AWS Security Hardening
AWS Security Hardening for Red Team Infrastructure
Red team infrastructure on AWS has a unique threat model: it needs to be functional enough for operations, hardened enough that it doesn't get hijacked by other threat actors, and disposable enough to tear down without leaving traces. This skill covers the security practices that matter most in this context.
IAM — Identity and Access Control
The root account is the crown jewel of your AWS setup. If it gets compromised, an attacker owns everything — your infrastructure, your billing, and potentially your operational security.
- Create a dedicated IAM user for RedC operations. Never use the root account for day-to-day work
- Apply least-privilege policies. Start with AWS managed policies (like
AmazonEC2FullAccess) and narrow them down based on what RedC actually needs - Enable MFA on all IAM users — this is the single most effective protection against credential theft
- Rotate access keys every 90 days. Set a calendar reminder because you will forget
- Use IAM roles for EC2 instances instead of embedding access keys. Roles auto-rotate credentials and the keys never appear in Terraform state files
Example — minimal IAM policy for RedC:
{
"Version": "2012-10-17",
"Statement": [
More from wgpsec/redc-template
multi-cloud deployment
Guide for deploying infrastructure across multiple cloud providers (AWS, Azure, GCP, Alibaba Cloud, Tencent Cloud, Huawei Cloud, Volcengine). Use this skill whenever the user mentions deploying to more than one cloud, comparing cloud providers, selecting regions, configuring provider credentials, or asking about cross-cloud compatibility. Also use when the user asks about a specific Chinese cloud provider (Alibaba, Tencent, Huawei, Volcengine) since these have unique authentication patterns that differ from Western clouds.
1terraform-provider-docs
Look up official Terraform provider documentation before writing or debugging any Terraform resource, data source, or provider configuration. Use this skill whenever you encounter a Terraform error, need to write a new resource block, are unsure about argument syntax or valid values, need to check resource attribute constraints, or want to understand provider-specific behaviors. Consult the docs first instead of guessing Terraform arguments from memory — it consistently saves multiple debug cycles.
1cloud cost optimization
Strategies for minimizing cloud infrastructure costs in red team deployments. Use this skill whenever the user asks about pricing, budgets, cost estimates, instance sizing, spot instances, or resource cleanup. Also apply when the user is choosing instance types, discussing how long to keep infrastructure running, asking about billing alerts, or planning a deployment where cost is a concern — even if they don't explicitly mention "cost" or "budget". Proactively reference this skill when generating templates to suggest cost-saving alternatives.
1terraform best practices
Terraform IaC best practices for cloud infrastructure deployments. Use this skill whenever the user is writing Terraform code, creating templates, generating .tf files, asking about state management, modules, variables, security groups, or any infrastructure-as-code question. Also use when reviewing or debugging Terraform configurations, discussing provider setup, or planning multi-resource deployments — even if the user doesn't explicitly mention "Terraform" but is clearly working with .tf files or HCL syntax.
1deployment troubleshooting
Diagnose and fix Terraform deployment errors in RedC scenarios. Use this skill whenever the user encounters an error during deployment — whether it's a Terraform init failure, authentication error, resource creation failure, network timeout, state conflict, or cloud-init problem. Also use when the user pastes an error message, says "deployment failed", asks why something isn't working, or reports that instances are unreachable after creation. This skill covers the most common failure modes across all cloud providers supported by RedC.
1