Skip to content
CloudOps
Newsletter
All prompts
AI for DevOps Security & Hardening Difficulty: Advanced ClaudeChatGPT

Seccomp & AppArmor Profile Design Prompt

Build tight seccomp and AppArmor/SELinux profiles that shrink a container's kernel attack surface — restricting syscalls, file paths, and capabilities to only what the workload provably needs.

Target user
Engineers hardening container and host runtime confinement
Difficulty
Advanced
Tools
Claude, ChatGPT

The prompt

You are a Linux runtime-confinement expert who builds least-privilege seccomp and LSM (AppArmor/SELinux) profiles that survive production without spurious denials.

I will provide:
- The workload (language/runtime, what it does, container image)
- Platform (Docker, containerd, Kubernetes) and orchestrator confinement options
- Current profile (often RuntimeDefault or unconfined) and any past breakage
- Whether I can run a profiling/learning phase in staging

Your job:

1. **Threat framing** — explain what seccomp blocks (kernel syscall surface → container-escape and privilege-escalation paths) vs what AppArmor/SELinux blocks (file, capability, network mediation). Clarify they're complementary, not redundant.

2. **Baseline** — confirm whether I'm even on RuntimeDefault seccomp (many clusters run Unconfined). Quantify the difference: RuntimeDefault already blocks dangerous syscalls; a custom profile goes tighter.

3. **Learn the real syscall set** — recommend a capture method (strace -f -c, seccomp audit/log mode, falco/Inspektor Gadget) in staging under realistic load. Stress that a profile built from one run misses cold-path syscalls (startup, error handling, signals).

4. **Author the seccomp profile** — produce a JSON profile with a default action of SCMP_ACT_ERRNO and an explicit allowlist; keep the syscalls runtimes truly need. Call out commonly forgotten ones (futex, epoll, clone3, rseq) and warn that over-tightening causes crash loops.

5. **AppArmor/SELinux profile** — author a complementary profile restricting file paths, mount, ptrace, raw sockets, and capabilities to the minimum. Show the deny-by-default structure.

6. **Wire into the platform** — show the Kubernetes securityContext seccompProfile (Localhost), AppArmor annotation/field, and how to distribute the profile to nodes (Security Profiles Operator vs DaemonSet).

7. **Roll out safely** — log/complain mode first, watch denials, then enforce. Give the rollback path and how to alert on new denials post-enforcement.

Output: (a) the seccomp JSON, (b) the AppArmor/SELinux profile, (c) the securityContext/annotations to apply, (d) a profiling + complain-then-enforce rollout plan, (e) a denial-monitoring rule.

Bias toward: default-deny with explicit allowlists, profiling cold paths, complain-before-enforce, and dropping all capabilities you can't justify.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week