Terraform and OpenTofu best-practices skill for AI coding agents (Claude Code, Cursor, Copilot, Gemini CLI, OpenCode, Codex, and others). Covers testing strategies, module patterns, CI/CD workflows, and production infrastructure code.
Testing frameworks
- Decision matrix for native tests vs Terratest
- Testing workflows (static, integration, E2E)
- Examples and patterns
Module development
- Structure and naming conventions
- Versioning strategies
- Public vs private module patterns
State management
- Remote backends (S3, Azure, GCS, Terraform Cloud)
- Locking and security
- Multi-team state isolation
- Migration and recovery procedures
CI/CD integration
- GitHub Actions workflows
- GitLab CI examples
- Cost optimization
- Compliance automation
Security and compliance
- Trivy and Checkov integration
- Policy-as-code patterns
- Compliance scanning workflows
Quick reference
- Decision flowcharts
- Common patterns (DO vs DON'T)
- Cheat sheets
This plugin is distributed via Claude Code marketplace using .claude-plugin/marketplace.json.
Universal installer via skills.sh — works with any Agent Skills-compatible tool:
npx skills add https://github.com/antonbabenko/terraform-skillClaude Code
/plugin marketplace add antonbabenko/terraform-skill
/plugin install terraform-skill@antonbabenkoGemini CLI
gemini extensions install https://github.com/antonbabenko/terraform-skillUpdate with gemini extensions update terraform-skill.
Cursor
git clone https://github.com/antonbabenko/terraform-skill.git ~/.cursor/skills/terraform-skillCursor auto-discovers skills from .agents/skills/ and .cursor/skills/.
Copilot
/plugin install https://github.com/antonbabenko/terraform-skill
# or
git clone https://github.com/antonbabenko/terraform-skill.git ~/.copilot/skills/terraform-skillCopilot auto-discovers skills from .copilot/skills/.
OpenCode
git clone https://github.com/antonbabenko/terraform-skill.git ~/.agents/skills/terraform-skillOpenCode auto-discovers skills from .agents/skills/, .opencode/skills/, and .claude/skills/.
Codex (OpenAI)
git clone https://github.com/antonbabenko/terraform-skill.git ~/.agents/skills/terraform-skillCodex auto-discovers skills from ~/.agents/skills/ and .agents/skills/. Update with cd ~/.agents/skills/terraform-skill && git pull.
Antigravity
git clone https://github.com/antonbabenko/terraform-skill.git ~/.antigravity/skills/terraform-skillUpdate with cd ~/.antigravity/skills/terraform-skill && git pull.
Manual (symlink local clone)
git clone https://github.com/antonbabenko/terraform-skill
mkdir -p ~/.claude/plugins
ln -s "$(pwd)/terraform-skill" ~/.claude/plugins/terraform-skillClaude Code autodiscovers the skill at skills/terraform-skill/SKILL.md on next launch. Edits to the clone are picked up live.
After installation, try:
"Create a Terraform module with testing for an S3 bucket"
Claude picks up the skill automatically when working with Terraform or OpenTofu code.
Create a module with tests:
"Create a Terraform module for AWS VPC with native tests"
Set up remote state:
"Configure S3 backend with DynamoDB locking for Terraform state"
Review existing code:
"Review this Terraform configuration following best practices"
Generate CI/CD workflow:
"Create a GitHub Actions workflow for Terraform with cost estimation"
Testing strategy:
"Help me choose between native tests and Terratest for my modules"
State management:
"How should I organize state files for a multi-team environment?"
Decision matrices for native tests (Terraform 1.6+) vs Terratest (Go-based), plus multi-environment testing patterns.
Naming conventions (terraform-<PROVIDER>-<NAME>), directory structure, input/output design, version constraints, and documentation standards.
GitHub Actions, GitLab CI, Atlantis, Infracost cost estimation, Trivy/Checkov scanning, and compliance checks.
Static analysis, policy-as-code, secrets management, state file security, backend encryption, and compliance scanning workflows.
Side-by-side DO vs DON'T examples for variable naming, resource naming, module composition, state management, and provider configuration.
Sources:
- Patterns from terraform-best-practices.com
- Approaches used across the terraform-aws-modules collection
- AWS Hero experience with enterprise IaC
Version-specific guidance:
- Terraform 1.0+ features
- OpenTofu 1.6+ compatibility
- Native test framework (1.6+)
- Current tooling ecosystem (2024-2026)
Decision frameworks: not just "what to do" but "when and why".
- An AI agent with skill support: Claude Code, Cursor, Copilot, Gemini CLI, OpenCode, Codex, or any Agent Skills-compatible host
- Terraform 1.0+ or OpenTofu 1.6+
- Optional: Terraform MCP server for registry integration
See CLAUDE.md for skill development guidelines, content structure, how to propose improvements, and the validation approach.
Report bugs or request features via GitHub Issues.
- Terraform Language
- Terraform Testing - native test framework
- OpenTofu Documentation
- HashiCorp Recommended Practices
- Terraform compliance-as-code docs - Compliance frameworks, controls, implementation guides, remediations, etc
- Awesome Terraform
- Awesome Terraform Compliance
- Terraform Best Practices - the guide this skill is based on
- terraform-aws-modules - AWS modules collection
- Terratest - Go testing framework for Terraform
- Google Cloud Best Practices
- AWS Terraform Best Practices
- pre-commit-terraform - pre-commit hooks for Terraform
- terraform-docs - generate documentation from modules
- terraform-switcher - Terraform version manager
- TFLint - Terraform linter
- Trivy - IaC security scanner
Apache 2.0