Exoscale · Capability

Exoscale API — security-group

Exoscale API — security-group. 10 operations. Lead operation: Create a Security Group. Self-contained Naftiko capability covering one Exoscale business surface.

Run with Naftiko Exoscalesecurity-group

What You Can Do

POST

Createsecuritygroup — Create a Security Group

/v1/security-group

GET

Listsecuritygroups — List Security Groups.

/v1/security-group

GET

Getsecuritygroup — Retrieve Security Group details

/v1/security-group/{id}

DELETE

Deletesecuritygroup — Delete a Security Group

/v1/security-group/{id}

POST

Addruletosecuritygroup — Create a Security Group rule

/v1/security-group/{id}/rules

DELETE

Deleterulefromsecuritygroup — Delete a Security Group rule

/v1/security-group/{id}/rules/{rule-id}

PUT

Addexternalsourcetosecuritygroup — Add an external source as a member of a Security Group

/v1/security-group/id-add-source

PUT

Attachinstancetosecuritygroup — Attach a Compute instance to a Security Group

/v1/security-group/id-attach

PUT

Detachinstancefromsecuritygroup — Detach a Compute instance from a Security Group

/v1/security-group/id-detach

PUT

Removeexternalsourcefromsecuritygroup — Remove an external source from a Security Group

/v1/security-group/id-remove-source

MCP Tools

create-security-group

Create a Security Group

list-security-groups

List Security Groups.

read-only idempotent

retrieve-security-group-details

Retrieve Security Group details

read-only idempotent

delete-security-group

Delete a Security Group

idempotent

create-security-group-rule

Create a Security Group rule

delete-security-group-rule

Delete a Security Group rule

idempotent

add-external-source-member-security

Add an external source as a member of a Security Group

idempotent

attach-compute-instance-security-group

Attach a Compute instance to a Security Group

idempotent

detach-compute-instance-security-group

Detach a Compute instance from a Security Group

idempotent

remove-external-source-security-group

Remove an external source from a Security Group

idempotent

Capability Spec

naftiko: 1.0.0-alpha2
info:
  label: Exoscale API — security-group
  description: 'Exoscale API — security-group. 10 operations. Lead operation: Create a Security Group. Self-contained Naftiko
    capability covering one Exoscale business surface.'
  tags:
  - Exoscale
  - security-group
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    EXOSCALE_API_KEY: EXOSCALE_API_KEY
capability:
  consumes:
  - type: http
    namespace: exoscale-security-group
    baseUri: https://api-{zone}.exoscale.com/v2
    description: Exoscale API — security-group business capability. Self-contained, no shared references.
    resources:
    - name: security-group
      path: /security-group
      operations:
      - name: createsecuritygroup
        method: POST
        description: Create a Security Group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: listsecuritygroups
        method: GET
        description: List Security Groups.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: visibility
          in: query
          type: string
    - name: security-group-id
      path: /security-group/{id}
      operations:
      - name: getsecuritygroup
        method: GET
        description: Retrieve Security Group details
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
      - name: deletesecuritygroup
        method: DELETE
        description: Delete a Security Group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
    - name: security-group-id-rules
      path: /security-group/{id}/rules
      operations:
      - name: addruletosecuritygroup
        method: POST
        description: Create a Security Group rule
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: security-group-id-rules-rule-id
      path: /security-group/{id}/rules/{rule-id}
      operations:
      - name: deleterulefromsecuritygroup
        method: DELETE
        description: Delete a Security Group rule
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
        - name: rule-id
          in: path
          type: string
          required: true
    - name: security-group-id}:add-source
      path: /security-group/{id}:add-source
      operations:
      - name: addexternalsourcetosecuritygroup
        method: PUT
        description: Add an external source as a member of a Security Group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: security-group-id}:attach
      path: /security-group/{id}:attach
      operations:
      - name: attachinstancetosecuritygroup
        method: PUT
        description: Attach a Compute instance to a Security Group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: security-group-id}:detach
      path: /security-group/{id}:detach
      operations:
      - name: detachinstancefromsecuritygroup
        method: PUT
        description: Detach a Compute instance from a Security Group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: security-group-id}:remove-source
      path: /security-group/{id}:remove-source
      operations:
      - name: removeexternalsourcefromsecuritygroup
        method: PUT
        description: Remove an external source from a Security Group
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
  exposes:
  - type: rest
    namespace: exoscale-security-group-rest
    port: 8080
    description: REST adapter for Exoscale API — security-group. One Spectral-compliant resource per consumed operation, prefixed
      with /v1.
    resources:
    - path: /v1/security-group
      name: security-group
      description: REST surface for security-group.
      operations:
      - method: POST
        name: createsecuritygroup
        description: Create a Security Group
        call: exoscale-security-group.createsecuritygroup
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: GET
        name: listsecuritygroups
        description: List Security Groups.
        call: exoscale-security-group.listsecuritygroups
        with:
          visibility: rest.visibility
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/security-group/{id}
      name: security-group-id
      description: REST surface for security-group-id.
      operations:
      - method: GET
        name: getsecuritygroup
        description: Retrieve Security Group details
        call: exoscale-security-group.getsecuritygroup
        with:
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deletesecuritygroup
        description: Delete a Security Group
        call: exoscale-security-group.deletesecuritygroup
        with:
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/security-group/{id}/rules
      name: security-group-id-rules
      description: REST surface for security-group-id-rules.
      operations:
      - method: POST
        name: addruletosecuritygroup
        description: Create a Security Group rule
        call: exoscale-security-group.addruletosecuritygroup
        with:
          id: rest.id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/security-group/{id}/rules/{rule-id}
      name: security-group-id-rules-rule-id
      description: REST surface for security-group-id-rules-rule-id.
      operations:
      - method: DELETE
        name: deleterulefromsecuritygroup
        description: Delete a Security Group rule
        call: exoscale-security-group.deleterulefromsecuritygroup
        with:
          id: rest.id
          rule-id: rest.rule-id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/security-group/id-add-source
      name: security-group-id-add-source
      description: REST surface for security-group-id}:add-source.
      operations:
      - method: PUT
        name: addexternalsourcetosecuritygroup
        description: Add an external source as a member of a Security Group
        call: exoscale-security-group.addexternalsourcetosecuritygroup
        with:
          id: rest.id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/security-group/id-attach
      name: security-group-id-attach
      description: REST surface for security-group-id}:attach.
      operations:
      - method: PUT
        name: attachinstancetosecuritygroup
        description: Attach a Compute instance to a Security Group
        call: exoscale-security-group.attachinstancetosecuritygroup
        with:
          id: rest.id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/security-group/id-detach
      name: security-group-id-detach
      description: REST surface for security-group-id}:detach.
      operations:
      - method: PUT
        name: detachinstancefromsecuritygroup
        description: Detach a Compute instance from a Security Group
        call: exoscale-security-group.detachinstancefromsecuritygroup
        with:
          id: rest.id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/security-group/id-remove-source
      name: security-group-id-remove-source
      description: REST surface for security-group-id}:remove-source.
      operations:
      - method: PUT
        name: removeexternalsourcefromsecuritygroup
        description: Remove an external source from a Security Group
        call: exoscale-security-group.removeexternalsourcefromsecuritygroup
        with:
          id: rest.id
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: exoscale-security-group-mcp
    port: 9090
    transport: http
    description: MCP adapter for Exoscale API — security-group. One tool per consumed operation, routed inline through this
      capability's consumes block.
    tools:
    - name: create-security-group
      description: Create a Security Group
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: exoscale-security-group.createsecuritygroup
      with:
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: list-security-groups
      description: List Security Groups.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: exoscale-security-group.listsecuritygroups
      with:
        visibility: tools.visibility
      outputParameters:
      - type: object
        mapping: $.
    - name: retrieve-security-group-details
      description: Retrieve Security Group details
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: exoscale-security-group.getsecuritygroup
      with:
        id: tools.id
      outputParameters:
      - type: object
        mapping: $.
    - name: delete-security-group
      description: Delete a Security Group
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: exoscale-security-group.deletesecuritygroup
      with:
        id: tools.id
      outputParameters:
      - type: object
        mapping: $.
    - name: create-security-group-rule
      description: Create a Security Group rule
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: exoscale-security-group.addruletosecuritygroup
      with:
        id: tools.id
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: delete-security-group-rule
      description: Delete a Security Group rule
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: exoscale-security-group.deleterulefromsecuritygroup
      with:
        id: tools.id
        rule-id: tools.rule-id
      outputParameters:
      - type: object
        mapping: $.
    - name: add-external-source-member-security
      description: Add an external source as a member of a Security Group
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: exoscale-security-group.addexternalsourcetosecuritygroup
      with:
        id: tools.id
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: attach-compute-instance-security-group
      description: Attach a Compute instance to a Security Group
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: exoscale-security-group.attachinstancetosecuritygroup
      with:
        id: tools.id
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: detach-compute-instance-security-group
      description: Detach a Compute instance from a Security Group
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: exoscale-security-group.detachinstancefromsecuritygroup
      with:
        id: tools.id
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: remove-external-source-security-group
      description: Remove an external source from a Security Group
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: exoscale-security-group.removeexternalsourcefromsecuritygroup
      with:
        id: tools.id
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.