naftiko: 1.0.0-alpha2 info: label: Exoscale API — security-group description: 'Exoscale API — security-group. 10 operations. Lead operation: Create a Security Group. Self-contained Naftiko capability covering one Exoscale business surface.' tags: - Exoscale - security-group created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: EXOSCALE_API_KEY: EXOSCALE_API_KEY capability: consumes: - type: http namespace: exoscale-security-group baseUri: https://api-{zone}.exoscale.com/v2 description: Exoscale API — security-group business capability. Self-contained, no shared references. resources: - name: security-group path: /security-group operations: - name: createsecuritygroup method: POST description: Create a Security Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: listsecuritygroups method: GET description: List Security Groups. outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: visibility in: query type: string - name: security-group-id path: /security-group/{id} operations: - name: getsecuritygroup method: GET description: Retrieve Security Group details outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: deletesecuritygroup method: DELETE description: Delete a Security Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: security-group-id-rules path: /security-group/{id}/rules operations: - name: addruletosecuritygroup method: POST description: Create a Security Group rule outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: security-group-id-rules-rule-id path: /security-group/{id}/rules/{rule-id} operations: - name: deleterulefromsecuritygroup method: DELETE description: Delete a Security Group rule outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: rule-id in: path type: string required: true - name: security-group-id}:add-source path: /security-group/{id}:add-source operations: - name: addexternalsourcetosecuritygroup method: PUT description: Add an external source as a member of a Security Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: security-group-id}:attach path: /security-group/{id}:attach operations: - name: attachinstancetosecuritygroup method: PUT description: Attach a Compute instance to a Security Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: security-group-id}:detach path: /security-group/{id}:detach operations: - name: detachinstancefromsecuritygroup method: PUT description: Detach a Compute instance from a Security Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true - name: security-group-id}:remove-source path: /security-group/{id}:remove-source operations: - name: removeexternalsourcefromsecuritygroup method: PUT description: Remove an external source from a Security Group outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: id in: path type: string required: true - name: body in: body type: object description: Request body (JSON). required: true exposes: - type: rest namespace: exoscale-security-group-rest port: 8080 description: REST adapter for Exoscale API — security-group. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/security-group name: security-group description: REST surface for security-group. operations: - method: POST name: createsecuritygroup description: Create a Security Group call: exoscale-security-group.createsecuritygroup with: body: rest.body outputParameters: - type: object mapping: $. - method: GET name: listsecuritygroups description: List Security Groups. call: exoscale-security-group.listsecuritygroups with: visibility: rest.visibility outputParameters: - type: object mapping: $. - path: /v1/security-group/{id} name: security-group-id description: REST surface for security-group-id. operations: - method: GET name: getsecuritygroup description: Retrieve Security Group details call: exoscale-security-group.getsecuritygroup with: id: rest.id outputParameters: - type: object mapping: $. - method: DELETE name: deletesecuritygroup description: Delete a Security Group call: exoscale-security-group.deletesecuritygroup with: id: rest.id outputParameters: - type: object mapping: $. - path: /v1/security-group/{id}/rules name: security-group-id-rules description: REST surface for security-group-id-rules. operations: - method: POST name: addruletosecuritygroup description: Create a Security Group rule call: exoscale-security-group.addruletosecuritygroup with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/security-group/{id}/rules/{rule-id} name: security-group-id-rules-rule-id description: REST surface for security-group-id-rules-rule-id. operations: - method: DELETE name: deleterulefromsecuritygroup description: Delete a Security Group rule call: exoscale-security-group.deleterulefromsecuritygroup with: id: rest.id rule-id: rest.rule-id outputParameters: - type: object mapping: $. - path: /v1/security-group/id-add-source name: security-group-id-add-source description: REST surface for security-group-id}:add-source. operations: - method: PUT name: addexternalsourcetosecuritygroup description: Add an external source as a member of a Security Group call: exoscale-security-group.addexternalsourcetosecuritygroup with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/security-group/id-attach name: security-group-id-attach description: REST surface for security-group-id}:attach. operations: - method: PUT name: attachinstancetosecuritygroup description: Attach a Compute instance to a Security Group call: exoscale-security-group.attachinstancetosecuritygroup with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/security-group/id-detach name: security-group-id-detach description: REST surface for security-group-id}:detach. operations: - method: PUT name: detachinstancefromsecuritygroup description: Detach a Compute instance from a Security Group call: exoscale-security-group.detachinstancefromsecuritygroup with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - path: /v1/security-group/id-remove-source name: security-group-id-remove-source description: REST surface for security-group-id}:remove-source. operations: - method: PUT name: removeexternalsourcefromsecuritygroup description: Remove an external source from a Security Group call: exoscale-security-group.removeexternalsourcefromsecuritygroup with: id: rest.id body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: exoscale-security-group-mcp port: 9090 transport: http description: MCP adapter for Exoscale API — security-group. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: create-security-group description: Create a Security Group hints: readOnly: false destructive: false idempotent: false call: exoscale-security-group.createsecuritygroup with: body: tools.body outputParameters: - type: object mapping: $. - name: list-security-groups description: List Security Groups. hints: readOnly: true destructive: false idempotent: true call: exoscale-security-group.listsecuritygroups with: visibility: tools.visibility outputParameters: - type: object mapping: $. - name: retrieve-security-group-details description: Retrieve Security Group details hints: readOnly: true destructive: false idempotent: true call: exoscale-security-group.getsecuritygroup with: id: tools.id outputParameters: - type: object mapping: $. - name: delete-security-group description: Delete a Security Group hints: readOnly: false destructive: true idempotent: true call: exoscale-security-group.deletesecuritygroup with: id: tools.id outputParameters: - type: object mapping: $. - name: create-security-group-rule description: Create a Security Group rule hints: readOnly: false destructive: false idempotent: false call: exoscale-security-group.addruletosecuritygroup with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: delete-security-group-rule description: Delete a Security Group rule hints: readOnly: false destructive: true idempotent: true call: exoscale-security-group.deleterulefromsecuritygroup with: id: tools.id rule-id: tools.rule-id outputParameters: - type: object mapping: $. - name: add-external-source-member-security description: Add an external source as a member of a Security Group hints: readOnly: false destructive: false idempotent: true call: exoscale-security-group.addexternalsourcetosecuritygroup with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: attach-compute-instance-security-group description: Attach a Compute instance to a Security Group hints: readOnly: false destructive: false idempotent: true call: exoscale-security-group.attachinstancetosecuritygroup with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: detach-compute-instance-security-group description: Detach a Compute instance from a Security Group hints: readOnly: false destructive: false idempotent: true call: exoscale-security-group.detachinstancefromsecuritygroup with: id: tools.id body: tools.body outputParameters: - type: object mapping: $. - name: remove-external-source-security-group description: Remove an external source from a Security Group hints: readOnly: false destructive: false idempotent: true call: exoscale-security-group.removeexternalsourcefromsecuritygroup with: id: tools.id body: tools.body outputParameters: - type: object mapping: $.