lidge-jun/provider-resources
terraform/provider-development/skills/provider-resources/SKILL.md
Implement Terraform Provider resources and data sources using the Plugin Framework. Use when developing CRUD operations, schema design, state management, and acceptance testing for provider resources.
$ install --global
skillsauthnpx skillsauth add lidge-jun/cli-jaw-skills provider-resourcesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 3, 2026, 5:57 AM164.9s5 files scanned
SKILL.md
- name:
- provider-resources
- description:
- Implement Terraform Provider resources and data sources using the Plugin Framework. Use when developing CRUD operations, schema design, state management, and acceptance testing for provider resources.
- copyright:
- Copyright IBM Corp. 2026
- version:
- 0.0.1
Provider Resources Implementation
References: Plugin Framework · Resources · Data Sources
File Structure
internal/service/<service>/
├── <resource_name>.go # Resource implementation
├── <resource_name>_test.go # Acceptance tests
├── <resource_name>_data_source.go # Data source (if applicable)
├── find.go # Finder functions
├── exports_test.go # Test exports
└── service_package_gen.go # Auto-generated registration
website/docs/r/<service>_<resource_name>.html.markdown # Resource docs
website/docs/d/<service>_<resource_name>.html.markdown # Data source docs
Resource Structure
Plugin Framework Pattern (preferred)
type resourceExample struct {
framework.ResourceWithConfigure
}
func (r *resourceExample) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) {
resp.TypeName = req.ProviderTypeName + "_example"
}
func (r *resourceExample) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) {
resp.Schema = schema.Schema{
Attributes: map[string]schema.Attribute{
"id": framework.IDAttribute(),
"name": schema.StringAttribute{
Required: true,
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
Validators: []validator.String{
stringvalidator.LengthBetween(1, 255),
},
},
"arn": schema.StringAttribute{
Computed: true,
PlanModifiers: []planmodifier.String{
stringplanmodifier.UseStateForUnknown(),
},
},
},
}
}
SDKv2 Pattern (legacy — use only when extending existing SDKv2 resources)
func ResourceExample() *schema.Resource {
return &schema.Resource{
CreateWithoutTimeout: resourceExampleCreate,
ReadWithoutTimeout: resourceExampleRead,
UpdateWithoutTimeout: resourceExampleUpdate,
DeleteWithoutTimeout: resourceExampleDelete,
Importer: &schema.ResourceImporter{
StateContext: schema.ImportStatePassthroughContext,
},
Schema: map[string]*schema.Schema{
// ...
},
CustomizeDiff: verify.SetTagsDiff,
}
}
CRUD Operations
Each resource implements Create, Read, Update, and Delete methods.
Key patterns:
- Create: deserialize plan → call API → set ID and computed fields → save state
- Read: load state → call finder → handle NotFound by removing from state → update state
- Update: compare plan vs state → call API for changed fields → save state
- Delete: load state → call API → handle NotFound gracefully
See references/crud-operations.md for complete code examples.
Schema Design
Attribute Types
| Terraform Type | Framework Type | Use Case |
|----------------|----------------|----------|
| string | schema.StringAttribute | Names, ARNs, IDs |
| number | schema.Int64Attribute, schema.Float64Attribute | Counts, sizes |
| bool | schema.BoolAttribute | Feature flags |
| list | schema.ListAttribute | Ordered collections |
| set | schema.SetAttribute | Unordered unique items |
| map | schema.MapAttribute | Key-value pairs |
| object | schema.SingleNestedAttribute | Complex nested config |
Plan Modifiers
stringplanmodifier.RequiresReplace() // Force replacement when value changes
stringplanmodifier.UseStateForUnknown() // Preserve computed value during plan
// Custom plan modifier
stringplanmodifier.RequiresReplaceIf(
func(ctx context.Context, req planmodifier.StringRequest, resp *stringplanmodifier.RequiresReplaceIfFuncResponse) {
// Custom logic
},
"description",
"markdown description",
)
Validators
// String
stringvalidator.LengthBetween(1, 255)
stringvalidator.RegexMatches(regexp.MustCompile(`^[a-z0-9-]+$`), "must be lowercase alphanumeric with hyphens")
stringvalidator.OneOf("option1", "option2", "option3")
// Int64
int64validator.Between(1, 100)
int64validator.AtLeast(1)
int64validator.AtMost(1000)
// List
listvalidator.SizeAtLeast(1)
listvalidator.SizeAtMost(10)
Sensitive Attributes
Mark attributes containing secrets as Sensitive: true to prevent values from appearing in logs and plan output.
"password": schema.StringAttribute{
Required: true,
Sensitive: true,
Validators: []validator.String{
stringvalidator.LengthAtLeast(8),
},
}
State Management
Finder Functions
Wrap API Get calls in a finder that returns retry.NotFoundError when the resource is missing, enabling consistent NotFound handling across CRUD operations.
State Waiters
For async resources, use retry.StateChangeConf to poll until the resource reaches a target state.
See references/state-management.md for implementation examples.
Error Handling
API Error Matching
var notFound *types.ResourceNotFoundException
if errors.As(err, ¬Found) { /* resource missing */ }
var conflict *types.ConflictException
if errors.As(err, &conflict) { /* state conflict */ }
var throttle *types.ThrottlingException
if errors.As(err, &throttle) { /* rate limited — SDK handles retry */ }
Diagnostics
resp.Diagnostics.AddError("Error creating resource",
fmt.Sprintf("Could not create resource: %s", err))
resp.Diagnostics.AddWarning("Resource modified outside Terraform",
"State may be inconsistent")
resp.Diagnostics.AddAttributeError(path.Root("name"),
"Invalid name", "Name must be lowercase alphanumeric")
Testing
Run acceptance tests with TF_ACC=1:
go test -c -o /dev/null ./internal/service/<service> # compile check
TF_ACC=1 go test ./internal/service/<service> -run TestAccExample -v -timeout 60m
TF_ACC=1 go test ./internal/service/<service> -sweep=<region> -v # cleanup
Every resource needs:
- Basic acceptance test with import state verification
- Disappears test (
acctest.CheckResourceDisappears) testAccCheckExampleExistsandtestAccCheckExampleDestroyhelpers
See references/testing-examples.md for full test code.
Documentation
Each resource and data source requires an HTML markdown doc with: Example Usage, Argument Reference, Attribute Reference, Import.
See references/documentation-template.md for the standard template.
Pre-Submission Checklist
- [ ] Code compiles without errors
- [ ] All tests pass locally
- [ ] All CRUD operations implemented
- [ ] Import implemented and tested
- [ ] Disappears test included
- [ ] Documentation complete with examples
- [ ] Error messages are clear and actionable
- [ ] Sensitive attributes marked
- [ ] Plan modifiers set appropriately
- [ ] Validators cover edge cases
External References
- Terraform Plugin Framework
- Terraform Plugin SDKv2
- Acceptance Testing
- terraform-plugin-framework GitHub
Related Skills
lidge-jun/goal
development
VerifiedTrustedCommunity
Goal execution guidelines with PABCD integration, verification tiers, documentation workflow, and AI-driven planning
4SKILL.mdUpdated Jun 5, 2026
lidge-jun/xurl
tools
VerifiedTrustedCommunity
A CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.
4SKILL.mdUpdated May 7, 2026
lidge-jun/xlsx_original
development
VerifiedTrustedCommunity
Use this skill any time a spreadsheet file is the primary input or output (.xlsx, .xlsm, .csv, .tsv). This includes: creating, reading, editing, analyzing, or formatting spreadsheets; cleaning messy tabular data; converting between formats; and data visualization with charts. Also use for pandas-based data analysis when the deliverable is a spreadsheet. Do NOT trigger when the primary deliverable is a Word document, HTML report, standalone Python script, database pipeline, or Google Sheets API integration.
4SKILL.mdUpdated May 6, 2026
lidge-jun/officecli-financial-model
tools
VerifiedTrustedCommunity
Use this skill when the user wants to build a financial model, 3-statement model, DCF valuation, cap table, scenario analysis, or financial projections in Excel. Trigger on: 'financial model', '3-statement model', 'DCF', 'cap table', 'pro forma', 'projections', 'sensitivity analysis', 'waterfall', 'debt schedule', 'break-even', 'discounted cash flow', 'capitalization table', 'fundraising model', 'WACC calculation', 'scenario analysis model'. Input is a text prompt with assumptions. Output is a single .xlsx file with formula-driven, interconnected statement sheets.
4SKILL.mdUpdated May 6, 2026