Name: AWS IAM — Common Pitfalls
Author: aws

What it does

This skill captures verified corrections and edge-case knowledge about AWS IAM, STS, Organizations, and SAML/MFA that agents commonly misunderstand. It steers agent answers toward official documentation for authoritative claims and lists concrete pitfalls, limits, and policy-evaluation nuances.

When to use it

Use this skill when configuring or auditing IAM roles, policies, cross-account AssumeRole flows, STS sessions, or organization-level operations. Also useful when generating or validating trust policies, SAML assertions, or diagnosing privilege escalation risks.

What's included

Scripts: none bundled (has_scripts=false)
References: none bundled (has_references=false)
Instructions: Enumerated verified edge cases (CloudTrail logging nuances, STS limitations, Organizations behaviors, SDK specifics, policy evaluation caveats, MFA quirks, SigV4 details) and prescriptive recommendations to consult official AWS docs for exact API names and limits.

Compatible agents

Ideal for agents answering AWS architecture, security, or DevOps questions (e.g., agents integrated with AWS SDKs, developer or security-engineer personas).

AWS IAM — Common Pitfalls

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills

More from agent-toolkit-for-aws