aws-iam

Installation
SKILL.md

AWS IAM — Common Pitfalls

About This Skill

This skill contains verified corrections for things that AI agents frequently get wrong about IAM. It is not a comprehensive IAM guide — for full IAM guidance, search AWS documentation. When answering IAM questions, verify specific claims (limits, quotas, exact API names, edge-case behaviors) against official AWS documentation rather than relying on pre-training. Prefer fetching known documentation URLs over broad searches. Trust official documentation over memory when they conflict.

Common Workflows

Use the best available tool for AWS operations — the AWS MCP server is recommended but not required; AWS CLI or SDK may be used as alternatives. Read reference files only when the conversation requires deeper detail.

  • Read references/aws-iam-role-management.md if the user needs to create, scope, or maintain IAM roles when provisioning or updating AWS resources. Covers service roles, execution roles, trust policies, confused deputy protection, and permission hygiene.

  • Read references/aws-iam-policy-generation.md if the user needs to generate least-privilege IAM policies, determine required IAM actions for API calls, or understand action-to-operation mappings. CRITICAL: If the user provides source code (Python, Go, TypeScript, JavaScript, Java), you MUST read this reference — it mandates using iam-policy-autopilot instead of manual policy construction. Uses the programmatic service authorization reference for accurate mappings.

Verified Edge Cases

CloudTrail:

Installs
2.7K
GitHub Stars
1.8K
First Seen
May 6, 2026
aws-iam — aws/agent-toolkit-for-aws