infra-network-security-review
CommunityHarden data platforms with network reviews.
Software Engineering#network security#vpc flow logs#privatelink#kubernetes networkpolicy#tls mTLS#aws security groups#private subnets
Authorivanshamaev
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you identify and prevent insecure network configurations that expose data platforms to unauthorized access, lateral movement, and data exfiltration.
Core Features & Use Cases
- Kubernetes NetworkPolicy hardening: Implements a default-deny model with explicit allow rules for namespace and pod-to-pod traffic (e.g., Airflow, Kafka, DB access).
- Cloud security group and subnet review: Detects risky ingress patterns like 0.0.0.0/0, verifies that data services run in private subnets, and audits public exposure flags.
- Encryption and traffic visibility: Enforces TLS/mTLS for service-to-service communication (Kafka, Postgres, Istio), designs private connectivity (VPC endpoints/PrivateLink vs peering), and analyzes VPC Flow Logs to spot suspicious traffic.
Quick Start
Ask the agent to produce a step-by-step network security review plan for your data platform using Kubernetes NetworkPolicy, AWS security group audit checks, TLS/mTLS enforcement targets, and VPC Flow Logs queries.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: infra-network-security-review Download link: https://github.com/ivanshamaev/de-agent-skills/archive/main.zip#infra-network-security-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.