Does this skill support the latest Pod Security Admission?

Yes, it includes templates for labeling namespaces with Privileged, Baseline, and Restricted enforcement levels to replace deprecated PodSecurityPolicies.

Can I use this for multi-tenant clusters?

Absolutely. It provides specific patterns for network isolation and namespace-scoped RBAC to ensure secure tenant separation.

How does it help with policy enforcement?

It provides OPA Gatekeeper ConstraintTemplates and Constraints for custom policy enforcement using Rego, allowing you to validate labels, resources, and more.

Does it work with service meshes like Istio?

Yes, the skill includes configurations for Istio PeerAuthentication (mTLS) and AuthorizationPolicies to secure service-to-service communication.

Kubernetes Security Policies

Name: Kubernetes Security Policies
Author: sla-te

bysla-te

0•

Security & Testing

Implements production-grade Kubernetes security using NetworkPolicies, Pod Security Standards, and fine-grained RBAC.

This skill provides a comprehensive framework for securing Kubernetes clusters by implementing defense-in-depth strategies. It guides users through configuring network isolation via NetworkPolicies, enforcing Pod Security Standards (Baseline and Restricted), and setting up least-privilege RBAC for users and service accounts. With support for OPA Gatekeeper and Istio service mesh security, it is an essential tool for DevOps engineers hardening production environments, managing multi-tenant clusters, and ensuring compliance with CIS Benchmarks and NIST frameworks.

Key Features

010 GitHub stars

02Service mesh security integration including Istio mTLS and authorization

03Namespace-level Pod Security Standard enforcement (Baseline/Restricted)

04OPA Gatekeeper ConstraintTemplates for custom policy enforcement

05Least-privilege RBAC configuration for users and service accounts

06Automated NetworkPolicy generation for default-deny and microsegmentation

Use Cases

01Automating compliance with CIS Kubernetes Benchmarks and security frameworks

02Hardening production clusters against lateral movement and unauthorized access

03Implementing strict isolation for multi-tenant Kubernetes environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sla-te/copilot-converter k8s-security-policies

For use in Claude.ai and ChatGPT

Download Skill