/ Verzeichnis / Playground / terrashark
← Alle Server ↗ GitHub
● Community LukasNiessen ⚡ Sofort

terrashark

von LukasNiessen · LukasNiessen/terrashark

Terraform skill that actually follows HashiCorp best practices — eliminates LLM hallucinations with grounded, modular IaC.

TerraShark prevents the common Claude failure mode of hallucinated Terraform resource arguments by grounding generation in official HashiCorp best practices. Biases toward modular code, sensible state layout, and security defaults. Good for greenfield IaC and for fixing up LLM-generated Terraform that doesn't terraform plan cleanly.

▶ Demo ansehen 📦 Installieren 💡 Anwendungsfälle

Warum nutzen

Hauptfunktionen

Live-Demo

In der Praxis

terrashark-skill.replay ▶ bereit
0/0

Installieren

Wählen Sie Ihren Client

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "terrashark-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/LukasNiessen/terrashark",
        "~/.claude/skills/terrashark"
      ],
      "_inferred": true
    }
  }
}

Öffne Claude Desktop → Settings → Developer → Edit Config. Nach dem Speichern neu starten.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "terrashark-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/LukasNiessen/terrashark",
        "~/.claude/skills/terrashark"
      ],
      "_inferred": true
    }
  }
}

Cursor nutzt das gleiche mcpServers-Schema wie Claude Desktop. Projektkonfiguration schlägt die globale.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "terrashark-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/LukasNiessen/terrashark",
        "~/.claude/skills/terrashark"
      ],
      "_inferred": true
    }
  }
}

Klicken Sie auf das MCP-Servers-Symbol in der Cline-Seitenleiste, dann "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "terrashark-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/LukasNiessen/terrashark",
        "~/.claude/skills/terrashark"
      ],
      "_inferred": true
    }
  }
}

Gleiche Struktur wie Claude Desktop. Windsurf neu starten zum Übernehmen.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "terrashark-skill",
      "command": "git",
      "args": [
        "clone",
        "https://github.com/LukasNiessen/terrashark",
        "~/.claude/skills/terrashark"
      ]
    }
  ]
}

Continue nutzt ein Array von Serverobjekten statt einer Map.

~/.config/zed/settings.json
{
  "context_servers": {
    "terrashark-skill": {
      "command": {
        "path": "git",
        "args": [
          "clone",
          "https://github.com/LukasNiessen/terrashark",
          "~/.claude/skills/terrashark"
        ]
      }
    }
  }
}

In context_servers hinzufügen. Zed lädt beim Speichern neu.

claude mcp add terrashark-skill -- git clone https://github.com/LukasNiessen/terrashark ~/.claude/skills/terrashark

Einzeiler. Prüfen mit claude mcp list. Entfernen mit claude mcp remove.

Anwendungsfälle

Praxisnahe Nutzung: terrashark

How to scaffold a production-grade AWS VPC module

👤 Platform engineers starting a new environment ⏱ ~45 min intermediate

Wann einsetzen: Day one of a new AWS account; you want a VPC module that won't embarrass you in 6 months.

Voraussetzungen
  • Skill installed — git clone https://github.com/LukasNiessen/terrashark ~/.claude/skills/terrashark
  • terraform CLI 1.6+ — brew install terraform
Ablauf
  1. Generate module
    Use terrashark. AWS VPC module, 3 AZs, public + private + db subnets, NAT gateways per AZ, flow logs on.✓ Kopiert
    → Module with variables.tf, main.tf, outputs.tf — no hallucinated args
  2. Add security defaults
    Ensure default security group denies all, flow logs go to CloudWatch with KMS-CMK encryption.✓ Kopiert
    → Security group + logging + KMS wired
  3. Validate
    Run terraform init + validate + plan with example tfvars.✓ Kopiert
    → Clean plan output, no errors

Ergebnis: A VPC module that terraform validates clean and follows AWS best practices.

Fallstricke
  • LLM suggests deprecated aws_vpc_endpoint arg — TerraShark grounds in current docs; if drift still happens, ask it to cite the HashiCorp page
  • Module too monolithic — Ask for split: networking module vs. endpoints module separately
Kombinieren mit: aws-skill

Fix LLM-generated Terraform that doesn't plan

👤 Engineers cleaning up AI-generated IaC ⏱ ~20 min intermediate

Wann einsetzen: Another LLM gave you Terraform that looks reasonable but terraform plan fails on unknown arguments.

Ablauf
  1. Point at the broken file
    terraform plan fails on modules/rds. Use terrashark to fix each invalid argument with the current correct form.✓ Kopiert
    → Per-error fix with HashiCorp doc reference
  2. Validate
    Re-run plan; if any errors remain, iterate.✓ Kopiert
    → Clean plan

Ergebnis: A file that plans clean.

Design a remote state layout for multi-env

👤 Teams graduating from local state ⏱ ~60 min advanced

Wann einsetzen: You have dev + staging + prod and one giant terraform.tfstate.

Ablauf
  1. Propose layout
    Design S3 remote backend with per-env state files and DynamoDB locking. 3 envs.✓ Kopiert
    → Backend config per env with key separation + locking
  2. Migration plan
    Plan the migration from a single local state to this layout, step by step.✓ Kopiert
    → terraform state mv steps + safety checkpoints

Ergebnis: A state layout you can migrate to without losing state.

Fallstricke
  • Accidentally deleting state during migration — Always pull and back up state files before any mv operation

Kombinationen

Mit anderen MCPs für 10-fache Wirkung

terrashark-skill + aws-skill

AWS skill sizes architecture, TerraShark implements IaC

Design the architecture with aws-skill, implement as Terraform with terrashark.✓ Kopiert
terrashark-skill + claude-code-owasp-skill

Security-review the generated IaC

After terrashark scaffolds the module, run OWASP security review on the IAM and networking blocks.✓ Kopiert

Werkzeuge

Was dieses MCP bereitstellt

WerkzeugEingabenWann aufrufenKosten
Module scaffolding provider, resource shape Greenfield IaC Claude tokens
Hallucination fix tf file + error log Cleaning up AI-generated TF Claude tokens
State layout design envs, team shape Multi-env setups Claude tokens
Security defaults - Pre-prod review Claude tokens

Kosten & Limits

Was der Betrieb kostet

API-Kontingent
None
Tokens pro Aufruf
10-30k per module
Kosten in €
Free
Tipp
Generate module by module, not whole environment in one shot.

Sicherheit

Rechte, Secrets, Reichweite

Credential-Speicherung: No credentials. TerraShark doesn't run terraform apply itself.
Datenabfluss: Prompts go to Claude. Terraform plan/apply hits your cloud provider using your local creds.

Fehlerbehebung

Häufige Fehler und Lösungen

terraform validate fails on unknown argument

Ask TerraShark to reconcile against the current provider doc URL; provider version may be newer than the skill's prompt context.

Prüfen: terraform providers
Plan creates unwanted destroys

Usually state-drift or implicit renaming. Run terraform plan -target to isolate before apply.

Alternativen

terrashark vs. andere

AlternativeWann stattdessenKompromiss
Hand-writing with official docs openYou know the provider deeplySlower

Mehr

Ressourcen

📖 Offizielle README auf GitHub lesen

🐙 Offene Issues ansehen

🔍 Alle 400+ MCP-Server und Skills durchsuchen