Stats
Actions
Tags
From grc-engineer
Maps IaC files (Terraform, Kubernetes, CloudFormation, Pulumi, Ansible) to compliance controls (SOC 2, ISO 27001, NIST 800-53) and generates markdown evidence reports with status and recommendations.
How this skill is triggered — by the user, by Claude, or both
Slash command
/grc-engineer:code-to-control-mapperThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Maps infrastructure-as-code (IaC) files to specific compliance framework controls. Translates technical implementations into audit-ready compliance evidence.
Maps infrastructure-as-code (IaC) files to specific compliance framework controls. Translates technical implementations into audit-ready compliance evidence.
Map a Terraform file to SOC 2:
node scripts/map-control.js main.tf SOC2
Map Kubernetes manifests to ISO 27001:
node scripts/map-control.js k8s/deployment.yaml ISO27001
Map CloudFormation template to NIST 800-53:
node scripts/map-control.js template.yaml NIST80053
Generates markdown reports with:
# Compliance Mapping Report
## SOC 2 - CC6.1: Logical and Physical Access Controls
**Status:** ✅ Satisfied
**Evidence:**
- `main.tf:45` - `aws_db_instance` with `storage_encrypted = true`
- `main.tf:52` - IAM role with least privilege policy
**Mapping:** Data at rest encryption via AWS KMS satisfies encryption requirements.
npx claudepluginhub grcengclub/claude-grc-engineering --plugin grc-engineerAudits Terraform, Kubernetes, and cloud configs against CIS, SOC 2, HIPAA using Checkov, tfsec, OPA. Generates compliance reports, remediation patches, and CI/CD gating steps.
Generates compliance reports for PCI DSS, HIPAA, SOC 2, GDPR, ISO 27001 by scanning codebases and configs for security controls, assessing gaps, and producing audit-ready Markdown.
Analyzes Terraform, CloudFormation, and Pulumi configurations for module structure, state management, drift prevention, and security posture.