- Home
- Skills
- Akin Ozer
- Cc Devops Skills
- Terraform Validator
terraform-validator_skill
- HCL
83
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill akin-ozer/cc-devops-skills --skill terraform-validator- SKILL.md18.0 KB
Overview
This skill is a comprehensive toolkit for validating, linting, testing, and automating Terraform and HCL configurations. It runs formatting, provider/module analysis, syntax validation, and security scans, then produces a cross-referenced report with remediation guidance. The workflow enforces a strict order of steps to ensure provider documentation is consulted and security references are cited before scanning.
How this skill works
The skill first extracts provider and resource metadata using a wrapper script, detecting both explicit and implicit providers. It looks up provider docs (Context7 preferred, WebSearch fallback) and requires reading security and best-practices references before running scans. It runs terraform fmt, init, validate, optional tflint, and a Checkov security scan via provided wrapper scripts, then maps findings back to the reference checklist and generates a citation-backed report.
When to use it
- Before committing Terraform changes to ensure formatting, syntax, and provider compatibility
- When auditing infrastructure-as-code for security misconfigurations and sensitive exposure
- When onboarding or troubleshooting modules and custom providers to gather provider guidance
- Prior to running CI/CD pipelines to generate a cross-referenced validation report
- When performing dry-run reviews using terraform plan to catch potential destructive changes
Best practices
- Always run the extract wrapper first to collect providers and detect implicit provider usage
- Read security_checklist.md and best_practices.md before running security scanners
- Apply terraform fmt -recursive to auto-fix formatting and include fmt checks in CI
- Use Context7 provider docs when available; fall back to registry search for utility providers
- If a tool is missing, inform the user, offer installation, and note skipped steps in the report
Example use cases
- Validate a repository of .tf and .tfvars files for syntax errors and provider mismatches
- Run automated security scans and receive findings cross-referenced to remediation patterns
- Format and lint modules across multiple environments before a release
- Detect implicit providers used by resource prefixes and include their documentation links
- Produce a CI-ready report that lists severity, affected files, and recommended fixes
FAQ
The skill falls back to WebSearch (registry.terraform.io) for provider docs and marks the report: 'Provider docs via WebSearch (not in Context7)'.
Are security scans run before reading reference guidance?
No. The workflow requires reading security_checklist.md and best_practices.md before any security scan so remediation patterns can be cited.
What happens if Checkov or tflint is missing?
The skill will prompt to install missing tools (using provided scripts when available). If the user declines, the tool is noted as skipped and the run continues with available checks.