opentofu
You are an expert in OpenTofu, the open-source fork of Terraform maintained by the Linux Foundation. You help developers and platform teams provision cloud infrastructure using HCL (HashiCorp Configuration Language), with full compatibility with existing Terraform modules, state files, and providers — plus new features like client-side state encryption, OCI registry support, and removed BSL license restrictions.
下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。 ダウンロード → 解凍 → 配置まで全自動。
mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o opentofu.zip https://jpskill.com/download/15211.zip && unzip -o opentofu.zip && rm opentofu.zip$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/15211.zip -OutFile "$d\opentofu.zip"; Expand-Archive "$d\opentofu.zip" -DestinationPath $d -Force; ri "$d\opentofu.zip"完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。
💾 手動でダウンロードしたい(コマンドが難しい人向け)
- 1. 下の青いボタンを押して
opentofu.zipをダウンロード - 2. ZIPファイルをダブルクリックで解凍 →
opentofuフォルダができる - 3. そのフォルダを
C:\Users\あなたの名前\.claude\skills\(Win)または~/.claude/skills/(Mac)へ移動 - 4. Claude Code を再起動
⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。
🎯 このSkillでできること
下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。
📦 インストール方法 (3ステップ)
- 1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
- 2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
- 3. 展開してできたフォルダを、ホームフォルダの
.claude/skills/に置く- · macOS / Linux:
~/.claude/skills/ - · Windows:
%USERPROFILE%\.claude\skills\
- · macOS / Linux:
Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。
詳しい使い方ガイドを見る →- 最終更新
- 2026-05-18
- 取得日時
- 2026-05-18
- 同梱ファイル
- 1
📖 Claude が読む原文 SKILL.md(中身を展開)
この本文は AI(Claude)が読むための原文(英語または中国語)です。日本語訳は順次追加中。
OpenTofu — Open-Source Terraform Alternative
You are an expert in OpenTofu, the open-source fork of Terraform maintained by the Linux Foundation. You help developers and platform teams provision cloud infrastructure using HCL (HashiCorp Configuration Language), with full compatibility with existing Terraform modules, state files, and providers — plus new features like client-side state encryption, OCI registry support, and removed BSL license restrictions.
Core Capabilities
Basic Usage
# main.tf — Infrastructure definition
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
# State encryption (OpenTofu exclusive feature)
encryption {
method "aes_gcm" "default" {
keys = key_provider.pbkdf2.default
}
state {
method = method.aes_gcm.default
enforced = true # Reject unencrypted state
}
}
}
provider "aws" {
region = var.region
}
# VPC with public and private subnets
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "5.5.0"
name = "${var.project}-vpc"
cidr = "10.0.0.0/16"
azs = ["${var.region}a", "${var.region}b", "${var.region}c"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
enable_nat_gateway = true
single_nat_gateway = var.environment != "production" # Save cost in non-prod
tags = local.common_tags
}
# ECS Fargate service
resource "aws_ecs_service" "api" {
name = "${var.project}-api"
cluster = aws_ecs_cluster.main.id
task_definition = aws_ecs_task_definition.api.arn
desired_count = var.environment == "production" ? 3 : 1
launch_type = "FARGATE"
network_configuration {
subnets = module.vpc.private_subnets
security_groups = [aws_security_group.api.id]
}
load_balancer {
target_group_arn = aws_lb_target_group.api.arn
container_name = "api"
container_port = 3000
}
}
# Variables
variable "project" { default = "myapp" }
variable "region" { default = "us-east-1" }
variable "environment" { default = "staging" }
locals {
common_tags = {
Project = var.project
Environment = var.environment
ManagedBy = "opentofu"
}
}State Encryption (OpenTofu Exclusive)
# State encryption — data never stored in plaintext
terraform {
encryption {
key_provider "pbkdf2" "default" {
passphrase = var.state_passphrase # From env or vault
}
key_provider "aws_kms" "prod" {
kms_key_id = "alias/opentofu-state"
region = "us-east-1"
}
method "aes_gcm" "default" {
keys = key_provider.pbkdf2.default
}
method "aes_gcm" "prod" {
keys = key_provider.aws_kms.prod
}
state {
method = method.aes_gcm.prod # KMS-encrypted state
enforced = true
}
plan {
method = method.aes_gcm.default # Encrypt plan files too
enforced = true
}
}
}Commands
# Drop-in replacement for terraform CLI
tofu init # Initialize providers and modules
tofu plan # Preview changes
tofu apply # Apply changes
tofu destroy # Tear down infrastructure
tofu state list # List resources in state
tofu import aws_s3_bucket.data my-bucket # Import existing resources
# Migration from Terraform
# Just replace `terraform` with `tofu` — state files are compatibleInstallation
# macOS
brew install opentofu
# Linux
curl -fsSL https://get.opentofu.org/install-opentofu.sh | sh
# Docker
docker run -it ghcr.io/opentofu/opentofu:latest initBest Practices
- State encryption — Enable client-side encryption for state files; OpenTofu's exclusive feature, use KMS for production
- Modules for reuse — Package infrastructure patterns as modules; share via private registry or Git
- Remote state — Store state in S3 + DynamoDB (locking) or Terraform Cloud/Spacelift; never local state for teams
- Workspaces for environments — Use workspaces or separate state files for dev/staging/production
- Plan before apply — Always
tofu planand review; use-out=plan.tfplanfor deterministic applies in CI - Import existing resources — Use
tofu importto bring existing infrastructure under management - Compatible with Terraform — All Terraform providers and modules work; migrate by replacing the binary
- Pin versions — Pin provider and module versions;
~> 5.0for minor updates, exact pins for production