/ 目錄 / 演練場 / terraform-skill
← 全部伺服器 ↗ GitHub
● 社群 antonbabenko ⚡ 即開即用

terraform-skill

作者 antonbabenko · antonbabenko/terraform-skill

Maintained by Anton Babenko — Terraform and OpenTofu patterns from terraform-best-practices.com and terraform-aws-modules, with when-and-why decision frameworks.

A Claude agent skill for Terraform/OpenTofu work. Teaches Claude to choose between native Terraform tests (1.6+) and Terratest, structure modules like terraform-aws-modules, wire up GitHub Actions / GitLab CI with cost estimation and security scanning, and apply production patterns. Explains not just 'what' but 'when and why'.

▶ 觀看演示 📦 安裝 💡 使用場景

為什麼要用

核心特性

即時演示

實際使用效果

terraform-skill.replay ▶ 就緒
0/0

安裝

選擇你的客戶端

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "terraform-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/antonbabenko/terraform-skill",
        "~/.claude/skills/terraform-skill"
      ],
      "_inferred": true
    }
  }
}

開啟 Claude Desktop → Settings → Developer → Edit Config。儲存後重啟應用。

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "terraform-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/antonbabenko/terraform-skill",
        "~/.claude/skills/terraform-skill"
      ],
      "_inferred": true
    }
  }
}

Cursor 使用與 Claude Desktop 相同的 mcpServers 格式。專案級設定優先於全域。

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "terraform-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/antonbabenko/terraform-skill",
        "~/.claude/skills/terraform-skill"
      ],
      "_inferred": true
    }
  }
}

點擊 Cline 側欄中的 MCP Servers 圖示,然後選 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "terraform-skill": {
      "command": "git",
      "args": [
        "clone",
        "https://github.com/antonbabenko/terraform-skill",
        "~/.claude/skills/terraform-skill"
      ],
      "_inferred": true
    }
  }
}

格式與 Claude Desktop 相同。重啟 Windsurf 生效。

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "terraform-skill",
      "command": "git",
      "args": [
        "clone",
        "https://github.com/antonbabenko/terraform-skill",
        "~/.claude/skills/terraform-skill"
      ]
    }
  ]
}

Continue 使用伺服器物件陣列,而非映射。

~/.config/zed/settings.json
{
  "context_servers": {
    "terraform-skill": {
      "command": {
        "path": "git",
        "args": [
          "clone",
          "https://github.com/antonbabenko/terraform-skill",
          "~/.claude/skills/terraform-skill"
        ]
      }
    }
  }
}

加入 context_servers。Zed 儲存後熱重載。

claude mcp add terraform-skill -- git clone https://github.com/antonbabenko/terraform-skill ~/.claude/skills/terraform-skill

一行命令搞定。用 claude mcp list 驗證,claude mcp remove 移除。

使用場景

實戰用法: terraform-skill

Scaffold a new Terraform module the idiomatic way

👤 Platform engineers publishing a reusable module ⏱ ~45 min intermediate

何時使用: You're splitting out a module for internal or public reuse and want the structure right the first time.

步驟
  1. State the module's purpose
    Use the terraform-skill. Scaffold a module for an AWS ECS service with optional ALB and CloudWatch alarms.✓ 已複製
    → Structure follows terraform-aws-modules conventions — main.tf, variables.tf, outputs.tf, versions.tf, README.md, examples/
  2. Add tests
    Recommend tests — native or Terratest? Apply the decision framework.✓ 已複製
    → Reasoned choice and scaffolded test files

結果: A module that passes review on the first PR.

注意事項
  • Versioning too loose (~> vs specific) — Skill defaults to pinned minors for required_providers
搭配使用: github

Add a hardened CI pipeline to an existing Terraform repo

👤 DevOps / platform engineers ⏱ ~40 min advanced

何時使用: Your repo lacks plan-on-PR, cost checks, or security scans.

前置條件
  • GitHub or GitLab hosting — For the respective pipeline template
步驟
  1. Request the pipeline
    Use terraform-skill. Add GitHub Actions for plan-on-PR, Infracost, tfsec, and gated apply on main.✓ 已複製
    → Workflow files with concurrency guards, OIDC auth, status checks
  2. Security tune
    Which Checkov / tfsec rules should we fail on vs warn?✓ 已複製
    → Opinionated list with rationale

結果: A pipeline that blocks risky changes without slowing everyone down.

注意事項
  • Pipeline uses long-lived AWS keys — Skill prefers OIDC/role assumption, not static keys
搭配使用: github

Design a multi-environment layout without state explosions

👤 Teams scaling from dev/prod to dev/staging/prod/per-tenant ⏱ ~60 min advanced

何時使用: You feel the pain of copy-pasted env folders or a monolith state.

步驟
  1. Describe the envs
    Use terraform-skill. We need dev/staging/prod plus per-tenant envs. What layout scales?✓ 已複製
    → Recommendation with tradeoffs (workspaces vs dirs vs Terragrunt)
  2. Plan the migration
    We're currently on a single state. Sketch the migration.✓ 已複製
    → State-move plan with risk callouts

結果: A layout you can defend in an ADR.

注意事項
  • Moving state without imports/breakdowns can destroy resources — The skill insists on terraform state mv / import steps, not delete-and-recreate

組合

與其他 MCP 搭配,撬動十倍槓桿

terraform-skill + github

Skill produces module + workflow; GitHub MCP opens the PR

Scaffold the module, add the workflow, open a PR into our platform repo.✓ 已複製
terraform-skill + aws

Cross-check the Terraform plan against live AWS state

Show me the plan, then diff against actual resources via the AWS MCP.✓ 已複製

工具

此 MCP 暴露的能力

工具輸入參數何時呼叫成本
Module scaffolding module purpose + provider Starting a new module 0
Test strategy advisor module scope Adding test coverage 0
CI pipeline templates (GHA / GitLab) hosting choice Setting up CI for a repo 0
Pattern compare a snippet Reviewing existing code 0

成本與限制

運行它的成本

API 配額
None
每次呼叫 Token 數
2-6k per session — moderate
費用
Free — skill is local
提示
Ask one focused question (testing / CI / layout) at a time.

安全

權限、密鑰、影響範圍

憑證儲存: No credentials in the skill. Any provider creds belong in your env, not the generated code.
資料出站: None from the skill itself

故障排查

常見錯誤與修復

Skill's suggestion conflicts with your org's style

Provide your .terraform-docs config and existing module as style anchors.

Recommended OIDC setup fails on assume-role

Check the trust policy's sub condition matches your branch/env.

替代方案

terraform-skill 對比其他方案

替代方案何時用它替代權衡
Terragrunt-first skillsYou're committed to TerragruntLess coverage here; Terragrunt workflows differ substantially
Cloud-provider-native IaC skills (aws-cdk, pulumi)You're not on Terraform/OpenTofuDifferent tool, different patterns

更多

資源

📖 閱讀 GitHub 上的官方 README

🐙 查看未解決的 issue

🔍 瀏覽全部 400+ MCP 伺服器和 Skills