Name: Aws Repo Scaffolder
Author: LongTheta

Scaffolds AWS infrastructure repos from architecture decisions or review findings. Bridges design/review → implementation.

When to Use

User has architecture design output and wants to start building
User has review findings and wants IaC scaffolding that addresses them
User says: "scaffold from this design", "generate Terraform from these findings", "build the repo"
Incremental fix mode: Existing repo with gaps; user wants patch-style fixes, not full rebuild

Input

Architecture summary (compute, data, networking, IAM)
infrastructure_config from solution-discovery (REQUIRED when available):
- tags: project, environment, owner, cost_center, data_classification, lifecycle_stage, custom_tags
- networking: vpc_cidr, az_count, cidr_constraints
- roles: CI, developer, auditor, platform admin
- region, enable_vpc_flow_logs
Recommended AWS services

Scaffolds AWS infrastructure repos from architecture decisions or review findings. Bridges design/review → implementation.

User has architecture design output and wants to start building
User has review findings and wants IaC scaffolding that addresses them
User says: "scaffold from this design", "generate Terraform from these findings", "build the repo"
Incremental fix mode: Existing repo with gaps; user wants patch-style fixes, not full rebuild

Architecture summary (compute, data, networking, IAM)
infrastructure_config from solution-discovery (REQUIRED when available):
- tags: project, environment, owner, cost_center, data_classification, lifecycle_stage, custom_tags
- networking: vpc_cidr, az_count, cidr_constraints
- roles: CI, developer, auditor, platform admin
- region, enable_vpc_flow_logs
Recommended AWS services

Component	Required	Purpose
VPC	✓	Network isolation
Public subnets	✓	ALB, NAT; tag `kubernetes.io/role/elb` for EKS
Private subnets	✓	Workloads, RDS; tag `kubernetes.io/role/internal-elb` for EKS
Route tables	✓	Public (IGW), private (NAT)
Internet Gateway	✓	Public egress
NAT Gateway	✓	Private subnet egress
Security groups	✓	RDS, ALB, EKS; least privilege, no 0.0.0.0/0 on DB
KMS keys	✓	Secrets Manager, RDS; customer-managed, rotation enabled
IAM / IRSA	✓	ESO, Load Balancer Controller, ECR push for CI
VPC Flow Logs	✓	Network audit (optional but recommended)

File	Purpose
`SKILL.md`	This file
`README.md`	Overview, usage
`scaffold-prompt.md`	Template prompt to paste
`example-input.md`	Sample architecture + findings input
`example-output.md`	Sample Terraform scaffolding