Can it detect public access issues in my cloud environment?

Yes, the skill specifically flags 'allUsers' and 'allAuthenticatedUsers' bindings across Cloud Storage, Cloud Functions, and IAM policies to prevent unauthorized data exposure.

How does this skill help with IAM security?

It systematically identifies and helps replace insecure primitive roles like Owner, Editor, and Viewer with granular, predefined, or custom roles that follow the principle of least privilege.

Does it support Infrastructure as Code (IaC)?

Absolutely. It includes secure HCL patterns for Terraform and provides guidance on using third-party scanners like Checkov for IaC-based deployments.

What networking misconfigurations does it look for?

It focuses on eliminating 0.0.0.0/0 ingress rules, enforcing IAP for administrative access, enabling VPC Flow Logs, and ensuring private IP usage for Cloud SQL and compute instances.

Google Cloud Security Review

Name: Google Cloud Security Review
Author: curphey

bycurphey

0•

Cloud Infrastructure

Conducts systematic security audits and infrastructure reviews for Google Cloud Platform environments to enforce least privilege and secure networking.

This skill provides a comprehensive framework for auditing Google Cloud Platform (GCP) infrastructure to ensure adherence to security best practices. It guides developers and SREs through identifying misconfigurations in Identity and Access Management (IAM), network boundaries, and data protection layers. By scanning for critical red flags like primitive roles, public storage buckets, and overly permissive firewall rules, it helps transform vulnerable environments into secure, production-grade cloud architectures using proven Terraform patterns and gcloud CLI commands.

Key Features

01Data protection checks for Cloud Storage encryption and bucket-level access

02Network boundary verification including VPC, firewall, and IAP configurations

03Identification of public resource exposures in Cloud Functions and Cloud SQL

04IAM policy auditing to eliminate primitive roles and enforce least privilege

05Ready-to-use secure Terraform patterns for GCP resource deployment

060 GitHub stars

Use Cases

01Pre-deployment security audits for GCP-based Terraform configurations

02Implementing Workload Identity and Private Service Connect architectures

03Remediation of existing security vulnerabilities in legacy Google Cloud projects

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add curphey/bosun gcp

For use in Claude.ai and ChatGPT