creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-14 06:54:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal

Browse Source 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
This commit is contained in:
mukul975
2026-03-11 00:22:12 +01:00
parent 27c6414ca5
commit c21af3347e
1244 changed files with 61622 additions and 723 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/implementing-gcp-binary-authorization/references/api-reference.md
+58
View File
@@ -0,0 +1,58 @@
# API Reference: Implementing GCP Binary Authorization
## gcloud CLI Commands
```bash
# Enable APIs
gcloud services enable binaryauthorization.googleapis.com containeranalysis.googleapis.com
# Enable on GKE cluster
gcloud container clusters update CLUSTER --enable-binauthz --zone ZONE
# Export policy
gcloud container binauthz policy export --project PROJECT_ID
# Import policy
gcloud container binauthz policy import policy.yaml
# Create attestor
gcloud container binauthz attestors create ATTESTOR_NAME \
--attestation-authority-note=NOTE_ID \
--attestation-authority-note-project=PROJECT_ID
# Create attestation
gcloud container binauthz attestations sign-and-create \
--artifact-url="gcr.io/PROJECT/IMAGE@DIGEST" \
--attestor="ATTESTOR" --attestor-project="PROJECT" \
--keyversion-project=PROJECT --keyversion-location=global \
--keyversion-keyring=KEYRING --keyversion-key=KEY --keyversion=1
```
## Policy Structure
| Field | Values | Description |
|-------|--------|-------------|
| `evaluationMode` | ALWAYS_ALLOW, ALWAYS_DENY, REQUIRE_ATTESTATION | How images are evaluated |
| `enforcementMode` | ENFORCED_BLOCK_AND_AUDIT_LOG, DRYRUN_AUDIT_LOG_ONLY | Block or audit-only |
| `globalPolicyEvaluationMode` | ENABLE, DISABLE | Google-maintained system policy |
## Break-Glass Annotation
```yaml
metadata:
annotations:
alpha.image-policy.k8s.io/break-glass: "Emergency - INC-12345"
```
## Cloud Logging Filter (CV Violations)
```
resource.type="k8s_cluster"
logName="projects/PROJECT/logs/binaryauthorization.googleapis.com%2Fcontinuous_validation"
```
### References
- GCP Binary Authorization: https://cloud.google.com/binary-authorization/docs
- Container Analysis API: https://cloud.google.com/container-analysis/docs
- SLSA Framework: https://slsa.dev