gke-security
CommunityHarden GKE clusters with production-ready security defaults.
System Documentation
What problem does it solve?
GKE clusters are frequently deployed with default security configurations that leave them vulnerable to unauthorized access, credential theft, and compliance violations, and manually hardening each cluster across multiple security domains is time-consuming and prone to human error.
Core Features & Use Cases
- Workload Identity Federation Setup: Eliminates static service account keys by mapping Kubernetes service accounts to Google IAM service accounts for secure cloud API access.
- Integrated Secret Management: Enables Google Secret Manager with automatic rotation, syncing secrets to Kubernetes clusters via the CSI driver.
- Comprehensive Security Hardening: Covers RBAC configuration, Binary Authorization, Dataplane V2 Network Policies, Pod Security Standards, and IAM role management for end-to-end cluster protection.
- Use Case: Platform teams provisioning production GKE clusters can use this skill to enforce a consistent, hardened security posture that meets compliance requirements out of the box.
Quick Start
Use the gke-security skill to configure a new production GKE cluster with golden path security defaults including Workload Identity, automatic Secret Manager rotation, and restricted Pod Security Standards.
Dependency Matrix
Required Modules
None requiredComponents
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: gke-security Download link: https://github.com/wangx7/skills-collection/archive/main.zip#gke-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.