terraform-style-guide_skill

This skill helps you generate Terraform configurations following HashiCorp style, ensuring proper structure, naming, and security best practices.
  • Shell
  • Official

196

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill hashicorp/agent-skills --skill terraform-style-guide

  • SKILL.md7.3 KB

Overview

This skill generates Terraform HCL that follows HashiCorp’s official style conventions and recommended best practices. It produces well-organized files, consistent formatting, secure defaults, and sensible naming so configurations are easy to review, reuse, and maintain. Use it when creating, reviewing, or automating Terraform code to ensure policy-aligned output.

How this skill works

The skill outputs Terraform code organized into standard files (terraform.tf, providers.tf, main.tf, variables.tf, outputs.tf, locals.tf) and follows a generation strategy: provider/version constraints first, then data sources, resources by dependency, variables for configurable values, and outputs for key attributes. It enforces formatting rules (two-space indentation, aligned equals), block ordering, naming conventions, and security hardening like encryption, private networking, and no hardcoded secrets.

When to use it

  • Scaffolding a new Terraform module or project
  • Automating infrastructure generation from templates or inputs
  • Reviewing or refactoring existing Terraform code to match style guidelines
  • Generating examples or documentation-ready HCL
  • Enforcing team-wide style and security standards during CI/CD pipelines

Best practices

  • Start with terraform and provider version constraints and pin providers appropriately
  • Organize files by responsibility: providers, variables (alphabetical), locals, main, outputs (alphabetical)
  • Use descriptive, lowercase_with_underscores names for resources and variables
  • Declare type and description for every variable; mark sensitive values with sensitive = true
  • Prefer for_each for multiple named resources and use count only for simple conditional creation
  • Run terraform fmt -recursive and terraform validate, and use tflint / checkov / tfsec for additional checks

Example use cases

  • Generate a new AWS VPC module with variables, locals, secure S3 bucket, and outputs
  • Convert an ad-hoc set of resources into a cleanly organized repository with pinned versions and provider blocks
  • Produce CI-ready Terraform artifacts that pass formatting and validation before merge
  • Create infrastructure examples for documentation that follow naming, formatting, and security rules
  • Automate multi-region provider configuration with aliased providers and clear defaults

FAQ

No. It never hardcodes credentials and marks sensitive outputs/variables with sensitive = true; secrets should be passed via secure mechanisms like environment variables or secret managers.

How does it choose between count and for_each?

It prefers for_each for creating multiple named resources to preserve identity and uses count only for simple conditional creation (0 or 1) per the style guide.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
terraform-style-guide skill by hashicorp/agent-skills | VeilStrat