Stats
Actions
Tags
From harumi-devops-plugin
Create a new IAM developer or admin user in the Harumi infrastructure repo. Generates Terraform files, registers the module, and runs terraform plan. Use when: user wants to add a new AWS developer, admin, or contributor.
How this skill is triggered — by the user, by Claude, or both
Slash command
/harumi-devops-plugin:create-iam-userThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Create a new IAM user by generating Terraform files and registering the module.
Create a new IAM user by generating Terraform files and registering the module.
Ask for these if not provided:
From the full name, derive:
user_name: lowercase, dot-separated (e.g., joao.silva)directory_name: lowercase, hyphen-separated (e.g., joao-silva)module_suffix: lowercase, underscore-separated (e.g., joao_silva)module_label: same as module_suffix — used inside the user directory's main.tf (e.g., module "joao_silva")Handle accented characters by removing accents (e.g., "João" → "joao").
Follow these steps exactly. Do not skip or reorder.
Check that iam/users/{directory_name}/ does not already exist. If it does, report the conflict and stop.
Create iam/users/{directory_name}/ with three files:
main.tf:
module "{module_label}" {
source = "../../../modules/iam-developer-user"
user_name = "{user_name}"
groups = [{group_list}]
}
Where {group_list} depends on the group choice:
var.developers_group_namevar.admin_group_namevar.contributors_group_namevar.developers_group_name, var.admin_group_namevariables.tf:
Declare only the variables needed for the chosen group(s):
variable "developers_group_name" {
description = "Name of the developers IAM group"
type = string
}
Repeat for admin_group_name and/or contributors_group_name as needed.
outputs.tf:
output "user_name" {
value = module.{module_label}.user_name
}
output "user_arn" {
value = module.{module_label}.user_arn
}
output "user_unique_id" {
value = module.{module_label}.user_unique_id
}
Add a module block to iam/main.tf under the appropriate section comment (## Developer Users, ## Admin Users, or both):
module "iam_users_{module_suffix}" {
source = "./users/{directory_name}"
developers_group_name = module.iam_groups_developers.group_name
}
Pass only the group variables that match the chosen group(s):
developers_group_name = module.iam_groups_developers.group_nameadmin_group_name = module.iam_groups_admin.group_namecontributors_group_name = module.iam_groups_contributors.group_namePlace the module block in the correct section based on the primary group. Follow the existing ordering pattern in the file.
cd iam && terraform validate
cd iam && terraform plan -var-file=prod.tfvars
Configuration ready for apply!
Execute: cd iam && terraform apply -var-file=prod.tfvars
Changes: New IAM user {user_name} in {group} group
Verification: aws iam get-user --user-name {user_name}
Remind the user to also create VPN credentials if needed: "Run /create-vpn-creds to generate VPN access for this user."
npx claudepluginhub harumi-io/harumi-devops-plugin --plugin harumi-devops-pluginCreates or extends reusable Terraform modules with standard structure including variables.tf, outputs.tf, resource-per-file, versions.tf, and README docs. Use for new infrastructure modules or refactoring inline resources.
Manages AWS IAM users, roles, groups, policies, and access keys via AWS CLI and boto3. Activates for listing users, creating roles, attaching policies, managing keys, or simulating permissions.
Provides Terraform coding conventions and best practices for resource naming, file organization, variable definitions, locals, data sources, and AWS-specific IAM roles and policies.