A user exists in Sendak. We then assume that they have:
aws MFA device(s)
aws IAM username/password credentials
aws IAM access keys
ssh keypairs
a github account
with access/membership to the 18F organisation/repos
when running aws iam delete-user in the shell, we get an error message about having to delete the profile of the user before "deleting the user." It's not clear what this means in terms of API hooks, but probably it is best to determine what identity assets the user has, and then deleting those (caveat: we can't really know which ssh keys they have on the hosts they have access to, and that has to be a manual process), and then when that is finished, issuing the delete-user call.
Overview:
A user exists in Sendak. We then assume that they have:
when running
aws iam delete-user
in the shell, we get an error message about having to delete the profile of the user before "deleting the user." It's not clear what this means in terms of API hooks, but probably it is best to determine what identity assets the user has, and then deleting those (caveat: we can't really know which ssh keys they have on the hosts they have access to, and that has to be a manual process), and then when that is finished, issuing the delete-user call.arguments
produces
syntax
sendak offboard-user --arn arn:aws:iam::145555225555:user/JaneRoe
sendak offboard-user --user-name JaneRoe