offboard-user

[janearc]

Overview:

A user exists in Sendak. We then assume that they have:

• aws MFA device(s)
• aws IAM username/password credentials
• aws IAM access keys
• ssh keypairs
• a github account
  • with access/membership to the 18F organisation/repos

when running aws iam delete-user in the shell, we get an error message about having to delete the profile of the user before "deleting the user." It's not clear what this means in terms of API hooks, but probably it is best to determine what identity assets the user has, and then deleting those (caveat: we can't really know which ssh keys they have on the hosts they have access to, and that has to be a manual process), and then when that is finished, issuing the delete-user call.

arguments

• username or ARN

  produces

• the transaction id returned from amazon

  syntax

• sendak offboard-user --arn arn:aws:iam::145555225555:user/JaneRoe
• sendak offboard-user --user-name JaneRoe

[NoahKunin]

Leave GitHub account out of scope for now and focus on the other bullets. We'll have a separate issue for GitHub removal.