Stats
Actions
Tags
Implements and audits Calico NetworkPolicy and GlobalNetworkPolicy in Kubernetes for Pod traffic control, namespace isolation, egress restrictions, and zero-trust microsegmentation.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:implementing-container-network-policies-with-calicoThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Calico 通过其 CNI 插件提供 Kubernetes 原生及扩展的网络策略执行能力。本技能涵盖创建和审计 Calico NetworkPolicy 与 GlobalNetworkPolicy 资源,使用 calicoctl 和 Kubernetes API 实现 Pod 间流量控制、命名空间隔离、出口限制以及基于 DNS 的策略规则。
Calico 通过其 CNI 插件提供 Kubernetes 原生及扩展的网络策略执行能力。本技能涵盖创建和审计 Calico NetworkPolicy 与 GlobalNetworkPolicy 资源,使用 calicoctl 和 Kubernetes API 实现 Pod 间流量控制、命名空间隔离、出口限制以及基于 DNS 的策略规则。
kubernetes 客户端库使用 calicoctl 和 kubectl 盘点当前网络策略,识别未受保护的命名空间。
为每个命名空间创建默认拒绝入口和出口流量的策略,作为零信任基线。
为合法的 Pod 间及 Pod 与服务间通信定义细粒度允许规则。
测试 Pod 间连通性,验证策略是否正确执行。
JSON 审计报告,列出所有网络策略、未受保护的命名空间、策略规则数量和连通性测试结果。
npx claudepluginhub killvxk/cybersecurity-skills-zhImplements and audits Calico NetworkPolicy and GlobalNetworkPolicy in Kubernetes to control pod traffic, restrict egress, and enforce zero-trust microsegmentation using calicoctl and kubectl.
Implements and audits Calico NetworkPolicy and GlobalNetworkPolicy resources in Kubernetes for pod-to-pod traffic control, namespace isolation, egress restrictions, and zero-trust microsegmentation. Use for security assessments and compliance.
Enforces Kubernetes network segmentation with Calico CNI policies for pod-to-pod traffic control, egress restrictions, and zero-trust microsegmentation. Includes audit and validation steps.