What security standards does this skill support?

It supports Pod Security Standards (Privileged, Baseline, Restricted), RBAC least-privilege patterns, and NetworkPolicy microsegmentation based on CIS and NIST benchmarks.

How does it help with Kubernetes admission control?

It provides OPA Gatekeeper templates and constraints to automatically reject resources that do not meet your organization's security and labeling requirements.

Can I use this for multi-tenant clusters?

Yes, it provides specific configurations for network isolation, default-deny policies, and namespace-scoped RBAC ideal for multi-tenant environments.

Does it support service mesh security?

Yes, the skill includes Istio-specific security policies such as PeerAuthentication for mTLS and AuthorizationPolicies for service-to-service security.

Kubernetes Security Policies

Name: Kubernetes Security Policies
Author: amurata

byamurata

•

Security & Testing

Implement and enforce production-grade security standards across Kubernetes clusters including NetworkPolicy, RBAC, and Pod Security Standards.

This skill provides a comprehensive framework for securing Kubernetes environments through defense-in-depth strategies. It enables developers and DevOps engineers to quickly implement network segmentation, fine-grained RBAC permissions, and standardized pod security contexts. By integrating industry best practices like the CIS Kubernetes Benchmark and NIST frameworks, this tool helps ensure clusters are hardened against unauthorized access and lateral movement while simplifying the creation of compliance-ready manifests and admission control policies.

Key Features

01Hardened Pod Security Contexts for container-level runtime security and non-root execution.

023 GitHub stars

03Policy enforcement via OPA Gatekeeper ConstraintTemplates and Constraints.

04Automated generation of NetworkPolicy manifests for microsegmentation.

05Implementation of Pod Security Standards (Baseline and Restricted) at the namespace level.

06RBAC configuration templates for enforcing least-privilege access controls.

Use Cases

01Securing multi-tenant Kubernetes clusters with strict network isolation and namespace boundaries.

02Hardening container workloads to run as non-root with restricted capabilities and read-only filesystems.

03Preparing infrastructure for security compliance audits such as CIS Benchmarks or NIST frameworks.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add amurata/cc-tools k8s-security-policies

For use in Claude.ai and ChatGPT

Download Skill