Use when the project has a config/daisy/ directory, daisy-iac in dependencies, or the user mentions Daisy, daisy manifests, daisy stacks, or deploying infrastructure with Daisy. Guides setup, manifest authoring, and CLI operations for the Daisy IaC toolkit.
Daisy is a Python IaC toolkit consumed as a git dependency. It manages GCP and AWS infrastructure through declarative JSON manifests in config/daisy/.
If this project does not yet use Daisy:
daisy-iac as a dev dependency group (NOT a main dependency — it's a CLI tool, not a runtime library):
[dependency-groups]
dev = ["daisy-iac @ git+https://github.com/AmwayCommon/DS-DAISY.git"]
[project.dependencies]. It requires git to install (git dependency) and will break Docker builds that don't have git. Your app does not import daisy-iac at runtime. Use [dependency-groups] dev, NOT [project.optional-dependencies] — they are different things in uv.uv sync --devconfig/daisy/stacks.json — defines environments (dev, test, prod)config/daisy/{stack}.manifest.json per stack — defines desired infrastructure.daisy to .gitignore (tracks active stack locally)Read reference.md in this skill directory for stacks.json schema, manifest format, resource types, and examples.
When Daisy is updated in DS-DAISY (new features, bug fixes), consuming projects need to pull the latest version:
uv lock --upgrade-package daisy-iac
uv.lock with the new git SHAuv sync --dev
uv run daisy --help
git add uv.lock && git commit -m "chore: update daisy-iac dependency"When to update:
All commands run via uv run daisy from the project root.
Stack management:
daisy stack list — list available stacksdaisy stack select <name> — set active stack (writes .daisy)daisy stack show — display active stack configInfrastructure operations:
daisy plan [-s STACK] — preview changes (dry run)daisy apply [-s STACK] [--yes] — apply changes to clouddaisy deploy [-s STACK] [--yes] — build container via Cloud Build + apply (Cloud Run projects)daisy destroy [-s STACK] [--yes] — tear down all resources in reverse dependency orderdaisy status [-s STACK] — show current cloud resource stateFlags: --stack/-s overrides active stack. --yes/-y skips confirmation. --verbose/-v enables debug logging.
Deploy flow (Cloud Run projects):
daisy deploy orchestrates a complete three-step deployment:
This works for both initial bootstrap and subsequent deployments — no manual resource pre-creation needed. Daisy is fully self-sufficient.
Ensure required env vars are in the manifest's Cloud Run config before deploying — use env_vars for plain values and secret_env_vars for Secret Manager references. The container must start successfully or Cloud Run will reject it. When using secret_env_vars, the service account needs roles/secretmanager.secretAccessor via a gcp:iam:binding resource.
For manifest format, resource types, interpolation syntax, and starter examples, read reference.md in this skill directory.
config/daisy/ has a full stack with ALB, Cloud Armor, Cloud Run, IAM, and Route 53CLAUDE.md documents core components, resource patterns, and provider internals