terraform-patterns
by alirezarezvaniterraform-patterns is a Terraform IaC review skill for Cloud Architecture work, covering module design, remote state, provider setup, security hardening, policy-as-code, and CI/CD plan/apply workflows with helper scripts for module and security checks.
This skill scores 82/100, making it a solid listing candidate for directory users who want an agent to review, structure, or harden Terraform code with less guesswork than a generic prompt. It has clear activation cues, substantial Terraform workflow guidance, reference material, and helper scripts, though adoption would be easier with explicit install instructions and clearer limits for the scanners.
- Strong triggerability: the frontmatter and SKILL.md name concrete use cases such as Terraform review, module design, state backends, security audits, multi-region deployments, and IaC best practices.
- Good operational substance: SKILL.md is substantial and includes slash commands for review, module design, and security auditing, plus workflow-oriented guidance and code examples.
- Useful supporting materials: references cover module patterns and state management, and scripts provide actionable module analysis and security scanning entry points with usage examples.
- No install command or README is present in the skill path, so directory users may need to infer installation from the broader repository conventions.
- The bundled Python scanners appear regex/static-pattern based and include demo Terraform content, so they should be treated as lightweight assistants rather than authoritative Terraform validation or security tooling.
Overview of terraform-patterns skill
What terraform-patterns is for
terraform-patterns is an infrastructure-as-code skill for agents that need to review, design, or refactor Terraform with production-oriented conventions. It focuses on module structure, remote state, provider configuration, security hardening, policy-as-code, and CI/CD plan/apply workflows rather than basic Terraform syntax.
Use it when you want an AI assistant to reason like a Terraform reviewer or cloud architecture partner: identify risky HCL, propose cleaner module boundaries, improve variables and outputs, and explain state or security tradeoffs before changes reach production.
Best-fit users and Cloud Architecture work
The terraform-patterns skill is most useful for platform engineers, DevOps teams, SREs, cloud architects, and developers maintaining shared infrastructure modules. It fits AWS-heavy Terraform work especially well, while the state reference also covers GCS-style backend patterns for GCP.
For Cloud Architecture, the strongest use cases are designing reusable modules, planning multi-environment layouts, separating state by blast radius, reviewing IAM and network exposure, and converting ad hoc Terraform into a maintainable platform pattern.
What makes this skill different
Unlike a generic “review my Terraform” prompt, terraform-patterns includes explicit slash-command workflows and supporting material: references/module-patterns.md, references/state-management.md, scripts/tf_module_analyzer.py, and scripts/tf_security_scanner.py. That gives the agent concrete review criteria for file organization, variable/output coverage, backend design, secrets, open security groups, encryption gaps, and permissive IAM.
The skill is opinionated. That is a benefit when you need consistent infrastructure standards, but it also means you should provide your organization’s exceptions, provider constraints, and compliance requirements up front.
How to Use terraform-patterns skill
terraform-patterns install context
Install the skill from the repository path used by your agent environment. In a Claude Skills-style setup, a typical command is:
npx skills add alirezarezvani/claude-skills --skill terraform-patterns
The source lives under engineering/terraform-patterns/skills/terraform-patterns in alirezarezvani/claude-skills. After install, inspect SKILL.md first, then read the two references and decide whether to use the helper scripts locally before asking the agent for a final review.
terraform-patterns usage with slash commands
The skill exposes three practical entry points:
/terraform:reviewfor structure, maintainability, and Terraform anti-patterns./terraform:modulefor designing or refactoring reusable modules./terraform:securityfor secrets, IAM, networking, encryption, and sensitive variable checks.
A weak prompt is: “Review this Terraform.” A stronger prompt is: “Use /terraform:review on modules/vpc and envs/prod. We use AWS provider ~> 5.0, remote S3 state, separate prod/staging accounts, and require least-privilege IAM. Prioritize findings that could cause drift, state coupling, public exposure, or unsafe module interfaces.”
Inputs that improve output quality
Give the skill the same context a senior reviewer would ask for: provider and versions, cloud account model, environment layout, backend type, module tree, CI/CD flow, security constraints, and whether the task is greenfield design or refactor.
For module work, include intended consumers, required resources, naming/tagging rules, variable defaults, output expectations, and what must stay backward compatible. For security work, include whether public ingress is ever allowed, how secrets are managed, encryption requirements, and policy-as-code tools such as Sentinel or OPA.
Repository files to read first
Start with SKILL.md to understand activation patterns and slash commands. Then read references/module-patterns.md for flat modules, reusable modules, variables, outputs, locals, validation, and composition patterns. Read references/state-management.md before changing backends, workspaces, or environment separation.
If you can run local checks, try:
python scripts/tf_module_analyzer.py ./terraformpython scripts/tf_security_scanner.py ./terraform --strict
Use the script output as input to the agent; it makes terraform-patterns usage more grounded and reduces vague recommendations.
terraform-patterns skill FAQ
Is terraform-patterns good for beginners?
Yes, if the beginner already knows basic Terraform files and wants guided best practices. It is not a replacement for learning terraform init, plan, apply, providers, or resource syntax. It is better as a reviewer and pattern guide than as a first Terraform tutorial.
When should I not use terraform-patterns?
Do not use it as the sole authority for production changes, provider-specific edge cases, or compliance sign-off. Avoid using it for non-Terraform IaC unless you only need conceptual comparison. Also avoid applying generated backend or state migration advice without a manual migration plan and backups.
How does it compare with ordinary prompts?
Ordinary prompts can explain Terraform, but they often miss consistent module boundaries, state blast-radius concerns, variable validation, and security review checklists. The terraform-patterns skill gives the agent a narrower operating model and supporting references, which helps produce more actionable review comments and safer refactor plans.
Does it support multi-cloud Terraform?
The skill is not limited conceptually to one cloud, but the strongest concrete examples and scanner rules are AWS-oriented. GCP backend state patterns are included, and the design principles still apply across providers. For Azure, Kubernetes, or niche providers, include provider-specific constraints and ask the agent to separate general Terraform guidance from provider assumptions.
How to Improve terraform-patterns skill
Give terraform-patterns better architecture context
The most common failure mode is asking for a review without explaining the target architecture. State whether the code supports a single app, a shared platform, multiple accounts, multiple regions, regulated workloads, or ephemeral environments. This changes the correct answer for module granularity, state separation, provider aliases, IAM boundaries, and CI/CD approval gates.
Turn first-pass findings into an implementation plan
After the first output, ask the skill to rank findings by risk and effort: “Group issues into must-fix before apply, should-fix before merge, and backlog. For each must-fix item, show the exact files likely affected and a safe migration sequence.” This turns broad Terraform advice into a usable engineering plan.
Use scripts as evidence, not final truth
The included Python scripts are useful for quick scanning, but they are pattern-based helpers, not a full Terraform parser or cloud security platform. Feed their JSON or text output to the agent, then ask terraform-patterns to validate severity, remove false positives, and propose fixes that preserve module interfaces.
Provide constraints before requesting code
For better generated HCL, specify Terraform version, provider versions, backend, naming rules, tagging schema, allowed regions, secret manager, CI tool, and compatibility requirements. If you need a module, also provide example inputs and expected outputs. The clearer the contract, the more likely terraform-patterns will produce code that is reusable, secure, and practical to merge.
