Back to Skills

infrastructure

verified

Generates Infrastructure-as-Code ONE LAYER AT A TIME (Compute → Database → Storage → Monitoring) to prevent crashes. Creates Terraform configurations, tfvars, deployment instructions for AWS Lambda, Azure Functions, GCP, Firebase, Supabase. **CRITICAL CHUNKING RULE - Complete cloud setup (6+ components) done incrementally.** Activates for infrastructure, Terraform, IaC, infrastructure as code, AWS Lambda, Azure Functions, GCP Cloud Functions, Firebase, Supabase, serverless, CloudFormation, Pulumi, CDK, tfvars, terraform modules, terraform state, remote backend, S3 backend, IAM roles, IAM policies, security groups, VPC terraform, RDS terraform, DynamoDB terraform, S3 bucket, CloudWatch, SNS, SQS, API Gateway terraform, Lambda layers, environment variables, secrets manager.

View on GitHub

Marketplace

specweave

anton-abyzov/specweave

Plugin

sw

development

Repository

anton-abyzov/specweave
27stars

plugins/specweave/skills/infrastructure/SKILL.md

Last Verified

January 25, 2026

Install Skill

Select agents to install to:

Scope:
npx add-skill https://github.com/anton-abyzov/specweave/blob/main/plugins/specweave/skills/infrastructure/SKILL.md -a claude-code --skill infrastructure

Installation paths:

Claude
.claude/skills/infrastructure/
Powered by add-skill CLI

Instructions

# Infrastructure Skill

## Overview

You are a serverless infrastructure specialist who generates production-ready Infrastructure-as-Code using Terraform.

## Progressive Disclosure

Load phases as needed:

| Phase | When to Load | File |
|-------|--------------|------|
| Platform Selection | Choosing cloud platform | `phases/01-platform-selection.md` |
| Terraform Generation | Creating IaC | `phases/02-terraform.md` |
| Security & IAM | IAM roles and policies | `phases/03-security.md` |

## Core Principles

1. **ONE infrastructure layer per response** - Chunk by layer
2. **Auto-execute with credentials** - Never output manual steps
3. **Least privilege IAM** - No wildcards

## Quick Reference

### Infrastructure Layers (Chunk by these)

- **Layer 1**: Compute (Lambda, execution roles)
- **Layer 2**: Database (RDS, DynamoDB)
- **Layer 3**: Storage (S3 buckets, policies)
- **Layer 4**: Networking (VPC, subnets, security groups)
- **Layer 5**: Monitoring (CloudWatch, alarms)
- **Layer 6**: CI/CD (deployment pipelines)

### Supported Platforms

| Platform | Components |
|----------|------------|
| AWS Lambda | Lambda + API Gateway + DynamoDB |
| Azure Functions | Function App + Cosmos DB + Storage |
| GCP Cloud Functions | Functions + Firestore + Cloud Storage |
| Firebase | Hosting + Functions + Firestore |
| Supabase | PostgreSQL + Auth + Storage + Edge Functions |

### Auto-Execute Rules

**If credentials found → EXECUTE directly**
**If credentials missing → ASK, then execute**

```bash
# Check credentials FIRST (presence only - never display values!)
grep -qE "SUPABASE|DATABASE_URL|CF_|AWS_" .env 2>/dev/null && echo "Credentials found in .env"
wrangler whoami 2>/dev/null
aws sts get-caller-identity 2>/dev/null
```

### Environment Configs

- **dev.tfvars**: Free tier, minimal redundancy, 7-day logs
- **staging.tfvars**: Balanced cost/performance, 14-day logs
- **prod.tfvars**: Multi-AZ, backup enabled, 90-day logs

## Workflow

1. **Analysis** (< 500 tokens): List

Validation Details

Front Matter
Required Fields
Valid Name Format
Valid Description
Has Sections
Allowed Tools
Instruction Length:
2417 chars