← Back to list
iac-generator
by arbgjr
Sistema de desenvolvimento de software orientado por agentes de IA que automatiza e coordena todo o ciclo de vida do desenvolvimento.
⭐ 1🍴 0📅 Jan 25, 2026
Run in ManusSKILL.md
name: iac-generator description: | Gera codigo de infraestrutura baseado em arquitetura definida. Suporta Terraform, Bicep, e Kubernetes manifests. Use quando: criar infraestrutura, gerar IaC, configurar deploy. allowed-tools:
- Read
- Write
- Bash
- Glob
- WebFetch user-invocable: true
IaC Generator Skill
Proposito
Esta skill gera codigo de Infrastructure as Code seguindo melhores praticas.
Provedores Suportados
Azure
- Container Apps
- Azure Kubernetes Service (AKS)
- Azure SQL / PostgreSQL Flexible Server
- Key Vault
- Service Bus
- Application Insights
- Storage Account
- Virtual Network
AWS
- ECS/Fargate
- EKS
- RDS (PostgreSQL, MySQL)
- Secrets Manager
- SQS/SNS
- CloudWatch
- S3
- VPC
Kubernetes
- Deployments
- Services (ClusterIP, LoadBalancer, NodePort)
- ConfigMaps / Secrets
- Ingress / Gateway API
- NetworkPolicies
- PodSecurityStandards
- HorizontalPodAutoscaler
Comandos
/iac-init
Inicializa estrutura de IaC para o projeto:
/iac-init
Cria:
.agentic_sdlc/projects/{id}/iac/terraform/main.tf,variables.tf,outputs.tf,providers.tf.github/workflows/terraform.yml
/iac-module {provider} {resource}
Gera modulo Terraform para recurso especifico:
/iac-module azure container-app
/iac-module aws ecs-service
/iac-module k8s deployment
/iac-secure
Executa analise de seguranca em IaC:
/iac-secure
Executa:
- checkov scan
- tfsec scan
- Gera relatorio de findings
Templates
Azure Container App
# main.tf
resource "azurerm_container_app" "main" {
name = var.app_name
container_app_environment_id = azurerm_container_app_environment.main.id
resource_group_name = azurerm_resource_group.main.name
revision_mode = "Single"
template {
container {
name = "api"
image = var.container_image
cpu = var.cpu
memory = var.memory
dynamic "env" {
for_each = var.environment_variables
content {
name = env.key
secret_name = env.value.secret ? env.key : null
value = env.value.secret ? null : env.value.value
}
}
}
min_replicas = var.min_replicas
max_replicas = var.max_replicas
}
ingress {
allow_insecure_connections = false
external_enabled = var.external_ingress
target_port = var.target_port
transport = "http"
traffic_weight {
latest_revision = true
percentage = 100
}
}
identity {
type = "SystemAssigned"
}
tags = var.tags
}
Kubernetes Deployment
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.name }}
labels:
app: {{ .Values.name }}
spec:
replicas: {{ .Values.replicas }}
selector:
matchLabels:
app: {{ .Values.name }}
template:
metadata:
labels:
app: {{ .Values.name }}
spec:
containers:
- name: {{ .Values.name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
ports:
- containerPort: {{ .Values.port }}
resources:
limits:
cpu: {{ .Values.resources.limits.cpu }}
memory: {{ .Values.resources.limits.memory }}
requests:
cpu: {{ .Values.resources.requests.cpu }}
memory: {{ .Values.resources.requests.memory }}
envFrom:
- configMapRef:
name: {{ .Values.name }}-config
- secretRef:
name: {{ .Values.name }}-secrets
livenessProbe:
httpGet:
path: /health
port: {{ .Values.port }}
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /ready
port: {{ .Values.port }}
initialDelaySeconds: 5
periodSeconds: 10
Checklist de Seguranca
Antes de gerar IaC, verificar:
- Secrets via Key Vault / Secrets Manager (nunca hardcoded)
- Network isolation (VNets/VPCs com subnets privadas)
- TLS everywhere (HTTPS, encrypted connections)
- Least privilege RBAC (roles minimas necessarias)
- Audit logging habilitado
- Encryption at rest (databases, storage)
- Private endpoints onde possivel
- Backup configurado
- Tags de custo aplicadas
Integracao com SDLC
| Fase | Acao IaC |
|---|---|
| Fase 3 (Arquitetura) | Definir recursos necessarios |
| Fase 5 (Implementacao) | Gerar codigo IaC |
| Fase 6 (Qualidade) | Security scan de IaC |
| Fase 7 (Release) | Apply em staging/prod |
Workflow de Deploy
deploy_workflow:
1_plan:
- terraform init
- terraform plan -out=tfplan
- Revisar plan
2_apply_staging:
- terraform apply tfplan
- Verificar deploy
- Smoke tests
3_apply_production:
- Aprovacao humana
- terraform apply tfplan
- Monitorar metricas
- Rollback se necessario
CI/CD Pipeline
GitHub Actions workflow gerado automaticamente:
name: Terraform
on:
push:
branches: [main]
paths:
- '.agentic_sdlc/**/iac/**'
pull_request:
branches: [main]
paths:
- '.agentic_sdlc/**/iac/**'
jobs:
plan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: hashicorp/setup-terraform@v3
- run: terraform init
- run: terraform plan -no-color
continue-on-error: true
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Checkov
uses: bridgecrewio/checkov-action@master
with:
directory: .agentic_sdlc/projects/*/iac/terraform
Pontos de Pesquisa
Para templates atualizados:
- "terraform azure container apps module"
- "terraform aws ecs best practices"
- "kubernetes deployment security best practices"
Score
Total Score
70/100
Based on repository quality metrics
✓SKILL.md
SKILL.mdファイルが含まれている
+20
✓LICENSE
ライセンスが設定されている
+10
✓説明文
100文字以上の説明がある
+10
○人気
GitHub Stars 100以上
0/15
✓最近の活動
1ヶ月以内に更新
+10
○フォーク
10回以上フォークされている
0/5
○Issue管理
オープンIssueが50未満
0/5
✓言語
プログラミング言語が設定されている
+5
✓タグ
1つ以上のタグが設定されている
+5
Reviews
💬
Reviews coming soon
