What cloud providers are supported by this skill?

This skill specifically provides hardening patterns for AWS and Kubernetes environments, focusing on CIS benchmarks and secure configuration.

Can this skill help manage sensitive credentials?

Yes, it provides implementation examples for using the External Secrets Operator to sync secrets from AWS Secrets Manager into Kubernetes securely.

Does it help with Kubernetes Pod Security?

Yes, it includes patterns for implementing secure Pod Security Contexts, such as running as non-root, disabling privilege escalation, and using read-only root filesystems.

Which security scanners does this skill help me use?

The skill provides guidance and commands for Trivy (containers), tfsec and Checkov (IaC), and kubesec (Kubernetes manifests).

Infrastructure Security Hardening

Name: Infrastructure Security Hardening
Author: timequity

bytimequity

セキュリティとテスト

Hardens cloud infrastructure and Kubernetes environments using CIS benchmarks, secure configuration patterns, and automated vulnerability scanning.

概要

The Infrastructure Security Hardening skill provides Claude with domain-specific knowledge to secure cloud deployments and containerized workloads. It offers implementation patterns for AWS CIS benchmarks, Kubernetes pod security contexts, and network policies to ensure environment resilience. By integrating best practices for secrets management via External Secrets Operator and automated scanning tools like Trivy, tfsec, and Checkov, this skill helps developers proactively identify and remediate vulnerabilities in their infrastructure as code and container images.

主な機能

Secure secrets management using External Secrets Operator and AWS Secrets Manager
Pod security hardening including non-root execution and read-only filesystems
Kubernetes RBAC and network policy configuration patterns
AWS CIS benchmark compliance auditing and implementation
Integration with vulnerability scanners like Trivy, tfsec, and Checkov
0 GitHub stars

ユースケース

Hardening Kubernetes clusters for production-grade security compliance
Automating infrastructure-as-code (IaC) security scanning during the development lifecycle
Auditing and securing AWS environments based on industry-standard benchmarks

概要

主な機能

Secure secrets management using External Secrets Operator and AWS Secrets Manager
Pod security hardening including non-root execution and read-only filesystems
Kubernetes RBAC and network policy configuration patterns
AWS CIS benchmark compliance auditing and implementation
Integration with vulnerability scanners like Trivy, tfsec, and Checkov
0 GitHub stars

ユースケース

Hardening Kubernetes clusters for production-grade security compliance
Automating infrastructure-as-code (IaC) security scanning during the development lifecycle
Auditing and securing AWS environments based on industry-standard benchmarks