AWS Security Architecture Skill

Purpose

This skill provides AWS security architecture guidance for the CIA platform deployment, covering VPC network security, IAM least-privilege policies, KMS encryption, CloudTrail auditing, and GuardDuty threat detection. It aligns with Hack23 ISMS and AWS Well-Architected Security Pillar.

When to Use This Skill

Apply this skill when:

• ✅ Designing or modifying AWS infrastructure (CloudFormation)
• ✅ Configuring IAM roles, policies, or permissions
• ✅ Setting up encryption with KMS for data at rest
• ✅ Configuring VPC networking, security groups, or NACLs
• ✅ Enabling audit logging with CloudTrail
• ✅ Setting up threat detection with GuardDuty
• ✅ Reviewing cia-dist-cloudformation templates

Do NOT use for:

• ❌ Application-level security (use secure-code-review skill)