Back to Details

auditing-access-control

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Access Control Auditor

访问控制审计工具

This skill provides automated assistance for access control auditor tasks.
本技能为访问控制审计任务提供自动化协助。

Overview

概述

This skill leverages the access-control-auditor plugin to perform comprehensive audits of access control configurations. It helps identify potential security risks associated with overly permissive access, misconfigured permissions, and non-compliance with security policies.
本技能借助access-control-auditor插件,对访问控制配置进行全面审计,帮助识别与过度宽松的访问权限、配置错误的权限以及违反安全策略相关的潜在安全风险。

How It Works

工作原理

  1. Analyze Request: Claude identifies the user's intent to audit access control.
  2. Invoke Plugin: The access-control-auditor plugin is activated.
  3. Execute Audit: The plugin analyzes the specified access control configuration (e.g., IAM policies, ACLs).
  4. Report Findings: The plugin generates a report highlighting potential vulnerabilities and misconfigurations.
  1. 分析请求:Claude识别用户的访问控制审计意图。
  2. 调用插件:激活access-control-auditor插件。
  3. 执行审计:插件分析指定的访问控制配置(如IAM策略、ACL)。
  4. 生成报告:插件生成报告,突出显示潜在漏洞和配置错误。

When to Use This Skill

适用场景

This skill activates when you need to:
  • Audit IAM policies in a cloud environment.
  • Review access control lists (ACLs) for network resources.
  • Assess user permissions in an application.
  • Identify potential privilege escalation paths.
  • Ensure compliance with access control security policies.
当你需要以下操作时,可激活本技能:
  • 审计云环境中的IAM策略。
  • 审查网络资源的访问控制列表(ACL)。
  • 评估应用程序中的用户权限。
  • 识别潜在的权限提升路径。
  • 确保符合访问控制安全策略。

Examples

示例

Example 1: Auditing AWS IAM Policies

示例1:审计AWS IAM策略

User request: "Audit the AWS IAM policies in my account for overly permissive access."
The skill will:
  1. Invoke the access-control-auditor plugin, specifying the AWS account and IAM policies as the target.
  2. Generate a report identifying IAM policies that grant overly broad permissions or violate security best practices.
用户请求:“Audit the AWS IAM policies in my account for overly permissive access.”
本技能将:
  1. 调用access-control-auditor插件,指定AWS账户和IAM策略作为目标。
  2. 生成报告,识别授予过宽权限或违反安全最佳实践的IAM策略。

Example 2: Reviewing Network ACLs

示例2:审查网络ACL

User request: "Review the network ACLs for my VPC to identify any potential security vulnerabilities."
The skill will:
  1. Activate the access-control-auditor plugin, specifying the VPC and network ACLs as the target.
  2. Produce a report highlighting ACL rules that allow unauthorized access or expose the VPC to unnecessary risks.
用户请求:“Review the network ACLs for my VPC to identify any potential security vulnerabilities.”
本技能将:
  1. 激活access-control-auditor插件,指定VPC和网络ACL作为目标。
  2. 生成报告,突出显示允许未授权访问或使VPC面临不必要风险的ACL规则。

Best Practices

最佳实践

  • Scope Definition: Clearly define the scope of the audit (e.g., specific IAM roles, network segments, applications).
  • Contextual Information: Provide contextual information about the environment being audited (e.g., security policies, compliance requirements).
  • Remediation Guidance: Use the audit findings to develop and implement remediation strategies to address identified vulnerabilities.
  • 范围定义:明确审计范围(如特定IAM角色、网络段、应用程序)。
  • 上下文信息:提供被审计环境的上下文信息(如安全策略、合规要求)。
  • 修复指导:利用审计结果制定并实施修复策略,解决已识别的漏洞。

Integration

集成

This skill can be integrated with other security plugins to provide a more comprehensive security assessment. For example, it can be combined with a vulnerability scanner to identify vulnerabilities that could be exploited due to access control misconfigurations. It can also be integrated with compliance tools to ensure adherence to regulatory requirements.
本技能可与其他安全插件集成,提供更全面的安全评估。例如,可与漏洞扫描器结合,识别因访问控制配置错误可能被利用的漏洞;也可与合规工具集成,确保符合监管要求。

Prerequisites

前提条件

  • Access to codebase and configuration files in {baseDir}/
  • Security scanning tools installed as needed
  • Understanding of security standards and best practices
  • Permissions for security analysis operations
  • 能够访问{baseDir}/下的代码库和配置文件
  • 按需安装安全扫描工具
  • 了解安全标准与最佳实践
  • 拥有安全分析操作权限

Instructions

操作步骤

  1. Identify security scan scope and targets
  2. Configure scanning parameters and thresholds
  3. Execute security analysis systematically
  4. Analyze findings for vulnerabilities and compliance gaps
  5. Prioritize issues by severity and impact
  6. Generate detailed security report with remediation steps
  1. 确定安全扫描范围与目标
  2. 配置扫描参数与阈值
  3. 系统执行安全分析
  4. 分析结果,识别漏洞与合规缺口
  5. 根据严重性和影响优先级排序问题
  6. 生成包含修复步骤的详细安全报告

Output

输出内容

  • Security scan results with vulnerability details
  • Compliance status reports by standard
  • Prioritized list of security issues by severity
  • Remediation recommendations with code examples
  • Executive summary for stakeholders
  • 包含漏洞详情的安全扫描结果
  • 按标准分类的合规状态报告
  • 按严重性排序的安全问题优先级列表
  • 附带代码示例的修复建议
  • 面向利益相关者的执行摘要

Error Handling

错误处理

If security scanning fails:
  • Verify tool installation and configuration
  • Check file and directory permissions
  • Validate scan target paths
  • Review tool-specific error messages
  • Ensure network access for dependency checks
若安全扫描失败:
  • 验证工具安装与配置
  • 检查文件和目录权限
  • 验证扫描目标路径
  • 查看工具特定的错误消息
  • 确保依赖检查的网络访问正常

Resources

参考资源

  • Security standard documentation (OWASP, CWE, CVE)
  • Compliance framework guidelines (GDPR, HIPAA, PCI-DSS)
  • Security scanning tool documentation
  • Vulnerability remediation best practices
  • 安全标准文档(OWASP、CWE、CVE)
  • 合规框架指南(GDPR、HIPAA、PCI-DSS)
  • 安全扫描工具文档
  • 漏洞修复最佳实践