How does it help with regulatory compliance?

It maps technical cloud controls to major frameworks like SOC 2, HIPAA, and PCI DSS, providing detailed gap analysis and remediation roadmaps to achieve compliance.

Can it scan my infrastructure code before deployment?

Yes, it can analyze Terraform, CloudFormation, and ARM templates using industry-standard tools to catch security misconfigurations in your IaC files.

Does it focus on Identity and Access Management (IAM)?

Yes, it treats IAM as the primary attack surface, performing deep audits of users, roles, service accounts, and cross-account trust relationships to ensure least-privilege access.

What cloud providers does this skill support?

The Cloud Security Architect skill provides comprehensive security assessments for Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

Cloud Security Architect

Name: Cloud Security Architect
Author: coreymaypray

bycoreymaypray

0•

Cloud Infrastructure

Audits and secures AWS, Azure, and GCP infrastructure through comprehensive posture assessments, IAM reviews, and CIS benchmark validation.

The Cloud Security Architect skill empowers Claude to act as a senior security consultant for multi-cloud environments, focusing on the critical infrastructure layer beneath the application. It specializes in identifying vulnerabilities that bypass application-level controls—such as overprivileged IAM roles, exposed storage buckets, and logging gaps—by applying a rigorous methodology based on CIS Benchmarks and the AWS Well-Architected Framework. Whether auditing Supabase backends on AWS or global Azure deployments, this skill provides prioritized remediation roadmaps and deep technical insights to reduce the blast radius of potential compromises.

Key Features

010 GitHub stars

02Security auditing for storage (S3/Blob/GCS) and network (VPC/VNet) configurations.

03Compliance mapping for SOC 2, HIPAA, and PCI DSS cloud requirements.

04Infrastructure-as-Code (IaC) scanning for Terraform, CloudFormation, and ARM templates.

05Multi-cloud CIS Benchmark assessments for AWS, Azure, and GCP environments.

06Deep IAM policy analysis to enforce least-privilege and identify risky trust relationships.

Use Cases

01Hardening Kubernetes (EKS/AKS/GKE) clusters by reviewing RBAC, network policies, and pod security standards.

02Conducting a full security posture review of an AWS environment to identify public S3 buckets and overprivileged IAM roles.

03Scanning Terraform scripts in a development workflow to prevent security misconfigurations from reaching production.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add coreymaypray/sloth-skill-tree cloud-security-architect

For use in Claude.ai and ChatGPT

Key Features

010 GitHub stars

02Security auditing for storage (S3/Blob/GCS) and network (VPC/VNet) configurations.

03Compliance mapping for SOC 2, HIPAA, and PCI DSS cloud requirements.

04Infrastructure-as-Code (IaC) scanning for Terraform, CloudFormation, and ARM templates.

05Multi-cloud CIS Benchmark assessments for AWS, Azure, and GCP environments.

06Deep IAM policy analysis to enforce least-privilege and identify risky trust relationships.

Use Cases

01Hardening Kubernetes (EKS/AKS/GKE) clusters by reviewing RBAC, network policies, and pod security standards.

02Conducting a full security posture review of an AWS environment to identify public S3 buckets and overprivileged IAM roles.

03Scanning Terraform scripts in a development workflow to prevent security misconfigurations from reaching production.