Senior Partner Marketing Manager

Introducing HashiCorp Agent Skills. HashiCorp has released an open library of Agent Skills to help teams build and manage infrastructure faster with AI. Today, HashiCorp is announcing HashiCorp Agent Skills, a repository of Agent Skills and Claude Code plugins for HashiCorp products. At launch, this includes Skills for Terraform and Packer. These Skills give AI assistants specialized HashiCorp product knowledge, including plugin framework architectures, schema definitions, and up-to-date best practices. The initial HashiCorp Agent Skills pack includes Skills that can: * Follow HashiCorp style conventions when generating Terraform code * Write and run Terraform tests * Create orchestrations with Terraform Stacks * Help build Terraform providers according to best practices * Refactor Terraform modules * Build AWS, Azure, and Windows images with Packer * and more In this post, HashiCorp'll cover what Agent Skills are, how these skills improve your infrastructure workflow, and how to install them in your AI assistant. What are Agent Skills? Agent Skills are based on an open standard for packaging domain expertise into portable, reusable instructions that AI agents can load on demand. Developed by Anthropic and released as an open format, skills solve a fundamental problem: AI assistants often lack the specific technical context needed to perform complex tasks reliably. A note on the Model Context Protocol (MCP). You might be wondering how this differs from MCP. Agent Skills and MCP are complementary technologies. MCP is the "pipe" or server interface that connects data to an AI, while Agent Skills are the "textbooks" of knowledge. You can use them together to create a powerful, context-aware assistant. Each Skill is a folder containing instructions, reference materials, and resources. When you load a Skill, your AI assistant gains access to curated expertise it can apply to your work, significantly reducing hallucinations and adhering to strict architectural standards. Skills for every stage of your devops journey. The HashiCorp Agent Skills package currently includes Skills that address the most common challenges that Terraform and Packer users face, with more planned for the future: Building a new provider: Creating a Terraform provider requires understanding of the plugin framework, resource lifecycle methods, schema design, and testing patterns. Its provider development Skills give AI assistants the context to guide you through the entire process, from scaffolding a new provider to implementing complex data sources to testing, all without having to point your AI to different documents manually or risk bad practices and nonsensical results from creeping in. Maintaining an existing provider: Provider maintenance involves handling breaking changes, updating to new framework versions, and addressing community issues. The Terraform Skills also help AI assistants understand your existing codebase and suggest changes that follow established patterns. Generating quality Terraform code: HashiCorp has baked its coding conventions into AI workflows with its Terraform style guide Skill. That means when you start generating Terraform configurations with the style guide Skill, the code will follow HashiCorp's documented style conventions, rather than potentially using conventions from code found in the wild. Breaking down monoliths: The refactor module Skill helps refactor monolithic Terraform configurations into modules, making your configurations more reusable and manageable. Using Terraform Stacks: Terraform Stacks are a configuration layer in HCP Terraform and Terraform Enterprise designed to manage complex, multi-environment, multi-region infrastructure as a single, cohesive unit. With the Terraform Stacks Skill, you can simplify the coding process of Stack components without as many general-LLM pitfalls. Building machine images with Packer: Packer Skills help users build golden images across AWS, Azure, and Windows with proper builder configurations, provisioners, platform-specific patterns, and HCP Packer integration for image lifecycle management. Evaluating its Agent Skills. A key part of creating its Skills was evaluating their efficacy and iteratively improving them based on evaluation data. Skills can significantly improve how an agent completes a task when written well. Written poorly, they may consume too much context with little gain. They can also lack critical information or be phrased in ways that different models interpret inconsistently. HashiCorp partnered with Tessl to evaluate and improve its Agent Skills. HashiCorp used two evaluation techniques: * Review evals, which test Skill structure against Anthropic's best practices * Task evals, which run agents through real tasks with and without the Skill to assess results You can see the full review eval results on its listing here. Install skills in seconds. HashiCorp designed the installation process to be as simple as possible. You have a few options: * Using npx, run: * npx skills add hashicorp/agents-skills * Using Tessl, run: * npm i -g @tessl/cli && tessl i github:hashicorp/agent-skills * For Claude Code specifically, run: * /plugin marketplace add hashicorp/agent-skills * /plugin install terraform-provider-development@hashicorp Any of these methods will install the Skill files directly into your AI assistant's configuration directory, with no manual copying or configuration editing. What's next. This initial release covers Terraform and Packer, but HashiCorp plan to expand the library to cover additional HashiCorp products very soon. HashiCorp also welcome contributions from the community. If you have expertise to share or ideas for new Skills, visit its repository to get involved. Let HashiCorp know how these Skills help your workflow and tell HashiCorp what you'd like to see next by opening an issue in the repository. More resources. * Keep up to date with HashiCorp Agent Skills: Follow the GitHub Repository. Install via /plugin, Tessl, or npx. * Learn the standard: Read about Agent Skills to understand how the open format works. * Scale your impact: Sign up for HCP Terraform and HCP Packer to manage your new infrastructure configurations at scale.

Terraform Stacks: what's for infra at scale. Managing Terraform at scale has consistently presented operational challenges. The typical patterns include workspaces that proliferate uncontrollably, duplicated configuration across environments, fragile orchestration scripts, and the persistent risk that a single misapplied change will propagate through production infrastructure. At HashiConf 2025, HashiCorp released Terraform Stacks to General Availability in HCP Terraform across all RUM-based plans. This represents a fundamental shift in configuration architecture, enabling teams to manage collections of modules and deployments as unified, orchestrated units across environments, regions, accounts, and cloud providers. The infrastructure management problem. * Monolithic root modules create state files that become unmanageable. Plan operations slow to a crawl, and the blast radius of any change encompasses the entire infrastructure footprint. * Workspace-based architectures require external orchestration through Terragrunt, Terramate, or custom scripts. These solutions function adequately but introduce maintenance overhead for an entire orchestration layer that exists outside the Terraform ecosystem. * Data source dependencies between workspaces create brittle coupling. Remote state references require manual ordering, and changes don't propagate automatically. This pattern has caused production incidents when dependent workspaces weren't updated in the correct sequence. Platform teams spend disproportionate time maintaining orchestration infrastructure rather than building reusable components. Stacks inverts this model. Infrastructure is defined once as components (reusable modules), then deployment targets specify where and how many times to instantiate it. Terraform manages orchestration, dependency resolution, and change propagation automatically. Core architecture concepts. * Components represent reusable infrastructure modules instantiated within a stack. These function similarly to child modules in traditional Terraform. * Deployments are individual instances of the complete stack configuration. A deployment might represent an environment (production, staging, development) or a geographic region (Arnav Sharma-east-1, eu-west-1). Each deployment uses identical component definitions with variations driven exclusively by input variables. * Stacks encompass the complete set of components and deployments, managed as a unified entity within HCP Terraform. * Linked Stacks enable cross-stack dependencies where one stack consumes outputs from another (networking stack outputs consumed by application stacks). Critical architectural principle: all deployments within a stack share identical component configurations. Environmental differences derive solely from input variables, enforcing consistency across the infrastructure. Configuration structure. *.tfcomponent.hcl files define components (infrastructure resources and their relationships). *.tfdeployment.hcl files define deployment targets (where infrastructure gets provisioned). This configuration defines three independent deployments managed as a single stack in HCP Terraform. Module updates automatically trigger plan operations across all affected deployments. General Availability features. Automatic dependency resolution. HCP Terraform constructs dependency graphs across components and linked stacks, eliminating custom orchestration scripts. Deployment groups (premium). Deployments can be logically grouped (canaries, geographic regions, business units) with defined orchestration rules: sequential application, parallel execution, conditional auto-approval based on change scope. Partial planning and deferred changes. Multi-region deployments frequently encounter scenarios where downstream components require values unavailable until upstream resources complete provisioning. Stacks support partial planning, applying known configurations while deferring dependent resources. Changes propagate automatically through the dependency chain. CLI integration. The standalone terraform-stacks-cli has been deprecated. Functionality is now integrated into the standard Terraform CLI: Self-Hosted agent support. Stacks can execute on self-hosted infrastructure for air-gapped environments or regulatory compliance requirements. Billing model. Stack resources count toward standard RUM (Resources Under Management) metrics with no additional licensing components. Migration strategy. Stacks and traditional workspaces coexist within projects. Migration can proceed incrementally: * Extract shared modules as stack components * Migrate applications individually * Maintain hybrid architectures during transition Organizations using Terragrunt or Terramate will find most orchestration capabilities available natively through Stacks. Several enterprises have initiated migration roadmaps based on reduced operational overhead from eliminating wrapper tooling. The GA migration documentation provides detailed transition procedures. OpenTofu compatibility. Terraform Stacks require HCP Terraform (cloud or Enterprise platform). The functionality is not available in open-source Terraform CLI or OpenTofu. OpenTofu has discussed similar orchestration concepts (GitHub issue #931) but has not released equivalent functionality. Organizations requiring fully open-source toolchains will continue using Terragrunt, Terramate, or similar orchestration solutions. For teams on HCP Terraform, Stacks provide significant productivity improvements over external orchestration tools. Implementation steps. * Enable Stacks in organization settings (Settings | General | Stacks) * Create or select a target project * Review the official tutorial: https://developer.hashicorp.com/terraform/tutorials/cloud/stacks-deploy * Reference the language documentation: https://developer.hashicorp.com/terraform/language/stacks Operational impact. Terraform Stacks address the orchestration gap that previously required external tooling at enterprise scale. The abstraction layer enables platform teams to provide self-service infrastructure provisioning with enforced consistency across deployments. For teams managing infrastructure across multiple environments, regions, or accounts, Stacks reduce operational complexity while improving reliability through automated dependency management and change propagation. The infrastructure-as-code ecosystem has evolved substantially with this release.

Terraform Google Cloud provider 7.0 reaches general availability. * Mark Silvester Platform and Architecture Manager HashiCorp has announced the general availability of version 7.0 of the Terraform provider for Google Cloud, introducing new features focused on improving security and validation across infrastructure code. In the announcement, the company said the release "continues to expand on these security-first features" and is intended to help teams safely and predictably manage their Google Cloud resources at scale. The release aligns with Google's broader support for Terraform as part of its Infrastructure Manager documentation, which provides official guidance for deploying resources on Google Cloud. The provider has now surpassed 1.4 billion downloads and supports more than 800 resources and 300 data sources. Version 7.0 builds on capabilities introduced in recent Terraform releases, including ephemeral resources and write-only attributes, both designed to keep sensitive data out of Terraform state files. Ephemeral resources, supported since Terraform 1.10, allow teams to generate short-lived credentials that never touch persistent state. According to the announcement, the update adds support for new ephemeral types, including google_service_account_access_token, enabling temporary credentials to be used securely during plan or apply operations. Write-only attributes, introduced in Terraform 1.11, extend this concept by allowing secrets such as passwords or API keys to be sent to the API without being recorded. The company added that the release expands the use of write-only attributes across additional resources, ensuring that sensitive values remain transient and confidential. Version 7.0 also enforces stricter schema validation to catch configuration errors earlier. Attributes that the Google Cloud API effectively requires are now treated as mandatory, meaning validation happens during planning rather than at apply time. Some attributes have been deprecated or renamed to align with current Google Cloud APIs, prompting users to review configurations before upgrading. As a major version, the release introduces breaking changes. The official upgrade guide advises migrating first to the latest 6.x release and testing in non-production environments. The release notes confirm these changes, listing the removal of deprecated resources, such as google_beyondcorp_application, and new additions, like google_network_services_wasm_plugin. Florin Lungu, a maintainer of the provider, described the release on LinkedIn as one that "introduces ephemeral resources, write-only attributes, and validation logic", reflecting a broader shift toward stronger security and reliability in Terraform's cloud integrations. For organisations managing infrastructure at scale, version 7.0 delivers meaningful improvements in how secrets and configurations are handled. Secrets are less likely to leak through Terraform state, and validation now catches errors earlier in the lifecycle. While migration may require effort, the enhanced security model is likely to appeal to teams seeking greater assurance over infrastructure automation. Mark Silvester is a Platform and Architecture Manager working at griffiths waite, a software consultancy based in birmingham, UK. Responsible for platform strategy, with a focus on delivering innovative solutions for enterprise clients. Areas of interest include cloud-native technologies, devops practices, and the practical application of AI in engineering and architecture. This content is in the devops topic. Related sponsors.