Skip to main content
Glama
deenesjakoruzh
tarnover

MCP SysOperator

by tarnover
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

aws_iam

Manage AWS IAM roles and policies directly from the MCP SysOperator server by listing, creating, or deleting roles and policies in specified regions.

Instructions

Manage AWS IAM roles and policies

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
actionYes
assumeRolePolicyDocumentNo
managedPoliciesNo
nameNo
pathNo
policyDocumentNo
policyNameNo
regionYes
roleNameNo

Implementation Reference

  • src/sysoperator/operations/aws.ts:519-641 (handler)
    Handler function that generates and executes Ansible playbooks for AWS IAM operations based on the specified action (list_roles, list_policies, create_role, create_policy, delete_role, delete_policy).
    export async function iamOperations(args: IAMOptions): Promise<string> { await verifyAwsCredentials(); const { action, region, policyName, policyDocument, path, roleName, assumeRolePolicyDocument, managedPolicies } = args; const tempFiles: { filename: string, content: string }[] = []; let policyDocParam = ''; let assumeRoleDocParam = ''; if (policyDocument) { const policyFilename = 'policy.json'; tempFiles.push({ filename: policyFilename, content: JSON.stringify(policyDocument, null, 2) }); policyDocParam = `policy_document: "{{ lookup('file', '${policyFilename}') }}"`; } if (assumeRolePolicyDocument) { const assumeRoleFilename = 'assume_role_policy.json'; tempFiles.push({ filename: assumeRoleFilename, content: JSON.stringify(assumeRolePolicyDocument, null, 2) }); assumeRoleDocParam = `assume_role_policy_document: "{{ lookup('file', '${assumeRoleFilename}') }}"`; } let playbookContent = `--- - name: AWS IAM ${action} operation hosts: localhost connection: local gather_facts: no tasks:`; switch (action) { case 'list_roles': playbookContent += ` - name: List IAM roles amazon.aws.iam_role_info: region: "${region}" register: iam_roles - name: Display roles debug: var: iam_roles.iam_roles`; break; case 'list_policies': playbookContent += ` - name: List IAM policies amazon.aws.iam_policy_info: region: "${region}" register: iam_policies - name: Display policies debug: var: iam_policies.policies`; break; case 'create_role': playbookContent += ` - name: Create IAM role amazon.aws.iam_role: region: "${region}" name: "${roleName}" ${assumeRoleDocParam} state: present ${formatYamlParams({ path, managed_policies: managedPolicies })} register: iam_result - name: Display role details debug: var: iam_result`; break; case 'create_policy': playbookContent += ` - name: Create IAM policy amazon.aws.iam_policy: region: "${region}" policy_name: "${policyName}" ${policyDocParam} state: present ${formatYamlParams({ path })} register: iam_result - name: Display policy details debug: var: iam_result`; break; case 'delete_role': playbookContent += ` - name: Delete IAM role amazon.aws.iam_role: region: "${region}" name: "${roleName}" state: absent register: iam_role_delete - name: Display deletion result debug: var: iam_role_delete`; break; case 'delete_policy': playbookContent += ` - name: Delete IAM policy amazon.aws.iam_policy: region: "${region}" policy_name: "${policyName}" state: absent register: iam_policy_delete - name: Display deletion result debug: var: iam_policy_delete`; break; default: throw new AnsibleError(`Unsupported IAM action: ${action}`); } // Execute the generated playbook, passing policy docs if needed return executeAwsPlaybook(`iam-${action}`, playbookContent, '', tempFiles); }
  • src/sysoperator/common/types.ts:102-116 (schema)
    Zod schema definition for aws_iam tool inputs, including action enum and parameters like region, roleName, policyName, etc.
    // AWS IAM Schema export const IAMSchema = z.object({ action: IAMActionEnum, region: z.string().min(1, 'AWS region is required'), name: z.string().optional(), roleName: z.string().optional(), policyName: z.string().optional(), policyDocument: z.any().optional(), assumeRolePolicyDocument: z.any().optional(), path: z.string().optional(), managedPolicies: z.array(z.string()).optional() }); export type IAMOptions = z.infer<typeof IAMSchema>;
  • src/sysoperator/index.ts:111-115 (registration)
    Registration of the aws_iam tool in the toolDefinitions map, linking to its schema and handler.
    aws_iam: { description: 'Manage AWS IAM roles and policies', schema: aws.IAMSchema, handler: aws.iamOperations, },
  • src/sysoperator/common/types.ts:20-21 (schema)
    Enum for IAM actions used in IAMSchema.
    export const IAMActionEnum = z.enum(['list_roles', 'list_policies', 'create_role', 'create_policy', 'delete_role', 'delete_policy']); export type IAMAction = z.infer<typeof IAMActionEnum>;

This server cannot be installed

Other Tools

Related Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/tarnover/mcp-sysoperator'

If you have feedback or need assistance with the MCP directory API, please join our Discord server