naftiko: 1.0.0-alpha2 info: label: HashiCorp Nomad HTTP API — ACL description: 'HashiCorp Nomad HTTP API — ACL. 9 operations. Lead operation: List ACL policies. Self-contained Naftiko capability covering one Nomad business surface.' tags: - Nomad - ACL created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: NOMAD_API_KEY: NOMAD_API_KEY capability: consumes: - type: http namespace: http-acl baseUri: http://localhost:4646/v1 description: HashiCorp Nomad HTTP API — ACL business capability. Self-contained, no shared references. resources: - name: acl-policies path: /acl/policies operations: - name: listaclpolicies method: GET description: List ACL policies outputRawFormat: json outputParameters: - name: result type: object value: $. - name: acl-policy-policyName path: /acl/policy/{policyName} operations: - name: readaclpolicy method: GET description: Read an ACL policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: policyName in: path type: string description: The name of the ACL policy. required: true - name: upsertaclpolicy method: PUT description: Create or update an ACL policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: policyName in: path type: string description: The name of the ACL policy. required: true - name: body in: body type: object description: Request body (JSON). required: true - name: deleteaclpolicy method: DELETE description: Delete an ACL policy outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: policyName in: path type: string description: The name of the ACL policy. required: true - name: acl-token path: /acl/token operations: - name: createacltoken method: PUT description: Create an ACL token outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: acl-token-self path: /acl/token/self operations: - name: readselfacltoken method: GET description: Read own ACL token outputRawFormat: json outputParameters: - name: result type: object value: $. - name: acl-token-tokenAccessorID path: /acl/token/{tokenAccessorID} operations: - name: readacltoken method: GET description: Read an ACL token outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: tokenAccessorID in: path type: string description: The accessor ID of the ACL token. required: true - name: deleteacltoken method: DELETE description: Delete an ACL token outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: tokenAccessorID in: path type: string description: The accessor ID of the ACL token. required: true - name: acl-tokens path: /acl/tokens operations: - name: listacltokens method: GET description: List ACL tokens outputRawFormat: json outputParameters: - name: result type: object value: $. authentication: type: bearer token: '{{env.NOMAD_API_KEY}}' exposes: - type: rest namespace: http-acl-rest port: 8080 description: REST adapter for HashiCorp Nomad HTTP API — ACL. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/acl/policies name: acl-policies description: REST surface for acl-policies. operations: - method: GET name: listaclpolicies description: List ACL policies call: http-acl.listaclpolicies outputParameters: - type: object mapping: $. - path: /v1/acl/policy/{policyname} name: acl-policy-policyname description: REST surface for acl-policy-policyName. operations: - method: GET name: readaclpolicy description: Read an ACL policy call: http-acl.readaclpolicy with: policyName: rest.policyName outputParameters: - type: object mapping: $. - method: PUT name: upsertaclpolicy description: Create or update an ACL policy call: http-acl.upsertaclpolicy with: policyName: rest.policyName body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deleteaclpolicy description: Delete an ACL policy call: http-acl.deleteaclpolicy with: policyName: rest.policyName outputParameters: - type: object mapping: $. - path: /v1/acl/token name: acl-token description: REST surface for acl-token. operations: - method: PUT name: createacltoken description: Create an ACL token call: http-acl.createacltoken with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/acl/token/self name: acl-token-self description: REST surface for acl-token-self. operations: - method: GET name: readselfacltoken description: Read own ACL token call: http-acl.readselfacltoken outputParameters: - type: object mapping: $. - path: /v1/acl/token/{tokenaccessorid} name: acl-token-tokenaccessorid description: REST surface for acl-token-tokenAccessorID. operations: - method: GET name: readacltoken description: Read an ACL token call: http-acl.readacltoken with: tokenAccessorID: rest.tokenAccessorID outputParameters: - type: object mapping: $. - method: DELETE name: deleteacltoken description: Delete an ACL token call: http-acl.deleteacltoken with: tokenAccessorID: rest.tokenAccessorID outputParameters: - type: object mapping: $. - path: /v1/acl/tokens name: acl-tokens description: REST surface for acl-tokens. operations: - method: GET name: listacltokens description: List ACL tokens call: http-acl.listacltokens outputParameters: - type: object mapping: $. - type: mcp namespace: http-acl-mcp port: 9090 transport: http description: MCP adapter for HashiCorp Nomad HTTP API — ACL. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: list-acl-policies description: List ACL policies hints: readOnly: true destructive: false idempotent: true call: http-acl.listaclpolicies outputParameters: - type: object mapping: $. - name: read-acl-policy description: Read an ACL policy hints: readOnly: true destructive: false idempotent: true call: http-acl.readaclpolicy with: policyName: tools.policyName outputParameters: - type: object mapping: $. - name: create-update-acl-policy description: Create or update an ACL policy hints: readOnly: false destructive: false idempotent: true call: http-acl.upsertaclpolicy with: policyName: tools.policyName body: tools.body outputParameters: - type: object mapping: $. - name: delete-acl-policy description: Delete an ACL policy hints: readOnly: false destructive: true idempotent: true call: http-acl.deleteaclpolicy with: policyName: tools.policyName outputParameters: - type: object mapping: $. - name: create-acl-token description: Create an ACL token hints: readOnly: false destructive: false idempotent: true call: http-acl.createacltoken with: body: tools.body outputParameters: - type: object mapping: $. - name: read-own-acl-token description: Read own ACL token hints: readOnly: true destructive: false idempotent: true call: http-acl.readselfacltoken outputParameters: - type: object mapping: $. - name: read-acl-token description: Read an ACL token hints: readOnly: true destructive: false idempotent: true call: http-acl.readacltoken with: tokenAccessorID: tools.tokenAccessorID outputParameters: - type: object mapping: $. - name: delete-acl-token description: Delete an ACL token hints: readOnly: false destructive: true idempotent: true call: http-acl.deleteacltoken with: tokenAccessorID: tools.tokenAccessorID outputParameters: - type: object mapping: $. - name: list-acl-tokens description: List ACL tokens hints: readOnly: true destructive: false idempotent: true call: http-acl.listacltokens outputParameters: - type: object mapping: $.