naftiko: 1.0.0-alpha2 info: label: Amazon IAM API — Roles description: 'Amazon IAM API — Roles. 5 operations. Lead operation: Amazon IAM Assume an IAM Role. Self-contained Naftiko capability covering one Amazon Iam business surface.' tags: - Amazon Iam - Roles created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: AMAZON_IAM_API_KEY: AMAZON_IAM_API_KEY capability: consumes: - type: http namespace: amazon-iam-roles baseUri: https://iam.amazonaws.com description: Amazon IAM API — Roles business capability. Self-contained, no shared references. resources: - name: ?Action=AssumeRole path: /?Action=AssumeRole operations: - name: assumerole method: GET description: Amazon IAM Assume an IAM Role outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: RoleArn in: query type: string description: The ARN of the role to assume. required: true - name: RoleSessionName in: query type: string description: An identifier for the assumed role session. required: true - name: DurationSeconds in: query type: integer description: Duration of the role session in seconds. - name: ExternalId in: query type: string description: A unique identifier used by third parties. - name: ?Action=CreateRole path: /?Action=CreateRole operations: - name: createrole method: GET description: Amazon IAM Create a New IAM Role outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: RoleName in: query type: string description: The name of the role to create. required: true - name: AssumeRolePolicyDocument in: query type: string description: The trust relationship policy document (JSON). required: true - name: Path in: query type: string description: The path to the role. - name: Description in: query type: string description: A description of the role. - name: MaxSessionDuration in: query type: integer description: Maximum session duration in seconds. - name: ?Action=DeleteRole path: /?Action=DeleteRole operations: - name: deleterole method: GET description: Amazon IAM Delete an IAM Role outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: RoleName in: query type: string description: The name of the role to delete. required: true - name: ?Action=GetRole path: /?Action=GetRole operations: - name: getrole method: GET description: Amazon IAM Get Information About an IAM Role outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: RoleName in: query type: string description: The name of the role to retrieve. required: true - name: ?Action=ListRoles path: /?Action=ListRoles operations: - name: listroles method: GET description: Amazon IAM List IAM Roles outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: Action in: query type: string required: true - name: Version in: query type: string required: true - name: PathPrefix in: query type: string description: The path prefix for filtering the results. - name: Marker in: query type: string - name: MaxItems in: query type: integer authentication: type: apikey key: Authorization value: '{{env.AMAZON_IAM_API_KEY}}' placement: header exposes: - type: rest namespace: amazon-iam-roles-rest port: 8080 description: REST adapter for Amazon IAM API — Roles. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/action-assumerole name: action-assumerole description: REST surface for ?Action=AssumeRole. operations: - method: GET name: assumerole description: Amazon IAM Assume an IAM Role call: amazon-iam-roles.assumerole with: Action: rest.Action Version: rest.Version RoleArn: rest.RoleArn RoleSessionName: rest.RoleSessionName DurationSeconds: rest.DurationSeconds ExternalId: rest.ExternalId outputParameters: - type: object mapping: $. - path: /v1/action-createrole name: action-createrole description: REST surface for ?Action=CreateRole. operations: - method: GET name: createrole description: Amazon IAM Create a New IAM Role call: amazon-iam-roles.createrole with: Action: rest.Action Version: rest.Version RoleName: rest.RoleName AssumeRolePolicyDocument: rest.AssumeRolePolicyDocument Path: rest.Path Description: rest.Description MaxSessionDuration: rest.MaxSessionDuration outputParameters: - type: object mapping: $. - path: /v1/action-deleterole name: action-deleterole description: REST surface for ?Action=DeleteRole. operations: - method: GET name: deleterole description: Amazon IAM Delete an IAM Role call: amazon-iam-roles.deleterole with: Action: rest.Action Version: rest.Version RoleName: rest.RoleName outputParameters: - type: object mapping: $. - path: /v1/action-getrole name: action-getrole description: REST surface for ?Action=GetRole. operations: - method: GET name: getrole description: Amazon IAM Get Information About an IAM Role call: amazon-iam-roles.getrole with: Action: rest.Action Version: rest.Version RoleName: rest.RoleName outputParameters: - type: object mapping: $. - path: /v1/action-listroles name: action-listroles description: REST surface for ?Action=ListRoles. operations: - method: GET name: listroles description: Amazon IAM List IAM Roles call: amazon-iam-roles.listroles with: Action: rest.Action Version: rest.Version PathPrefix: rest.PathPrefix Marker: rest.Marker MaxItems: rest.MaxItems outputParameters: - type: object mapping: $. - type: mcp namespace: amazon-iam-roles-mcp port: 9090 transport: http description: MCP adapter for Amazon IAM API — Roles. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: amazon-iam-assume-iam-role description: Amazon IAM Assume an IAM Role hints: readOnly: true destructive: false idempotent: true call: amazon-iam-roles.assumerole with: Action: tools.Action Version: tools.Version RoleArn: tools.RoleArn RoleSessionName: tools.RoleSessionName DurationSeconds: tools.DurationSeconds ExternalId: tools.ExternalId outputParameters: - type: object mapping: $. - name: amazon-iam-create-new-iam description: Amazon IAM Create a New IAM Role hints: readOnly: true destructive: false idempotent: true call: amazon-iam-roles.createrole with: Action: tools.Action Version: tools.Version RoleName: tools.RoleName AssumeRolePolicyDocument: tools.AssumeRolePolicyDocument Path: tools.Path Description: tools.Description MaxSessionDuration: tools.MaxSessionDuration outputParameters: - type: object mapping: $. - name: amazon-iam-delete-iam-role description: Amazon IAM Delete an IAM Role hints: readOnly: true destructive: false idempotent: true call: amazon-iam-roles.deleterole with: Action: tools.Action Version: tools.Version RoleName: tools.RoleName outputParameters: - type: object mapping: $. - name: amazon-iam-get-information-about description: Amazon IAM Get Information About an IAM Role hints: readOnly: true destructive: false idempotent: true call: amazon-iam-roles.getrole with: Action: tools.Action Version: tools.Version RoleName: tools.RoleName outputParameters: - type: object mapping: $. - name: amazon-iam-list-iam-roles description: Amazon IAM List IAM Roles hints: readOnly: true destructive: false idempotent: true call: amazon-iam-roles.listroles with: Action: tools.Action Version: tools.Version PathPrefix: tools.PathPrefix Marker: tools.Marker MaxItems: tools.MaxItems outputParameters: - type: object mapping: $.