Google Cloud Security Architecture Advisor

This skill evaluates a cloud workload based on the Security pillar of the Google Cloud Well-Architected Framework (WAF) and produces actionable security recommendations. It analyzes the workload across seven core principles: security by design, zero trust, shift-left, preventive cyber defense, AI security, and compliance/privacy.

What it does? It identifies the IAM, network security, data protection, and operational security requirements of your workload; scores each principle on a 0-4 maturity scale; and produces a prioritized action list and a verification checklist. It provides concrete mappings to relevant Google Cloud products such as Cloud Armor, VPC Service Controls, Binary Authorization, Cloud KMS, IAP, Security Command Center, and Google SecOps.

When to use it? When auditing a new architecture in the design phase, when preparing a production workload for a PCI-DSS / KVKK / ISO 27001 audit, when prioritizing security vulnerabilities, or when you want to measure the security maturity of an existing setup.

Output: A structured Markdown report containing a maturity scorecard (table), prioritized actions, executable gcloud / Terraform / YAML code blocks, and a verification checklist. The report relates findings to real Google Cloud products and features, offering guidance that architecture teams can apply immediately.