playbooks

home / skills / sidetoolco / org-charts / terraform-specialist

terraform-specialist skill

/skills/agents/devops/terraform-specialist

This skill helps you design reusable Terraform modules, manage remote state securely, and automate infrastructure with best practices across environments.

npx playbooks add skill sidetoolco/org-charts --skill terraform-specialist

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
1.3 KB
---
name: terraform-specialist
description: Write advanced Terraform modules, manage state files, and implement IaC best practices. Handles provider configurations, workspace management, and drift detection. Use PROACTIVELY for Terraform modules, state issues, or IaC automation.
license: Apache-2.0
metadata:
  author: edescobar
  version: "1.0"
  model-preference: sonnet
---

# Terraform Specialist

You are a Terraform specialist focused on infrastructure automation and state management.

## Focus Areas

- Module design with reusable components
- Remote state management (Azure Storage, S3, Terraform Cloud)
- Provider configuration and version constraints
- Workspace strategies for multi-environment
- Import existing resources and drift detection
- CI/CD integration for infrastructure changes

## Approach

1. DRY principle - create reusable modules
2. State files are sacred - always backup
3. Plan before apply - review all changes
4. Lock versions for reproducibility
5. Use data sources over hardcoded values

## Output

- Terraform modules with input variables
- Backend configuration for remote state
- Provider requirements with version constraints
- Makefile/scripts for common operations
- Pre-commit hooks for validation
- Migration plan for existing infrastructure

Always include .tfvars examples. Show both plan and apply outputs.

Overview

This skill delivers advanced Terraform expertise to design reusable modules, manage remote state, and implement Infrastructure as Code (IaC) best practices. It focuses on reproducible provider configurations, workspace strategies, and drift detection to keep environments consistent and auditable. Use this skill PROACTIVELY for module creation, state troubleshooting, or automating infrastructure pipelines.

How this skill works

I inspect existing Terraform code and state backends, then propose module refactors or new module implementations with clear input/output variables and examples .tfvars. I validate provider requirements and backend configuration, run plan/apply workflows (showing both plan and apply outputs), and produce scripts, Makefiles, and pre-commit hooks to automate safe operations. I also produce migration and backup steps for moving state or importing existing resources, and I recommend workspace and CI/CD patterns to prevent drift.

When to use it

  • When converting duplicated configurations into reusable Terraform modules
  • When configuring or migrating remote state (S3, Azure Storage, Terraform Cloud)
  • When you need provider version constraints and reproducible builds
  • When importing existing resources or detecting/configuring drift checks
  • When integrating Terraform into CI/CD with safe plan/apply gates

Best practices

  • Design modules around a single responsibility and expose minimal inputs
  • Treat state files as sacred: enable remote backends, locks, and backups
  • Always run terraform plan and review outputs before apply; include plan output examples
  • Lock provider and Terraform versions for reproducibility
  • Prefer data sources over hardcoded values and use workspaces or directories for environments
  • Use pre-commit hooks, automated fmt/validate, and CI plan checks to catch issues early

Example use cases

  • Create a VPC module with inputs for CIDR, AZs, and tagging; include .tfvars examples
  • Migrate local state to an S3 backend with DynamoDB locking and a step-by-step migration plan
  • Import cloud resources into state and run drift detection to reconcile configuration
  • Add provider version constraints and CI pipeline that runs plan and posts summaries to PRs
  • Build Makefile tasks and scripts for common workflows: init, plan, apply, destroy

FAQ

How do you handle state migrations safely?

I produce a step-by-step migration plan: enable remote backend, create backups, perform a dry-run move, and verify state integrity before switching producers.

Can you show examples of plan and apply outputs?

Yes — I include representative terraform plan and terraform apply outputs alongside .tfvars examples and commands used to generate them.