terraform-assist

Bring AI-assisted infrastructure-as-code to your Terraform workflow. terraform-assist generates modules, validates HCL syntax and best practices, runs plan/apply from Anvil, manages state, and recommends infrastructure patterns for AWS, GCP, Azure, and Hetzner — with security and cost optimization built in.

What It Does

terraform-assist covers the full Terraform lifecycle from authoring to operations:

• Module generation: Generate complete, opinionated Terraform modules from natural language descriptions
• HCL validation: Lint for syntax errors, deprecated resources, missing required arguments, and provider version pins
• Security analysis: Check for public S3 buckets, overly permissive IAM policies, unencrypted storage, open security groups, missing audit logging
• Cost estimation: Pre-apply cost estimates using Infracost integration
• Plan/Apply orchestration: Run terraform plan and terraform apply from Anvil with diff visualization
• State management: List, move, import, and remove state resources safely
• Drift detection: Compare live infrastructure against Terraform state
• Module discovery: Search and recommend modules from the Terraform Registry
• Variable extraction: Extract hardcoded values into variables with sensible defaults and validation blocks
• Documentation generation: Generate README, variable descriptions, and output documentation for modules

Installation

anvil plugin install terraform-assist

Usage

Generate an AWS VPC Module

/terraform generate "AWS VPC with public/private subnets, NAT gateway, VPN endpoint, Flow Logs to S3"

Generate a Hetzner Server

/terraform generate "Hetzner CX31 server in Nuremberg with Debian 12, firewall rules for SSH and HTTPS"

Validate Current Directory

/terraform validate

Security Audit

/terraform security-check

Run Plan

/terraform plan --var-file=production.tfvars

Apply with Auto-approve

/terraform apply --auto-approve --var-file=production.tfvars

Import Existing Resource

/terraform import aws_s3_bucket.logs my-logs-bucket-12345

List State Resources

/terraform state list

Configuration Options

Option	Description	Default
--dir	Terraform working directory	current directory
--backend	State backend: local, s3, gcs, azurerm, remote	local
--workspace	Terraform workspace	default
--var-file	Variable file path	terraform.tfvars
--parallelism	Max concurrent operations	10

Supported Providers

• AWS: EC2, VPC, RDS, S3, EKS, Lambda, IAM, CloudFront, Route53
• GCP: Compute, GKE, Cloud SQL, GCS, IAM, VPC, Cloud Run
• Azure: VMs, AKS, SQL, Storage, Key Vault, VNet, App Service
• Hetzner: Servers, Networks, Firewalls, Load Balancers, Volumes, Floating IPs

Requirements

• Terraform CLI v1.0+ installed and in PATH
• Provider credentials configured (AWS profile, GOOGLE_CREDENTIALS, etc.)
• Terraform working directory initialized (terraform init) or use /terraform init