naftiko: 1.0.0-alpha2 info: label: Amazon IAM API — Policies description: 'Amazon IAM API — Policies. 7 operations. Lead operation: Amazon IAM Attach a Managed Policy to a Role. Self-contained Naftiko capability covering one Amazon Iam business surface.' tags: - Amazon Iam - Policies created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: AMAZON_IAM_API_KEY: AMAZON_IAM_API_KEY capability: consumes: - type: http namespace: amazon-iam-policies baseUri: https://iam.amazonaws.com description: Amazon IAM API — Policies business capability. Self-contained, no shared references. resources: - name: ?Action=AttachRolePolicy path: /?Action=AttachRolePolicy operations: - name: attachrolepolicy method: GET description: Amazon IAM Attach a Managed Policy to a Role outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: RoleName in: query type: string description: The name of the role to attach the policy to. required: true - name: PolicyArn in: query type: string description: The ARN of the managed policy to attach. required: true - name: ?Action=AttachUserPolicy path: /?Action=AttachUserPolicy operations: - name: attachuserpolicy method: GET description: Amazon IAM Attach a Managed Policy to a User outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: UserName in: query type: string description: The name of the IAM user to attach the policy to. required: true - name: PolicyArn in: query type: string description: The ARN of the managed policy to attach. required: true - name: ?Action=CreatePolicy path: /?Action=CreatePolicy operations: - name: createpolicy method: GET description: Amazon IAM Create a New IAM Policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: PolicyName in: query type: string description: The name of the policy to create. required: true - name: PolicyDocument in: query type: string description: The JSON policy document. required: true - name: Path in: query type: string description: The path for the policy. - name: Description in: query type: string description: A description of the policy. - name: ?Action=DetachRolePolicy path: /?Action=DetachRolePolicy operations: - name: detachrolepolicy method: GET description: Amazon IAM Detach a Managed Policy from a Role outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: RoleName in: query type: string description: The name of the role to detach the policy from. required: true - name: PolicyArn in: query type: string description: The ARN of the managed policy to detach. required: true - name: ?Action=DetachUserPolicy path: /?Action=DetachUserPolicy operations: - name: detachuserpolicy method: GET description: Amazon IAM Detach a Managed Policy from a User outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: UserName in: query type: string description: The name of the IAM user to detach the policy from. required: true - name: PolicyArn in: query type: string description: The ARN of the managed policy to detach. required: true - name: ?Action=GetPolicy path: /?Action=GetPolicy operations: - name: getpolicy method: GET description: Amazon IAM Get Information About an IAM Policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: PolicyArn in: query type: string description: The ARN of the policy to retrieve. required: true - name: ?Action=ListPolicies path: /?Action=ListPolicies operations: - name: listpolicies method: GET description: Amazon IAM List IAM Policies outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: Scope in: query type: string description: Filter by scope (All, AWS, or Local). - name: OnlyAttached in: query type: boolean description: Filter to only attached policies. - name: PathPrefix in: query type: string - name: Marker in: query type: string - name: MaxItems in: query type: integer authentication: type: apikey key: Authorization value: '{{env.AMAZON_IAM_API_KEY}}' placement: header exposes: - type: rest namespace: amazon-iam-policies-rest port: 8080 description: REST adapter for Amazon IAM API — Policies. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/action-attachrolepolicy name: action-attachrolepolicy description: REST surface for ?Action=AttachRolePolicy. operations: - method: GET name: attachrolepolicy description: Amazon IAM Attach a Managed Policy to a Role call: amazon-iam-policies.attachrolepolicy with: Action: rest.Action Version: rest.Version RoleName: rest.RoleName PolicyArn: rest.PolicyArn outputParameters: - type: object mapping: $. - path: /v1/action-attachuserpolicy name: action-attachuserpolicy description: REST surface for ?Action=AttachUserPolicy. operations: - method: GET name: attachuserpolicy description: Amazon IAM Attach a Managed Policy to a User call: amazon-iam-policies.attachuserpolicy with: Action: rest.Action Version: rest.Version UserName: rest.UserName PolicyArn: rest.PolicyArn outputParameters: - type: object mapping: $. - path: /v1/action-createpolicy name: action-createpolicy description: REST surface for ?Action=CreatePolicy. operations: - method: GET name: createpolicy description: Amazon IAM Create a New IAM Policy call: amazon-iam-policies.createpolicy with: Action: rest.Action Version: rest.Version PolicyName: rest.PolicyName PolicyDocument: rest.PolicyDocument Path: rest.Path Description: rest.Description outputParameters: - type: object mapping: $. - path: /v1/action-detachrolepolicy name: action-detachrolepolicy description: REST surface for ?Action=DetachRolePolicy. operations: - method: GET name: detachrolepolicy description: Amazon IAM Detach a Managed Policy from a Role call: amazon-iam-policies.detachrolepolicy with: Action: rest.Action Version: rest.Version RoleName: rest.RoleName PolicyArn: rest.PolicyArn outputParameters: - type: object mapping: $. - path: /v1/action-detachuserpolicy name: action-detachuserpolicy description: REST surface for ?Action=DetachUserPolicy. operations: - method: GET name: detachuserpolicy description: Amazon IAM Detach a Managed Policy from a User call: amazon-iam-policies.detachuserpolicy with: Action: rest.Action Version: rest.Version UserName: rest.UserName PolicyArn: rest.PolicyArn outputParameters: - type: object mapping: $. - path: /v1/action-getpolicy name: action-getpolicy description: REST surface for ?Action=GetPolicy. operations: - method: GET name: getpolicy description: Amazon IAM Get Information About an IAM Policy call: amazon-iam-policies.getpolicy with: Action: rest.Action Version: rest.Version PolicyArn: rest.PolicyArn outputParameters: - type: object mapping: $. - path: /v1/action-listpolicies name: action-listpolicies description: REST surface for ?Action=ListPolicies. operations: - method: GET name: listpolicies description: Amazon IAM List IAM Policies call: amazon-iam-policies.listpolicies with: Action: rest.Action Version: rest.Version Scope: rest.Scope OnlyAttached: rest.OnlyAttached PathPrefix: rest.PathPrefix Marker: rest.Marker MaxItems: rest.MaxItems outputParameters: - type: object mapping: $. - type: mcp namespace: amazon-iam-policies-mcp port: 9090 transport: http description: MCP adapter for Amazon IAM API — Policies. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: amazon-iam-attach-managed-policy description: Amazon IAM Attach a Managed Policy to a Role hints: readOnly: true destructive: false idempotent: true call: amazon-iam-policies.attachrolepolicy with: Action: tools.Action Version: tools.Version RoleName: tools.RoleName PolicyArn: tools.PolicyArn outputParameters: - type: object mapping: $. - name: amazon-iam-attach-managed-policy-2 description: Amazon IAM Attach a Managed Policy to a User hints: readOnly: true destructive: false idempotent: true call: amazon-iam-policies.attachuserpolicy with: Action: tools.Action Version: tools.Version UserName: tools.UserName PolicyArn: tools.PolicyArn outputParameters: - type: object mapping: $. - name: amazon-iam-create-new-iam description: Amazon IAM Create a New IAM Policy hints: readOnly: true destructive: false idempotent: true call: amazon-iam-policies.createpolicy with: Action: tools.Action Version: tools.Version PolicyName: tools.PolicyName PolicyDocument: tools.PolicyDocument Path: tools.Path Description: tools.Description outputParameters: - type: object mapping: $. - name: amazon-iam-detach-managed-policy description: Amazon IAM Detach a Managed Policy from a Role hints: readOnly: true destructive: false idempotent: true call: amazon-iam-policies.detachrolepolicy with: Action: tools.Action Version: tools.Version RoleName: tools.RoleName PolicyArn: tools.PolicyArn outputParameters: - type: object mapping: $. - name: amazon-iam-detach-managed-policy-2 description: Amazon IAM Detach a Managed Policy from a User hints: readOnly: true destructive: false idempotent: true call: amazon-iam-policies.detachuserpolicy with: Action: tools.Action Version: tools.Version UserName: tools.UserName PolicyArn: tools.PolicyArn outputParameters: - type: object mapping: $. - name: amazon-iam-get-information-about description: Amazon IAM Get Information About an IAM Policy hints: readOnly: true destructive: false idempotent: true call: amazon-iam-policies.getpolicy with: Action: tools.Action Version: tools.Version PolicyArn: tools.PolicyArn outputParameters: - type: object mapping: $. - name: amazon-iam-list-iam-policies description: Amazon IAM List IAM Policies hints: readOnly: true destructive: false idempotent: true call: amazon-iam-policies.listpolicies with: Action: tools.Action Version: tools.Version Scope: tools.Scope OnlyAttached: tools.OnlyAttached PathPrefix: tools.PathPrefix Marker: tools.Marker MaxItems: tools.MaxItems outputParameters: - type: object mapping: $.