naftiko: 1.0.0-alpha2 info: label: Tetrate Service Mesh Management description: Unified service mesh management capability for platform engineers and DevOps teams. Composes Tetrate Service Bridge management APIs to enable multi-cluster mesh onboarding, tenant provisioning, workspace configuration, and application API lifecycle management from a single interface. tags: - Tetrate - Service Mesh - Istio - Multi-Cluster - Platform Engineering - DevOps created: '2026-05-03' modified: '2026-05-06' binds: - namespace: env keys: TSB_TOKEN: TSB_TOKEN capability: consumes: - type: http namespace: tsb baseUri: https://tsbhost:8443/v2 description: Tetrate Service Bridge management plane REST API authentication: type: apikey key: x-tetrate-token value: '{{TSB_TOKEN}}' placement: header resources: - name: organizations path: /organizations description: Manage TSB organizations operations: - name: list-organizations method: GET description: List all organizations outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-organization method: POST description: Create a new organization outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' spec: displayName: '{{tools.displayName}}' description: '{{tools.description}}' - name: organization path: /organizations/{organization} description: Manage a specific organization operations: - name: get-organization method: GET description: Get organization details inputParameters: - name: organization in: path type: string required: true description: Organization name outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-organization method: DELETE description: Delete an organization inputParameters: - name: organization in: path type: string required: true description: Organization name outputRawFormat: json outputParameters: - name: result type: object value: $. - name: tenants path: /organizations/{organization}/tenants description: Manage tenants within an organization operations: - name: list-tenants method: GET description: List all tenants in an organization inputParameters: - name: organization in: path type: string required: true description: Organization name outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-tenant method: POST description: Create a new tenant inputParameters: - name: organization in: path type: string required: true description: Organization name outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' spec: displayName: '{{tools.displayName}}' description: '{{tools.description}}' - name: tenant path: /organizations/{organization}/tenants/{tenant} description: Manage a specific tenant operations: - name: get-tenant method: GET description: Get tenant details inputParameters: - name: organization in: path type: string required: true description: Organization name - name: tenant in: path type: string required: true description: Tenant name outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-tenant method: DELETE description: Delete a tenant inputParameters: - name: organization in: path type: string required: true - name: tenant in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. - name: workspaces path: /organizations/{organization}/tenants/{tenant}/workspaces description: Manage workspaces within a tenant operations: - name: list-workspaces method: GET description: List all workspaces in a tenant inputParameters: - name: organization in: path type: string required: true - name: tenant in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-workspace method: POST description: Create a new workspace inputParameters: - name: organization in: path type: string required: true - name: tenant in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' spec: displayName: '{{tools.displayName}}' namespaceSelector: names: '{{tools.namespaces}}' - name: clusters path: /organizations/{organization}/clusters description: Manage onboarded Kubernetes clusters operations: - name: list-clusters method: GET description: List all onboarded clusters inputParameters: - name: organization in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-cluster method: POST description: Onboard a new Kubernetes cluster inputParameters: - name: organization in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' spec: network: '{{tools.network}}' tier1Cluster: '{{tools.tier1Cluster}}' - name: applications path: /organizations/{organization}/tenants/{tenant}/applications description: Manage applications within a tenant operations: - name: list-applications method: GET description: List all applications in a tenant inputParameters: - name: organization in: path type: string required: true - name: tenant in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-application method: POST description: Create a new application inputParameters: - name: organization in: path type: string required: true - name: tenant in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' spec: workspace: '{{tools.workspace}}' - name: apis path: /organizations/{organization}/tenants/{tenant}/applications/{application}/apis description: Manage APIs registered to an application operations: - name: list-apis method: GET description: List all APIs in an application inputParameters: - name: organization in: path type: string required: true - name: tenant in: path type: string required: true - name: application in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. - name: create-api method: POST description: Register a new API using an OpenAPI v3 spec inputParameters: - name: organization in: path type: string required: true - name: tenant in: path type: string required: true - name: application in: path type: string required: true outputRawFormat: json outputParameters: - name: result type: object value: $. body: type: json data: name: '{{tools.name}}' spec: openapi: '{{tools.openapi}}' exposes: - type: rest port: 8080 namespace: tetrate-mesh-api description: Unified REST API for Tetrate service mesh management. resources: - path: /v1/organizations name: organizations description: Manage TSB organizations operations: - method: GET name: list-organizations description: List all TSB organizations call: tsb.list-organizations outputParameters: - type: object mapping: $. - method: POST name: create-organization description: Create a new TSB organization call: tsb.create-organization with: name: rest.name displayName: rest.displayName description: rest.description outputParameters: - type: object mapping: $. - path: /v1/tenants name: tenants description: Manage TSB tenants operations: - method: GET name: list-tenants description: List all tenants in an organization call: tsb.list-tenants with: organization: rest.organization outputParameters: - type: object mapping: $. - method: POST name: create-tenant description: Create a new tenant call: tsb.create-tenant with: organization: rest.organization name: rest.name displayName: rest.displayName outputParameters: - type: object mapping: $. - path: /v1/workspaces name: workspaces description: Manage TSB workspaces operations: - method: GET name: list-workspaces description: List all workspaces in a tenant call: tsb.list-workspaces with: organization: rest.organization tenant: rest.tenant outputParameters: - type: object mapping: $. - method: POST name: create-workspace description: Create a new workspace with namespace assignments call: tsb.create-workspace with: organization: rest.organization tenant: rest.tenant name: rest.name namespaces: rest.namespaces outputParameters: - type: object mapping: $. - path: /v1/clusters name: clusters description: Manage onboarded Kubernetes clusters operations: - method: GET name: list-clusters description: List all onboarded clusters call: tsb.list-clusters with: organization: rest.organization outputParameters: - type: object mapping: $. - method: POST name: onboard-cluster description: Onboard a new Kubernetes cluster call: tsb.create-cluster with: organization: rest.organization name: rest.name network: rest.network outputParameters: - type: object mapping: $. - path: /v1/applications name: applications description: Manage TSB applications operations: - method: GET name: list-applications description: List all applications in a tenant call: tsb.list-applications with: organization: rest.organization tenant: rest.tenant outputParameters: - type: object mapping: $. - method: POST name: create-application description: Create a new application call: tsb.create-application with: organization: rest.organization tenant: rest.tenant name: rest.name workspace: rest.workspace outputParameters: - type: object mapping: $. - path: /v1/apis name: apis description: Manage application APIs operations: - method: GET name: list-apis description: List all APIs for an application call: tsb.list-apis with: organization: rest.organization tenant: rest.tenant application: rest.application outputParameters: - type: object mapping: $. - method: POST name: register-api description: Register an OpenAPI spec as an API call: tsb.create-api with: organization: rest.organization tenant: rest.tenant application: rest.application name: rest.name openapi: rest.openapi outputParameters: - type: object mapping: $. - type: mcp port: 9090 namespace: tetrate-mesh-mcp transport: http description: MCP server for AI-assisted Tetrate service mesh management. tools: - name: list-organizations description: List all TSB organizations hints: readOnly: true openWorld: true call: tsb.list-organizations outputParameters: - type: object mapping: $. - name: list-tenants description: List all tenants within a TSB organization hints: readOnly: true openWorld: true call: tsb.list-tenants with: organization: tools.organization outputParameters: - type: object mapping: $. - name: create-tenant description: Create a new tenant within a TSB organization hints: readOnly: false destructive: false idempotent: false call: tsb.create-tenant with: organization: tools.organization name: tools.name displayName: tools.displayName description: tools.description outputParameters: - type: object mapping: $. - name: list-workspaces description: List all workspaces within a tenant hints: readOnly: true openWorld: true call: tsb.list-workspaces with: organization: tools.organization tenant: tools.tenant outputParameters: - type: object mapping: $. - name: create-workspace description: Create a new workspace with namespace selector hints: readOnly: false destructive: false idempotent: false call: tsb.create-workspace with: organization: tools.organization tenant: tools.tenant name: tools.name namespaces: tools.namespaces outputParameters: - type: object mapping: $. - name: list-clusters description: List all Kubernetes clusters onboarded to TSB hints: readOnly: true openWorld: true call: tsb.list-clusters with: organization: tools.organization outputParameters: - type: object mapping: $. - name: onboard-cluster description: Onboard a new Kubernetes cluster to TSB management hints: readOnly: false destructive: false idempotent: false call: tsb.create-cluster with: organization: tools.organization name: tools.name network: tools.network tier1Cluster: tools.tier1Cluster outputParameters: - type: object mapping: $. - name: list-applications description: List all applications in a TSB tenant hints: readOnly: true openWorld: true call: tsb.list-applications with: organization: tools.organization tenant: tools.tenant outputParameters: - type: object mapping: $. - name: create-application description: Create a new TSB application linked to a workspace hints: readOnly: false destructive: false idempotent: false call: tsb.create-application with: organization: tools.organization tenant: tools.tenant name: tools.name workspace: tools.workspace outputParameters: - type: object mapping: $. - name: list-apis description: List all APIs registered to a TSB application hints: readOnly: true openWorld: true call: tsb.list-apis with: organization: tools.organization tenant: tools.tenant application: tools.application outputParameters: - type: object mapping: $. - name: register-api description: Register an OpenAPI v3 spec as a managed API in TSB hints: readOnly: false destructive: false idempotent: false call: tsb.create-api with: organization: tools.organization tenant: tools.tenant application: tools.application name: tools.name openapi: tools.openapi outputParameters: - type: object mapping: $. - name: get-organization description: Get details of a specific TSB organization hints: readOnly: true openWorld: false call: tsb.get-organization with: organization: tools.organization outputParameters: - type: object mapping: $. - name: get-tenant description: Get details of a specific TSB tenant hints: readOnly: true openWorld: false call: tsb.get-tenant with: organization: tools.organization tenant: tools.tenant outputParameters: - type: object mapping: $.