iso27001-compliance
π―Skillfrom bagelhole/devops-security-agent-skills
|Helps DevOps teams automatically assess and validate infrastructure configurations against ISO 27001 information security management system (ISMS) compliance requirements.
Part of
bagelhole/devops-security-agent-skills(85 items)
Installation
git clone https://github.com/bagelhole/DevOps-Security-Agent-Skills.git ~/.skills/devops-securitySkill Details
Overview
# π‘οΈ DevOps & Security Agent Skills Stop Googling. Start Shipping. [](LICENSE) [](CONTRIBUTING.md) [](https://agentskills.io) [Explore Skills](#skill-catalog) Β· [Get Started](#quick-start) Β· [Contribute](CONTRIBUTING.md)Your AI-Powered Second Brain for Infrastructure & Security
---
π‘ The Problem
You're a solo founder, indie hacker, or one-person DevOps team. You need to:
- Set up CI/CD pipelines across 5 different platforms
- Harden your Linux servers (but you forgot the sysctl parameters)
- Write that Terraform module for the 47th time
- Remember how CloudTrail works... again
- Configure Kubernetes security contexts properly
- Actually understand what SOC2 needs
You can't remember everything. You shouldn't have to.
---
π The Solution
This repo is a comprehensive knowledge base designed to be loaded into AI agents. It's your DevOps second brain β battle-tested scripts, production-ready configs, and expert knowledge organized using the [Agent Skills](https://agentskills.io) format:
| Domain | What You Get |
|--------|--------------|
| π§ DevOps | CI/CD, containers, K8s, observability, release management |
| π Security | Scanning, secrets, hardening, network security, incident response |
| βοΈ Infrastructure | AWS, Azure, GCP, servers, networking, databases, storage |
| π Compliance | SOC2, HIPAA, GDPR, PCI-DSS, governance, auditing |
---
β¨ What's Inside
This isn't just documentation. Each skill includes:
```
skill/
βββ SKILL.md # AI-readable instructions & knowledge
βββ scripts/ # Ready-to-run automation scripts
βββ references/ # Deep-dive guides & cheatsheets
βββ assets/ # Config templates & examples
```
π― Real Examples
Need to debug a crashing pod?
```bash
./devops/orchestration/kubernetes-ops/scripts/pod-debug.sh my-pod
```
Hardening a fresh Linux server?
```bash
./security/hardening/linux-hardening/scripts/harden-system.sh --apply
```
Setting up Vault from scratch?
```bash
./security/secrets/hashicorp-vault/scripts/vault-init.sh
```
Collecting evidence during an incident?
```bash
./security/operations/incident-response/scripts/collect-evidence.sh INC-2024-001
```
---
π§ How It Works
[Agent Skills](https://agentskills.io) is an open format for extending AI agent capabilities. Here's the flow:
```
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 1. DISCOVER 2. MATCH 3. ACTIVATE β
β β
β Agent scans β User asks about β Agent reads full β
β skill folders Kubernetes SKILL.md + runs β
β at startup debugging scripts as needed β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
```
Each SKILL.md has YAML frontmatter (name + description) that agents load at startup for matching, and markdown instructions that get loaded only when the skill is activated. This keeps context usage efficient.
π Full spec: [agentskills.io/specification](https://agentskills.io/specification)
---
π Quick Start
1. Download the Skills
```bash
# Clone to your skills directory
git clone https://github.com/bagelhole/DevOps-Security-Agent-Skills.git ~/.skills/devops-security
# Or add as a submodule to your project
git submodule add https://github.com/bagelhole/DevOps-Security-Agent-Skills.git .skills/devops-security
```
2. Integrate with Your Agent
Filesystem-based agents (Cursor, Claude with computer use, Cline, etc.) are the easiest β the agent can read skills directly:
```bash
# Agent reads skill when needed
cat ~/.skills/devops-security/devops/orchestration/kubernetes-ops/SKILL.md
```
Tool-based agents need skills injected into the system prompt. Use the [skills-ref](https://github.com/agentskills/agentskills/tree/main/skills-ref) CLI:
```bash
# Generate XML for your agent's system prompt
skills-ref to-prompt ~/.skills/devops-security/devops/ci-cd/*
# Output:
#
#
#
#
#
#
# ...
#
```
3. Validate Skills (Optional)
```bash
# Check skill format is correct
skills-ref validate ~/.skills/devops-security/security/secrets/hashicorp-vault
```
For Humans
No agent? No problem. Browse the skills, copy the scripts, use the configs. It's MIT licensed β go wild.
---
π Skill Catalog
CI/CD
| Skill | Description |
|-------|-------------|
| [github-actions](devops/ci-cd/github-actions/) | Build, test, and deploy with GitHub Actions |
| [gitlab-ci](devops/ci-cd/gitlab-ci/) | GitLab CI/CD pipelines and runners |
| [jenkins](devops/ci-cd/jenkins/) | Jenkins pipelines and shared libraries |
| [azure-devops](devops/ci-cd/azure-devops/) | Azure Pipelines and release management |
| [circleci](devops/ci-cd/circleci/) | CircleCI workflows and orbs |
Containers
| Skill | Description |
|-------|-------------|
| [docker-management](devops/containers/docker-management/) | Docker images, multi-stage builds, optimization |
| [docker-compose](devops/containers/docker-compose/) | Multi-container applications |
| [podman](devops/containers/podman/) | Rootless container management |
| [container-registries](devops/containers/container-registries/) | ECR, ACR, GCR, Docker Hub |
Orchestration
| Skill | Description |
|-------|-------------|
| [kubernetes-ops](devops/orchestration/kubernetes-ops/) | Deploy, scale, troubleshoot K8s |
| [helm-charts](devops/orchestration/helm-charts/) | Helm chart development and deployment |
| [argocd-gitops](devops/orchestration/argocd-gitops/) | GitOps with ArgoCD |
| [kustomize](devops/orchestration/kustomize/) | Kubernetes manifest customization |
| [openshift](devops/orchestration/openshift/) | OpenShift cluster management |
Observability
| Skill | Description |
|-------|-------------|
| [prometheus-grafana](devops/observability/prometheus-grafana/) | Metrics and dashboards |
| [elk-stack](devops/observability/elk-stack/) | Elasticsearch, Logstash, Kibana |
| [loki-logging](devops/observability/loki-logging/) | Grafana Loki log aggregation |
| [datadog](devops/observability/datadog/) | Datadog monitoring and APM |
| [new-relic](devops/observability/new-relic/) | New Relic observability |
| [alerting-oncall](devops/observability/alerting-oncall/
More from this repository10
Skill
Skill
Generates comprehensive business continuity and disaster recovery plans by analyzing infrastructure configurations, identifying potential risks, and recommending resilience strategies across cloud ...
Automates Google Kubernetes Engine (GKE) cluster provisioning, configuration, and security hardening using best practices and infrastructure-as-code principles.
Automates database backup strategies, generating secure, consistent backup configurations and scripts across multiple database systems and cloud platforms.
Performs automated static application security testing (SAST) on source code to identify potential security vulnerabilities and coding risks before deployment.
Automates PostgreSQL database security hardening, configuration management, and best practices implementation for DevOps and cloud infrastructure.
Validates and recommends security configurations for infrastructure and systems against Center for Internet Security (CIS) benchmark standards and best practices.
Manages SSL/TLS certificate lifecycle, including generation, validation, rotation, and secure configuration across infrastructure and cloud environments.
Configures and manages Network File System (NFS) storage resources, providing automated setup and security best practices for distributed file storage in cloud and on-premises environments.