implementing-zero-trust-in-cloud

Featured

This skill guides organizations through implementing zero trust architecture in cloud environments following NIST SP 800-207 and Google BeyondCorp principles. It covers identity-centric access controls, micro-segmentation, continuous verification, device trust assessment, and deploying Identity-Aware Proxy to eliminate implicit network trust in AWS, Azure, and GCP environments.

DevOps & Infrastructure 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Zero Trust in Cloud ## When to Use - When migrating from traditional perimeter-based security to identity-centric access controls - When eliminating VPN dependencies for remote workforce access to cloud applications - When implementing continuous verification for every access request regardless of network location - When designing micro-segmentation strategies for multi-cloud workloads - When regulatory requirements mandate zero trust architecture adoption (federal mandates, NIST guidelines) **Do not use** for simple VPN replacement without broader architectural changes, for network firewall rule management alone (see implementing-cloud-network-segmentation), or for identity provider initial setup (see managing-cloud-identity-with-okta). ## Prerequisites - Identity provider capable of OIDC/SAML integration (Okta, Azure AD, Google Workspace) - Device management solution for endpoint trust assessment (Intune, Jamf, Google Endpoint Verification) - Cloud workloads accessible via HTTPS with load balancer or reverse proxy infrastructure - SIEM platform for continuous monitoring of access decisions and anomaly detection ## Workflow ### Step 1: Define Zero Trust Principles and Architecture Establish the core principles following NIST SP 800-207: never trust, always verify. Every access request must be authenticated, authorized, and encrypted regardless of origin. ``` Zero Trust Architecture Components: +---------------------------------------------------------...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Google Cloud · Cloud Azure · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

implementing-zero-trust-network-access

Implementing Zero Trust Network Access (ZTNA) in cloud environments by configuring identity-aware proxies, micro-segmentation, continuous verification with conditional access policies, and replacing traditional VPN-based access with BeyondCorp-style architectures across AWS, Azure, and GCP.

12,642 Updated today
mukul975
AI & Automation Featured

implementing-identity-verification-for-zero-trust

Implement continuous identity verification for zero trust using phishing-resistant MFA (FIDO2/WebAuthn), risk-based conditional access, and identity governance aligned with the CISA Zero Trust Maturity Model.

12,642 Updated today
mukul975
AI & Automation Featured

implementing-zero-trust-with-beyondcorp

Deploy Google BeyondCorp Enterprise zero trust access controls using Identity-Aware Proxy (IAP), context-aware access policies, device trust validation, and Access Context Manager to enforce identity and posture-based access to GCP resources and internal applications.

12,642 Updated today
mukul975
AI & Automation Featured

implementing-beyondcorp-zero-trust-access-model

Implementing Google's BeyondCorp zero trust access model to eliminate implicit trust from the network perimeter, enforce identity-aware access controls using IAP, Access Context Manager, and Chrome Enterprise Premium for VPN-less secure application access.

12,642 Updated today
mukul975
AI & Automation Featured

implementing-zero-trust-for-saas-applications

Implementing zero trust access controls for SaaS applications using CASB, SSPM, conditional access policies, OAuth app governance, and session controls to enforce identity verification, device compliance, and data protection for cloud-hosted services.

12,642 Updated today
mukul975