Stats
Actions
Tags
From tigris-storage
Use when managing IAM policies, users, and permissions in a Tigris organization
How this skill is triggered — by the user, by Claude, or both
Slash command
/tigris-storage:tigris-iamThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Policies define permissions for access keys using AWS IAM-compatible JSON documents.
Policies define permissions for access keys using AWS IAM-compatible JSON documents.
tigris iam policies list (alias: l)List all policies in the current organization.
tigris iam policies list
tigris iam policies list --json
| Flag | Alias | Description | Default |
|---|---|---|---|
--format | -f | Output format (json, table, xml) | table |
--json | Output as JSON |
tigris iam policies get [arn] (alias: g)Show details for a policy including its document and attached users. If no ARN is provided, shows interactive selection.
tigris iam policies get
tigris iam policies get arn:aws:iam::org_id:policy/my-policy
tigris iam policies get --json
| Flag | Alias | Description | Default |
|---|---|---|---|
--format | -f | Output format (json, table, xml) | table |
--json | Output as JSON |
tigris iam policies create <name> (alias: c)Create a new policy with a name and policy document. The document can be provided via file path, inline JSON, or stdin.
tigris iam policies create my-policy --document policy.json
tigris iam policies create my-policy --document '{"Version":"2012-10-17","Statement":[...]}'
cat policy.json | tigris iam policies create my-policy
| Flag | Alias | Description |
|---|---|---|
--document | -d | Policy document (JSON file path or inline JSON). Reads from stdin if omitted |
--description | Policy description |
tigris iam policies edit [arn] (alias: e)Update an existing policy's document. If no ARN is provided, shows interactive selection.
tigris iam policies edit --document policy.json
tigris iam policies edit arn:aws:iam::org_id:policy/my-policy --document policy.json
cat policy.json | tigris iam policies edit arn:aws:iam::org_id:policy/my-policy
| Flag | Alias | Description |
|---|---|---|
--document | -d | New policy document (JSON file path or inline JSON). Reads from stdin if omitted |
--description | Update policy description |
tigris iam policies delete [arn] (alias: d)Delete a policy. If no ARN is provided, shows interactive selection.
tigris iam policies delete
tigris iam policies delete arn:aws:iam::org_id:policy/my-policy --force
| Flag | Description |
|---|---|
--force | Skip confirmation prompt |
Policies use AWS IAM JSON format:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetObject"],
"Resource": ["arn:aws:s3:::my-bucket/*"]
}
]
}
Read-only access to a bucket:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetObject", "s3:ListBucket"],
"Resource": ["arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*"]
}
]
}
Write to a specific prefix:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Resource": ["arn:aws:s3:::my-bucket/uploads/*"]
}
]
}
Full bucket admin:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:*"],
"Resource": ["arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*"]
}
]
}
Manage organization members and invitations.
tigris iam users list (alias: l)List all users and pending invitations in the organization.
tigris iam users list
tigris iam users list --json
| Flag | Alias | Description | Default |
|---|---|---|---|
--format | -f | Output format (json, table, xml) | table |
--json | Output as JSON |
tigris iam users invite <email> (alias: i)Invite users to the organization by email. Comma-separate for bulk invitations.
tigris iam users invite [email protected]
tigris iam users invite [email protected] --role admin
tigris iam users invite [email protected],[email protected]
| Flag | Alias | Description | Default |
|---|---|---|---|
--role | -r | Role to assign (admin, member) | member |
tigris iam users revoke-invitation [id] (alias: ri)Revoke pending invitations. If no invitation ID is provided, shows interactive selection. Comma-separate for multiple.
tigris iam users revoke-invitation
tigris iam users revoke-invitation invitation_id --force
tigris iam users revoke-invitation id1,id2,id3 --force
| Flag | Description |
|---|---|
--force | Skip confirmation prompt |
tigris iam users update-role [id] (alias: ur)Update user roles in the organization. If no user ID is provided, shows interactive selection. Comma-separate for multiple users.
tigris iam users update-role --role admin
tigris iam users update-role user_id --role member
tigris iam users update-role id1,id2 --role admin
tigris iam users update-role id1,id2 --role admin,member
| Flag | Alias | Description |
|---|---|---|
--role | -r | Role(s) to assign (admin, member), comma-separated. Each role pairs with the corresponding user ID. If one role is given, it applies to all users |
tigris iam users remove [id] (alias: rm)Remove users from the organization. If no user ID is provided, shows interactive selection. Comma-separate for multiple.
tigris iam users remove
tigris iam users remove [email protected] --force
tigris iam users remove [email protected],[email protected] --force
| Flag | Description |
|---|---|
--force | Skip confirmation prompt |
| Role | Description |
|---|---|
admin | Full access to all organization resources and settings |
member | Limited access — can use buckets and objects but cannot manage organization settings |
Provides UI/UX resources: 50+ styles, color palettes, font pairings, guidelines, charts for web/mobile across React, Next.js, Vue, Svelte, Tailwind, React Native, Flutter. Aids planning, building, reviewing interfaces.
Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.
npx claudepluginhub tigrisdata/tigris-agents-plugins --plugin tigris-storage