. Include usage examples
5. Add security scanner ignore comments where appropriate with explanations
### Example 2: Debug Plan Failure
**User Request**: "My terraform plan is failing with authentication error on Windows"
**Skill Actions**:
1. Ask for error details
2. Identify it's Azure CLI authentication
3. Provide Windows-specific solution:
- PowerShell commands to check authentication
- How to refresh credentials
- Environment variable configuration
- Alternative authentication methods
4. Explain root cause
5. Suggest prevention
### Example 3: Architecture Review
**User Request**: "Review my Terraform structure, I have 1000+ resources in one state file"
**Skill Actions**:
1. Analyze current structure
2. Identify issues:
- Large state file
- Slow operations
- Large blast radius
3. Propose layered architecture:
- Split into foundation/platform/apps
- Separate state files
- Remote state data sources
4. Generate migration plan
5. Create ADR documenting decision
6. Provide implementation steps
## Integration with terraform-expert Agent
This skill works in tandem with the terraform-expert agent:
- Agent provides strategic guidance
- Skill executes tactical tasks
- Agent validates skill outputs
- Skill reports back to agent
Use this skill when you need to autonomously execute Terraform tasks with comprehensive provider knowledge and platform awareness.
Reference in New Issue View Git Blame Copy Permalink