playbooks

home / skills / jeremylongshore / claude-code-plugins-plus-skills / security-group-generator

security-group-generator skill

/skills/13-aws-skills/security-group-generator

This skill helps you design and validate production-ready security group configurations for AWS, following best practices and automated checks.

npx playbooks add skill jeremylongshore/claude-code-plugins-plus-skills --skill security-group-generator

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
2.2 KB
---
name: "security-group-generator"
description: |
  Generate security group generator operations. Auto-activating skill for AWS Skills.
  Triggers on: security group generator, security group generator
  Part of the AWS Skills skill category. Use when working with security group generator functionality. Trigger with phrases like "security group generator", "security generator", "security".
allowed-tools: "Read, Write, Edit, Bash(aws:*)"
version: 1.0.0
license: MIT
author: "Jeremy Longshore <[email protected]>"
---

# Security Group Generator

## Overview

This skill provides automated assistance for security group generator tasks within the AWS Skills domain.

## When to Use

This skill activates automatically when you:
- Mention "security group generator" in your request
- Ask about security group generator patterns or best practices
- Need help with amazon web services skills covering compute, storage, networking, serverless, and aws-specific best practices.

## Instructions

1. Provides step-by-step guidance for security group generator
2. Follows industry best practices and patterns
3. Generates production-ready code and configurations
4. Validates outputs against common standards

## Examples

**Example: Basic Usage**
Request: "Help me with security group generator"
Result: Provides step-by-step guidance and generates appropriate configurations


## Prerequisites

- Relevant development environment configured
- Access to necessary tools and services
- Basic understanding of aws skills concepts


## Output

- Generated configurations and code
- Best practice recommendations
- Validation results


## Error Handling

| Error | Cause | Solution |
|-------|-------|----------|
| Configuration invalid | Missing required fields | Check documentation for required parameters |
| Tool not found | Dependency not installed | Install required tools per prerequisites |
| Permission denied | Insufficient access | Verify credentials and permissions |


## Resources

- Official documentation for related tools
- Best practices guides
- Community examples and tutorials

## Related Skills

Part of the **AWS Skills** skill category.
Tags: aws, lambda, s3, ec2, cloudformation

Overview

This skill automates generation and validation of AWS security group configurations and patterns. It produces step-by-step guidance, production-ready code snippets (CloudFormation, Terraform, or AWS CLI), and validation feedback aligned with common AWS networking best practices. Use it to speed secure ingress/egress rule creation and reduce misconfiguration risk.

How this skill works

When triggered, the skill inspects requested security group requirements (ports, CIDR ranges, protocols, resource tags, and environment constraints) and generates configuration artifacts and commands. It applies industry patterns for least-privilege access, rule ordering, descriptive naming, and tag-based policy alignment, then validates output against common checks like open 0.0.0.0/0 exposures and required fields. It returns code, rationale, and remediation suggestions.

When to use it

  • Creating new security groups for applications, load balancers, or databases
  • Refining existing groups to follow least-privilege and tagging standards
  • Generating CloudFormation/Terraform/CLI snippets for deployment pipelines
  • Validating security group rules for wide-open or conflicting entries
  • Onboarding infrastructure as code practices for networking teams

Best practices

  • Define explicit ingress/egress rules with minimal CIDR ranges and port sets
  • Use descriptive names and tags to map groups to application and environment
  • Prefer security group references (by ID) over broad CIDR rules for inter-service access
  • Keep separate groups per trust boundary (app, db, admin) and avoid monolithic groups
  • Include validation checks for 0.0.0.0/0, overlapping rules, and unused rules

Example use cases

  • Generate a security group allowing HTTPS from a load balancer and SSH only from a corporate IP range
  • Produce Terraform snippets for microservice security groups with mutual access rules
  • Validate an existing account for overly permissive security groups and list remediation steps
  • Create CloudFormation parameters and outputs for reusable security group modules
  • Auto-generate CI pipeline steps to apply and validate security group changes

FAQ

What formats can the skill output?

It can generate CloudFormation, Terraform, AWS CLI commands, and plain JSON/YAML security group definitions.

How does validation work?

The skill runs rule-level checks for overly broad CIDRs, required fields, protocol/port mismatches, and common policy violations, then returns findings and fixes.

Can it enforce organizational tagging policies?

Yes. It can include required tags in generated configurations and flag missing tags during validation.