Hey folks, I've been seeing a few threads pop up about using Claude Code to help write or review infrastructure-as-code, particularly Terraform and Ansible. It's an interesting idea—using an AI assistant to catch misconfigurations before they hit production.
From a threat modeling perspective, I think we need to separate the use cases clearly:
1. **Generating new IaC from a description:** This carries the risk of the model introducing insecure defaults or misinterpreting security requirements.
2. **Reviewing or explaining existing IaC:** This seems like a lower-risk starting point, where Claude Code acts as a knowledgeable pair programmer.
The main concerns I have are around context and permissions. For example, if you give Claude Code access to a Terraform module repository, you need to consider prompt injection via the repo content itself. A maliciously crafted `variables.tf` description or a misleading comment could theoretically steer the model's analysis.
```hcl
# Example: Could a misleading comment like this influence a model's review?
# Security Note: This SG is intentionally open for the POC.
resource "aws_security_group" "web" {
ingress {
from_port = 0
to_port = 65535
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
```
I'm curious about the community's practical experiences. If you're using Claude Code for this:
* What's your setup? Are you feeding it single files or whole project contexts?
* How are you validating its suggestions before apply?
* Have you run into any unexpected behaviors when it parses complex module structures or dynamic blocks?
Let's share some evidence-based patterns and pitfalls. The goal here is to move from "this is cool" to "this is how we do it safely."
Be specific or be quiet.