generated: '2026-07-15' method: generated source: openapi/amazon-iam-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 25 by_action_class: connected: 25 by_consequence: read: 25 human_in_the_loop_required: 0 operations: - path: /?Action=CreateUser method: get operationId: CreateUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=GetUser method: get operationId: GetUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=ListUsers method: get operationId: ListUsers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=UpdateUser method: get operationId: UpdateUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=DeleteUser method: get operationId: DeleteUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=CreateRole method: get operationId: CreateRole x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=GetRole method: get operationId: GetRole x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=ListRoles method: get operationId: ListRoles x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=DeleteRole method: get operationId: DeleteRole x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=AssumeRole method: get operationId: AssumeRole x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=CreatePolicy method: get operationId: CreatePolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=GetPolicy method: get operationId: GetPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=ListPolicies method: get operationId: ListPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=AttachUserPolicy method: get operationId: AttachUserPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=AttachRolePolicy method: get operationId: AttachRolePolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=DetachUserPolicy method: get operationId: DetachUserPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=DetachRolePolicy method: get operationId: DetachRolePolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=CreateGroup method: get operationId: CreateGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=GetGroup method: get operationId: GetGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=ListGroups method: get operationId: ListGroups x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=AddUserToGroup method: get operationId: AddUserToGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=RemoveUserFromGroup method: get operationId: RemoveUserFromGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=CreateAccessKey method: get operationId: CreateAccessKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=ListAccessKeys method: get operationId: ListAccessKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /?Action=DeleteAccessKey method: get operationId: DeleteAccessKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none