mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-14 15:04:56 +03:00

Files

T

mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal

- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md

2026-03-11 00:22:12 +01:00

2.0 KiB

Raw Blame History

API Reference: Implementing GCP Organization Policy Constraints

gcloud CLI Commands

# List all org policies
gcloud org-policies list --organization=ORG_ID

# Describe specific constraint
gcloud org-policies describe constraints/compute.vmExternalIpAccess --organization=ORG_ID

# Set policy from YAML
gcloud resource-manager org-policies set-policy policy.yaml --organization=ORG_ID

# Set custom constraint
gcloud org-policies set-custom-constraint custom-constraint.yaml

# Check effective policy on project
gcloud org-policies list --project=PROJECT_ID

Baseline Security Constraints

Constraint	Type	Purpose
`compute.vmExternalIpAccess`	List/Deny	Block public VM IPs
`compute.requireOsLogin`	Boolean	Mandate OS Login for SSH
`compute.disableSerialPortAccess`	Boolean	Disable serial port
`storage.uniformBucketLevelAccess`	Boolean	Uniform bucket ACLs
`sql.restrictPublicIp`	Boolean	No public Cloud SQL
`iam.disableServiceAccountKeyCreation`	Boolean	Force Workload Identity
`gcp.resourceLocations`	List/Allow	Restrict to approved regions

Policy YAML Formats

Boolean Policy

constraint: constraints/compute.requireOsLogin
booleanPolicy:
  enforced: true

List Policy (Deny All)

constraint: constraints/compute.vmExternalIpAccess
listPolicy:
  allValues: DENY

List Policy (Allow Specific)

constraint: constraints/gcp.resourceLocations
listPolicy:
  allowedValues:
    - "in:us-locations"
    - "in:eu-locations"

Terraform Resource

resource "google_organization_policy" "example" {
  org_id     = var.org_id
  constraint = "constraints/compute.requireOsLogin"
  boolean_policy { enforced = true }
}

References

GCP Org Policy: https://cloud.google.com/resource-manager/docs/organization-policy/overview
Constraint List: https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints
CIS GCP Benchmark: https://www.cisecurity.org/benchmark/google_cloud_computing_platform

2.0 KiB Raw Blame History

API Reference: Implementing GCP Organization Policy Constraints

gcloud CLI Commands

Baseline Security Constraints

Policy YAML Formats

Boolean Policy

List Policy (Deny All)

List Policy (Allow Specific)

Terraform Resource

References

2.0 KiB

Raw Blame History