1mangesh1/terraform
skills/terraform/SKILL.md
Terraform infrastructure as code for provisioning, modules, state management, and workspaces. Use when user asks to "create infrastructure", "write Terraform", "manage state", "create module", "import resource", "plan changes", or any IaC tasks.
$ install --global
skillsauthnpx skillsauth add 1mangesh1/dev-skills-collection terraformInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 24, 2026, 10:00 PM45.6s7 files scanned
SKILL.md
- name:
- terraform
- description:
- Terraform infrastructure as code for provisioning, modules, state management, and workspaces. Use when user asks to "create infrastructure", "write Terraform", "manage state", "create module", "import resource", "plan changes", or any IaC tasks.
Terraform
Infrastructure as Code with Terraform.
Core Workflow
# Initialize (download providers)
terraform init
# Preview changes
terraform plan
terraform plan -out=tfplan # Save plan
# Apply changes
terraform apply
terraform apply tfplan # Apply saved plan
terraform apply -auto-approve # Skip confirmation
# Destroy resources
terraform destroy
terraform destroy -target=aws_instance.web
# Format code
terraform fmt
terraform fmt -recursive
# Validate configuration
terraform validate
# Show current state
terraform show
terraform state list
terraform state show aws_instance.web
Basic Configuration
# main.tf
terraform {
required_version = ">= 1.5"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
backend "s3" {
bucket = "my-terraform-state"
key = "prod/terraform.tfstate"
region = "us-east-1"
}
}
provider "aws" {
region = var.region
}
Variables
# variables.tf
variable "region" {
description = "AWS region"
type = string
default = "us-east-1"
}
variable "instance_type" {
description = "EC2 instance type"
type = string
default = "t3.micro"
}
variable "tags" {
description = "Resource tags"
type = map(string)
default = {
Environment = "dev"
ManagedBy = "terraform"
}
}
variable "allowed_cidrs" {
description = "Allowed CIDR blocks"
type = list(string)
default = ["0.0.0.0/0"]
}
# Pass variables
terraform plan -var="region=us-west-2"
terraform plan -var-file="production.tfvars"
# Auto-loaded files: terraform.tfvars, *.auto.tfvars
Outputs
# outputs.tf
output "instance_ip" {
description = "Public IP of the instance"
value = aws_instance.web.public_ip
}
output "bucket_arn" {
description = "S3 bucket ARN"
value = aws_s3_bucket.main.arn
sensitive = true
}
terraform output
terraform output instance_ip
terraform output -json
Resources
# EC2 Instance
resource "aws_instance" "web" {
ami = "ami-0abcdef1234567890"
instance_type = var.instance_type
tags = merge(var.tags, {
Name = "web-server"
})
lifecycle {
create_before_destroy = true
prevent_destroy = true
ignore_changes = [tags["UpdatedAt"]]
}
}
# S3 Bucket
resource "aws_s3_bucket" "main" {
bucket = "my-app-${var.environment}"
}
# Security Group
resource "aws_security_group" "web" {
name = "web-sg"
description = "Web server security group"
vpc_id = var.vpc_id
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = var.allowed_cidrs
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
Data Sources
# Look up existing resources
data "aws_ami" "ubuntu" {
most_recent = true
owners = ["099720109477"] # Canonical
filter {
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-*-amd64-server-*"]
}
}
data "aws_vpc" "default" {
default = true
}
# Use in resource
resource "aws_instance" "web" {
ami = data.aws_ami.ubuntu.id
}
Modules
# Using module
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "5.0.0"
name = "my-vpc"
cidr = "10.0.0.0/16"
azs = ["us-east-1a", "us-east-1b"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]
enable_nat_gateway = true
}
# Local module
module "web_server" {
source = "./modules/web-server"
instance_type = "t3.small"
subnet_id = module.vpc.public_subnets[0]
}
State Management
# Import existing resource
terraform import aws_instance.web i-1234567890abcdef0
# Move resource in state
terraform state mv aws_instance.old aws_instance.new
# Remove from state (without destroying)
terraform state rm aws_instance.web
# Pull remote state
terraform state pull > state.json
# Replace provider
terraform state replace-provider hashicorp/aws registry.terraform.io/hashicorp/aws
Workspaces
# List workspaces
terraform workspace list
# Create/switch workspace
terraform workspace new staging
terraform workspace select production
# Use in config
resource "aws_instance" "web" {
instance_type = terraform.workspace == "production" ? "t3.large" : "t3.micro"
}
Common Patterns
# Conditional resource
resource "aws_instance" "bastion" {
count = var.enable_bastion ? 1 : 0
# ...
}
# For each
resource "aws_iam_user" "users" {
for_each = toset(var.user_names)
name = each.value
}
# Dynamic blocks
resource "aws_security_group" "main" {
dynamic "ingress" {
for_each = var.ingress_rules
content {
from_port = ingress.value.port
to_port = ingress.value.port
protocol = "tcp"
cidr_blocks = ingress.value.cidrs
}
}
}
# Local values
locals {
common_tags = {
Environment = var.environment
Project = var.project_name
ManagedBy = "terraform"
}
}
Reference
For module patterns, workspaces, and backends: references/patterns.md
Related Skills
1mangesh1/xargs-parallel
tools
VerifiedTrustedCommunity
Parallel execution with xargs, GNU parallel, and batch processing patterns. Use when user mentions "xargs", "parallel", "batch processing", "run in parallel", "parallel execution", "process list of files", "bulk operations", "concurrent commands", "map over files", or running commands on multiple inputs.
3SKILL.mdUpdated Apr 28, 2026
1mangesh1/websockets
development
VerifiedTrustedCommunity
WebSocket implementation for real-time bidirectional communication. Use when user mentions "websocket", "ws://", "wss://", "real-time", "live updates", "chat application", "socket.io", "Server-Sent Events", "SSE", "push notifications", "live data", "streaming data", "bidirectional communication", "websocket server", "reconnection", or building real-time features.
3SKILL.mdUpdated Apr 28, 2026
1mangesh1/webpack-vite
tools
VerifiedTrustedCommunity
Frontend bundler configuration for Webpack and Vite. Use when user mentions "webpack", "vite", "bundler", "vite config", "webpack config", "code splitting", "tree shaking", "hot module replacement", "HMR", "build optimization", "bundle size", "chunk splitting", "loader", "plugin", "esbuild", "rollup", "dev server", or configuring JavaScript build tools.
3SKILL.mdUpdated Apr 28, 2026
1mangesh1/vscode-settings
tools
VerifiedTrustedCommunity
VS Code configuration, extensions, keybindings, and workspace optimization. Use when user mentions "vscode", "vs code", "vscode settings", "vscode extensions", "keybindings", "code editor", "workspace settings", "settings.json", "launch.json", "tasks.json", "vscode snippets", "devcontainer", "remote development", or customizing their VS Code setup.
3SKILL.mdUpdated Apr 28, 2026