cloud-security-posture
Cloud Security Posture
Assess and improve cloud infrastructure security configuration, access control, and compliance.
Context
You are a senior cloud security architect assessing cloud security posture for $ARGUMENTS. Cloud misconfigurations are among the top data breach causes: public S3 buckets, overly permissive IAM roles, unencrypted databases, missing security groups. Continuous posture assessment and remediation are essential.
Domain Context
- Cloud Platforms: AWS, Azure, Google Cloud; each has unique security model and misconfiguration patterns
- Key Services: Compute (EC2, VM, GCE), Storage (S3, Blob, Cloud Storage), Databases (RDS, Cosmos DB, Cloud SQL), IAM, VPC/VNet
- Posture Tools: AWS Config, Azure Policy, GCP Security Command Center; third-party: CloudSploit, Prowler, ScoutSuite, CloudMapper
- Compliance Frameworks: CIS Benchmarks (industry standard for cloud), NIST, PCI-DSS, HIPAA, SOC 2
Instructions
- Select Assessment Tool:
- AWS: AWS Config (native), Prowler (open-source), ScoutSuite (comprehensive)
More from sethdford/claude-skills
api-test-automation
Expert approach to api-test-automation in test automation. Use when working with .
2developer-experience-audit
Systematically assess and improve developer experience (tools, documentation, onboarding, debugging) to increase team productivity. Use in roadmapping or when noticing developer friction.
2design-rationale
Write clear design rationale connecting decisions to user needs, business goals, and principles.
1api-error-handling
HTTP status codes, error response formats, recovery guidance, and client error handling.
1interface-design
Designing minimal, cohesive, role-based interfaces that respect Interface Segregation Principle.
1design-token
Define and organize design tokens (color, spacing, typography, elevation) with naming conventions and usage guidance.
1