Does it support third-party policy engines?

Yes, it includes patterns for OPA Gatekeeper and Istio service mesh security for advanced admission control and mTLS.

What security standards does this skill support?

It supports standard Kubernetes Pod Security Standards (Privileged, Baseline, and Restricted) as well as CIS Benchmarks and NIST frameworks.

Can it help with network isolation?

Yes, it provides specific templates for default-deny-all policies and granular ingress/egress rules to isolate microservices.

How does it handle RBAC permissions?

It helps define namespace-scoped Roles and cluster-wide ClusterRoles to ensure users and service accounts follow the principle of least privilege.

Kubernetes Security Policies

Name: Kubernetes Security Policies
Author: HermeticOrmus

byHermeticOrmus

0•

보안 및 테스팅

Implement production-grade Kubernetes security using NetworkPolicies, Pod Security Standards, and least-privilege RBAC.

The k8s-security-policies skill enables Claude to architect and deploy defense-in-depth security measures for Kubernetes clusters. It provides standardized templates and implementation patterns for NetworkPolicies to segment traffic, Pod Security Standards to harden container runtimes, and fine-grained RBAC for identity management. Additionally, it integrates advanced enforcement tools like OPA Gatekeeper and Istio, helping developers and DevOps engineers meet CIS Benchmarks and strict compliance requirements in production-grade, multi-tenant environments.

주요 기능

010 GitHub stars

02Service mesh security configuration with Istio PeerAuthentication and mTLS

03Advanced policy enforcement using OPA Gatekeeper ConstraintTemplates

04Configuration of Kubernetes Pod Security Standards (Baseline and Restricted)

05Implementation of least-privilege Role-Based Access Control (RBAC)

06Automated generation of NetworkPolicies for network isolation and segmentation

사용 사례

01Hardening production workloads by enforcing non-root users and read-only filesystems

02Securing multi-tenant clusters by isolating workloads and limiting namespace access

03Automating compliance audits for network and identity management in Kubernetes

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/floraheritage k8s-security-policies

For use in Claude.ai and ChatGPT

Download Skill