8.9 KiB
DevOps IaC Engineer Skill for Claude
A comprehensive Claude skill designed to help DevOps teams implement infrastructure as code, manage cloud platforms, deploy containerized applications, and maintain reliable production systems.
Overview
This skill provides frameworks, templates, and best practices for:
- Terraform & IaC - Infrastructure as Code implementation patterns
- Kubernetes & Containers - Container orchestration and deployment
- Cloud Platforms - AWS, Azure, GCP architecture and services
- CI/CD Pipelines - GitOps, automated testing, and deployment
- Observability - Monitoring, logging, and tracing strategies
- Security - DevSecOps practices and compliance automation
- Ready-to-Use Templates - Production-ready configurations
File Structure
DevOps IaC Engineer/
├── SKILL.md # Main skill file with overview & core workflows
├── reference/
│ ├── terraform.md # Terraform best practices and patterns
│ ├── kubernetes.md # Kubernetes and container orchestration
│ ├── cloud_platforms.md # AWS, Azure, GCP guidance
│ ├── cicd.md # CI/CD pipelines and GitOps
│ ├── observability.md # Monitoring, logging, and tracing
│ ├── security.md # DevSecOps and compliance
│ └── templates.md # Ready-to-use templates
├── scripts/
│ └── devops_utils.py # Utility scripts for common DevOps tasks
├── examples/
│ ├── terraform/ # Example Terraform configurations
│ ├── kubernetes/ # Example Kubernetes manifests
│ └── pipelines/ # Example CI/CD pipelines
└── README.md # This file
Quick Start
1. For Infrastructure as Code
Start with SKILL.md → reference/terraform.md
- Use Terraform module templates for reusable infrastructure
- Implement remote state management with S3 + DynamoDB
- Follow security best practices for secrets and credentials
- Apply cost optimization patterns
2. For Kubernetes Deployments
reference/kubernetes.md → reference/templates.md
- Deploy production-ready workloads with health checks
- Implement autoscaling (HPA/VPA)
- Configure RBAC and network policies
- Use Helm charts for application packaging
3. For Cloud Architecture
- Design multi-tier architectures on AWS/Azure/GCP
- Implement high availability and disaster recovery
- Optimize costs with right-sizing and spot instances
- Follow Well-Architected Framework principles
4. For CI/CD Pipelines
- Implement GitOps workflows with ArgoCD or Flux
- Create automated testing pipelines
- Configure deployment strategies (blue/green, canary)
- Set up infrastructure validation and security scanning
5. For Observability
- Define SLIs, SLOs, and SLAs
- Implement structured logging with correlation IDs
- Set up distributed tracing
- Create actionable alerts and runbooks
6. For Security
- Implement least privilege access
- Automate security scanning and compliance checks
- Manage secrets with cloud-native solutions
- Apply zero-trust networking principles
Using the Utility Scripts
Generate Terraform Boilerplate
python scripts/devops_utils.py terraform init-project \
--name myproject \
--cloud aws \
--region us-east-1
Validate Kubernetes Manifests
python scripts/devops_utils.py k8s validate \
--file deployment.yaml \
--schema-version 1.28
Generate GitOps Structure
python scripts/devops_utils.py gitops init \
--tool argocd \
--environments dev,staging,prod
Key Concepts
Infrastructure as Code Principles
All infrastructure should be:
- Version Controlled: Track all changes in Git
- Declarative: Define desired state, not imperative steps
- Idempotent: Multiple runs produce same result
- Modular: Reusable components with clear interfaces
- Tested: Automated validation and security scanning
- Documented: Clear README and inline comments
DevOps Best Practices
This skill follows the DevOps best practices:
✓ Security First - Never hardcode credentials, use least privilege ✓ Immutable Infrastructure - Replace rather than modify ✓ GitOps Workflows - Git as single source of truth ✓ Observability Built-In - Logs, metrics, and traces from day one ✓ Cost Optimization - Right-size resources, use spot instances ✓ Disaster Recovery - Automated backups and tested failover ✓ CI/CD Automation - Automated testing and deployment ✓ Policy as Code - Automated compliance and governance
Customization Guide
For Your Organization
Before using this skill, customize:
-
Cloud Provider Standards (reference/cloud_platforms.md)
- Update with your organization's cloud accounts
- Add your naming conventions and tagging standards
- Include your cost allocation and budgeting approach
-
Security Requirements (reference/security.md)
- Define your compliance requirements (HIPAA, PCI-DSS, SOC2)
- Specify your secrets management solution
- Add your organization's security policies
-
Naming Conventions (Throughout all files)
- Replace generic names with your naming standards
- Use consistent environment names (dev, staging, prod)
- Include your resource tagging strategy
-
Observability Tools (reference/observability.md)
- Specify your monitoring stack (Prometheus, Datadog, New Relic)
- Define your logging solution (ELK, Splunk, CloudWatch)
- Add your alerting and on-call system
Common DevOps Workflows
Workflow: Deploy New Application
- Design architecture using reference/cloud_platforms.md
- Create infrastructure with reference/terraform.md
- Containerize application and deploy with reference/kubernetes.md
- Set up CI/CD pipeline using reference/cicd.md
- Implement monitoring with reference/observability.md
- Apply security controls from reference/security.md
Workflow: Cloud Migration
- Assess current architecture and dependencies
- Design target cloud architecture
- Create infrastructure as code modules
- Implement migration pipeline with testing
- Execute phased migration
- Validate and optimize
Workflow: Implement GitOps
- Set up Git repository structure
- Install ArgoCD or Flux in cluster
- Create application manifests and Helm charts
- Configure automated sync policies
- Implement progressive delivery
- Set up monitoring and alerts
Troubleshooting
Issue: Terraform state conflicts Solution: Use remote state with locking (S3 + DynamoDB), implement state file backups, check for concurrent runs
Issue: Kubernetes pods failing health checks Solution: Review pod logs, check resource limits, verify network policies, validate environment variables
Issue: High cloud costs Solution: Implement tagging strategy, use cost allocation tags, right-size resources, use spot instances, enable auto-scaling
Issue: Secrets exposed in Git Solution: Use git-secrets or trufflehog to scan, rotate exposed secrets immediately, implement SOPS or Sealed Secrets
Support & Questions
Each reference file includes:
- Best practices and proven patterns
- Common mistakes to avoid
- Production-ready examples
- Implementation guidance
For questions about specific topics:
- Terraform & IaC: See reference/terraform.md
- Kubernetes: See reference/kubernetes.md
- Cloud platforms: See reference/cloud_platforms.md
- CI/CD: See reference/cicd.md
- Observability: See reference/observability.md
- Security: See reference/security.md
Version History
- v1.0 - Initial release with core DevOps functions
- Terraform best practices and module patterns
- Kubernetes production-ready configurations
- Cloud platform guidance (AWS, Azure, GCP)
- CI/CD pipeline templates
- Observability frameworks
- DevSecOps practices
- Utility scripts for common tasks
License & Usage
This skill is designed for use with Claude AI. Adapt and customize for your organization's specific needs.
Last Updated: October 2025 Skill Version: 1.0 For Claude Models: Claude Opus 4.1, Claude Sonnet 4.5, Claude Haiku 4.5