If you're running Elastic Cloud Serverless projects and need to lock down network access, this handles IP allowlisting and AWS PrivateLink VPC endpoint restrictions. It's part of Elastic's agent-skills suite and assumes you've already got cloud-setup running with your EC_API_KEY in place. The skill is focused solely on network security policies, so you'll need cloud-manage-project for broader day-2 operations and cloud-access-management for IAM stuff. It's a narrow tool that does one thing: manages who can reach your Elastic deployment at the network layer. Over 500 installs and it's passed security audits from Gen Agent Trust Hub, Socket, and Snyk, which matters when you're dealing with production security controls.
npx skills add https://github.com/elastic/agent-skills --skill cloud-network-security