mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-10 21:24:56 +03:00

Files

T

mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders

2026-03-10 21:02:12 +01:00

2.3 KiB

Raw Blame History

API Reference: Securing AWS Lambda Execution Roles

boto3 Lambda Client

Key Methods

Method	Description
`list_functions()`	List all Lambda functions with role ARNs and runtime info
`get_function_configuration()`	Get function config including execution role
`update_function_configuration()`	Update function settings (role, KMS key, logging)
`create_function_url_config()`	Configure function URL with auth type

boto3 IAM Client (Role Analysis)

Method	Description
`get_role()`	Get role details including trust policy and permission boundary
`list_attached_role_policies()`	List managed policies on a role
`list_role_policies()`	List inline policy names
`get_role_policy()`	Get inline policy document
`put_role_permissions_boundary()`	Apply permission boundary
`simulate_principal_policy()`	Test effective permissions
`create_role()`	Create new role with trust policy
`attach_role_policy()`	Attach a managed policy to a role

boto3 Access Analyzer Client

Method	Description
`validate_policy()`	Validate policy against security best practices
`start_policy_generation()`	Generate least-privilege policy from CloudTrail
`get_generated_policy()`	Retrieve generated policy result
`check_no_new_access()`	Verify policy does not grant new access

Trust Policy Structure

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Principal": {"Service": "lambda.amazonaws.com"},
    "Action": "sts:AssumeRole",
    "Condition": {
      "StringEquals": {"aws:SourceAccount": "ACCOUNT_ID"}
    }
  }]
}

Permission Boundary Effect

The effective permissions are the intersection of:

Identity-based policy (attached to role)
Permission boundary (maximum allowed permissions)
Service Control Policies (organizational guardrails)

References

Lambda execution role docs: https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html
Permission boundaries: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
Access Analyzer policy validation: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-policy-validation.html

2.3 KiB Raw Blame History

API Reference: Securing AWS Lambda Execution Roles

boto3 Lambda Client

Key Methods

boto3 IAM Client (Role Analysis)

boto3 Access Analyzer Client

Trust Policy Structure

Permission Boundary Effect

References

2.3 KiB

Raw Blame History