Stats
Actions
Tags
From aws-skills-for-claude-code
Manages AWS IAM users, roles, groups, policies, and access keys via AWS CLI and boto3. Activates for listing users, creating roles, attaching policies, managing keys, or simulating permissions.
How this skill is triggered — by the user, by Claude, or both
Slash command
/aws-skills-for-claude-code:aws-iamThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- "IAM 사용자 목록 보여줘" / "Show IAM users"
# List users / 사용자 목록
aws iam list-users
# Get user details / 사용자 상세정보
aws iam get-user --user-name <USERNAME>
# Create user / 사용자 생성
aws iam create-user --user-name <USERNAME>
# Delete user / 사용자 삭제
aws iam delete-user --user-name <USERNAME>
import boto3
iam = boto3.client('iam')
# List users / 사용자 목록
iam.list_users()
# Get user details / 사용자 상세정보
iam.get_user(UserName='username')
# Create user / 사용자 생성
iam.create_user(UserName='username')
# List roles / 역할 목록
aws iam list-roles
# Create role with trust policy / 신뢰 정책으로 역할 생성
aws iam create-role --role-name <ROLE_NAME> \
--assume-role-policy-document file://trust-policy.json
import json
# Create role / 역할 생성
trust_policy = {
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {"Service": "lambda.amazonaws.com"},
"Action": "sts:AssumeRole"
}]
}
iam.create_role(
RoleName='my-role',
AssumeRolePolicyDocument=json.dumps(trust_policy)
)
# List customer policies / 고객 관리형 정책 목록
aws iam list-policies --scope Local
# Get policy document / 정책 문서 조회
aws iam get-policy-version --policy-arn <ARN> --version-id v1
# Attach policy to user / 사용자에 정책 연결
aws iam attach-user-policy --user-name <USER> --policy-arn <ARN>
# Attach policy to role / 역할에 정책 연결
aws iam attach-role-policy --role-name <ROLE> --policy-arn <ARN>
# Attach managed policy / 관리형 정책 연결
iam.attach_user_policy(UserName='user', PolicyArn='arn:aws:iam::aws:policy/ReadOnlyAccess')
iam.attach_role_policy(RoleName='role', PolicyArn='arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess')
# Put inline policy / 인라인 정책 추가
iam.put_user_policy(UserName='user', PolicyName='my-policy', PolicyDocument=json.dumps(policy_doc))
aws iam list-groups
aws iam create-group --group-name <GROUP>
aws iam add-user-to-group --group-name <GROUP> --user-name <USER>
aws iam attach-group-policy --group-name <GROUP> --policy-arn <ARN>
aws iam create-access-key --user-name <USER>
aws iam delete-access-key --user-name <USER> --access-key-id <KEY_ID>
# Check if a principal can perform actions / 주체가 작업을 수행할 수 있는지 확인
iam.simulate_principal_policy(
PolicySourceArn='arn:aws:iam::123456789012:user/testuser',
ActionNames=['s3:GetObject', 's3:PutObject'],
ResourceArns=['arn:aws:s3:::my-bucket/*']
)
--query with CLI for filtered output / CLI에서 --query로 필터링된 출력 사용npx claudepluginhub whchoi98/aws-skills-for-claude-code --plugin aws-skills-for-claude-codeCorrects AI mistakes on AWS IAM pitfalls: policy evaluation edge cases, STS session limits, Organizations quirks, SAML/MFA specifics. Use when working with IAM roles, policies, STS, Organizations.
Reviews and hardens AWS IAM policies for least privilege, detects wildcard actions, inline policies, MFA status, and old access keys via AWS CLI scripts.
Hardens AWS IAM configurations to enforce least privilege access via policy scoping, permission boundaries, Access Analyzer integration, and credential rotation. Useful for audits, new accounts, and fixing permissive policies.