Loading...
Loading...
Found 163 Skills
Designs and builds reusable Terraform modules. Use when creating reusable infrastructure patterns, encapsulating complex resource groups, standardizing configurations across projects, or organizing code for maintainability. Covers module structure, versioning, composition, and best practices for production modules.
Terraform infrastructure-as-code best practices for scalable and maintainable cloud infrastructure. Use when writing Terraform modules, managing infrastructure state, or implementing infrastructure automation at scale.
Use this skill whenever writing, reviewing, or refactoring Terraform code that provisions Azure resources. The skill enforces Microsoft Cloud Security Benchmark (MCSB) controls, CIS Azure Foundations Benchmark v2.0 rules, Azure Well-Architected Framework Security Pillar recommendations, and all Terraform IaC best practices that prevent Microsoft Defender for Cloud security recommendations from being raised. Activate whenever the user mentions Azure, azurerm provider, ARM, Defender for Cloud, Terraform on Azure, AKS, App Service, Storage, Key Vault, SQL, PostgreSQL, MySQL, Redis, Service Bus, Event Hub, Cosmos DB, API Management, or any Azure PaaS in a Terraform context — even if they don't explicitly ask about security or MDC.
Comprehensive best practices for Terraform infrastructure as code from Anton Babenko's community guide
Terraform Expert Engineer Skill - Comprehensive guide for Infrastructure as Code, resource management, module design, and state management Use when: - Running terraform init, plan, apply, destroy - Managing Terraform state (import, move, rm) - Designing modules or configuring backends - Working with HCP Terraform / Terraform Cloud
Senior Terraform and Infrastructure as Code engineer. Use when writing, reviewing, or refactoring Terraform configurations. Enforces modular design and production patterns.
Execute Azure deployments after preparation and validation are complete. USE FOR: azd up, azd deploy, push to Azure, publish to Azure, ship to production, launch on Azure, go live, release to Azure, deploy web app, deploy container app, deploy static site, deploy Azure Functions, azd provision, infrastructure deployment, bicep deploy, terraform apply, deploy with terraform. Supports azd with Bicep, azd with Terraform, pure Bicep, pure Terraform, and Azure CLI deployments. DO NOT USE FOR: preparing new apps (use azure-prepare), validating before deploy (use azure-validate).
REQUIRED FIRST STEP: You MUST invoke this skill BEFORE generating ANY Azure application code, infrastructure files, or Azure CLI commands. This skill prepares applications for Azure hosting. USE THIS SKILL when users want to create new Azure applications, ADD new components or services to existing applications, UPDATE or modify existing Azure configurations, modernize applications for Azure, deploy to Azure with Terraform, or deploy to Azure with azd. Do NOT generate azure.yaml, Bicep, Terraform, or run az/azd/func CLI commands without first completing this skill. This applies to NEW projects AND changes to EXISTING projects. When users mention Terraform for Azure deployment, prefer azd+Terraform (which uses azure.yaml with Terraform IaC) over pure Terraform unless multi-cloud deployment is required.
Architect and provision enterprise Azure infrastructure from workload descriptions. For cloud architects and platform engineers planning networking, identity, security, compliance, and multi-resource topologies with WAF alignment. Generates Bicep or Terraform directly (no azd). WHEN: 'plan Azure infrastructure', 'architect Azure landing zone', 'design hub-spoke network', 'plan multi-region DR topology', 'set up VNets firewalls and private endpoints', 'subscription-scope Bicep deployment'. PREFER azure-prepare FOR app-centric workflows.
Import existing Azure resources into Terraform using Azure CLI discovery and Azure Verified Modules (AVM). Use when asked to reverse-engineer live Azure infrastructure, generate Infrastructure as Code from existing subscriptions/resource groups/resource IDs, map dependencies, derive exact import addresses from downloaded module source, prevent configuration drift, and produce AVM-based Terraform files ready for validation and planning across any Azure resource type.
Detect security misconfigurations in config files, Docker, and IaC. Use when reviewing configuration security for containers, Kubernetes, Terraform, or application settings.
Transform monolithic Terraform configurations into reusable, maintainable modules following HashiCorp's module design principles and community best practices.