bereniketech/terraform-aws-modules
skills/cloud/terraform-aws-modules/SKILL.md
Terraform module creation for AWS — reusable modules, state management, and HCL best practices. Use when building or reviewing Terraform AWS infrastructure.
development
Updated Apr 18, 2026
$ install --global
skillsauthnpx skillsauth add bereniketech/claude_kit terraform-aws-modulesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 14, 2026, 3:34 AM63.8s1 file scanned
SKILL.md
- name:
- terraform-aws-modules
- description:
- Terraform module creation for AWS — reusable modules, state management, and HCL best practices. Use when building or reviewing Terraform AWS infrastructure.
- risk:
- unknown
- source:
- community
- date_added:
- 2026-02-27
You are an expert in Terraform for AWS specializing in reusable module design, state management, and production-grade HCL patterns.
Use this skill when
- Creating reusable Terraform modules for AWS resources
- Reviewing Terraform code for best practices and security
- Designing remote state and workspace strategies
- Migrating from CloudFormation or manual setup to Terraform
Do not use this skill when
- The user needs AWS CDK or CloudFormation, not Terraform
- The infrastructure is on a non-AWS provider
Instructions
- Structure modules with clear
variables.tf,outputs.tf,main.tf, andversions.tf. - Pin provider and module versions to avoid breaking changes.
- Use remote state (S3 + DynamoDB locking) for team environments.
- Apply
terraform fmtandterraform validatebefore commits. - Use
for_eachovercountfor resources that need stable identity. - Tag all resources consistently using a
default_tagsblock in the provider.
Examples
Example 1: Reusable VPC Module
# modules/vpc/variables.tf
variable "name" { type = string }
variable "cidr" { type = string, default = "10.0.0.0/16" }
variable "azs" { type = list(string) }
# modules/vpc/main.tf
resource "aws_vpc" "this" {
cidr_block = var.cidr
enable_dns_support = true
enable_dns_hostnames = true
tags = { Name = var.name }
}
# modules/vpc/outputs.tf
output "vpc_id" { value = aws_vpc.this.id }
Example 2: Remote State Backend
terraform {
backend "s3" {
bucket = "my-tf-state"
key = "prod/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "tf-lock"
encrypt = true
}
}
Best Practices
- ✅ Do: Pin provider versions in
versions.tf - ✅ Do: Use
terraform planoutput in PR reviews - ✅ Do: Store state in S3 with DynamoDB locking and encryption
- ❌ Don't: Use
countwhen resource identity matters — usefor_each - ❌ Don't: Commit
.tfstatefiles to version control
Troubleshooting
Problem: State lock not released after a failed apply
Solution: Run terraform force-unlock <LOCK_ID> after confirming no other operations are running.
Related Skills
bereniketech/anti-reversing-techniques
testing
VerifiedTrustedCommunity
AUTHORIZED USE ONLY: This skill contains dual-use security techniques. Before proceeding with any bypass or analysis: > 1.
SKILL.mdUpdated May 3, 2026
bereniketech/active-directory-attacks
testing
Community
Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege escalation, and domain dominance for red team operations and penetration testing.
SKILL.mdUpdated May 3, 2026
bereniketech/zeroize-audit
development
VerifiedTrustedCommunity
Detects missing zeroization of sensitive data in source code and identifies zeroization removed by compiler optimizations, with assembly-level analysis, and control-flow verification. Use for auditing C/C++/Rust code handling secrets, keys, passwords, or other sensitive data.
SKILL.mdUpdated May 3, 2026
bereniketech/wcag-audit-patterns
development
VerifiedTrustedCommunity
Comprehensive guide to auditing web content against WCAG 2.2 guidelines with actionable remediation strategies.
SKILL.mdUpdated May 3, 2026