StackRox · Capability
API Reference — NetworkPolicyService
API Reference — NetworkPolicyService. 9 operations. Lead operation: NetworkPolicyService. Self-contained Naftiko capability covering one Stackrox business surface.
What You Can Do
GET
Getnetworkpolicies
— getnetworkpolicies
/v1/v1/networkpolicies
POST
Applynetworkpolicy
— applynetworkpolicy
/v1/v1/networkpolicies/apply/{clusterid}
GET
Getnetworkgraph
— getnetworkgraph
/v1/v1/networkpolicies/cluster/{clusterid}
GET
Generatenetworkpolicies
— generatenetworkpolicies
/v1/v1/networkpolicies/generate/{clusterid}
GET
Getnetworkgraphepoch
— getnetworkgraphepoch
/v1/v1/networkpolicies/graph/epoch
POST
Simulatenetworkgraph
— simulatenetworkgraph
/v1/v1/networkpolicies/simulate/{clusterid}
POST
Sendnetworkpolicyyaml
— sendnetworkpolicyyaml
/v1/v1/networkpolicies/simulate/{clusterid}/notify
GET
Getundomodification
— getundomodification
/v1/v1/networkpolicies/undo/{clusterid}
GET
Getnetworkpolicy
— getnetworkpolicy
/v1/v1/networkpolicies/{id}
MCP Tools
getnetworkpolicies
getnetworkpolicies
read-only
idempotent
applynetworkpolicy
applynetworkpolicy
getnetworkgraph
getnetworkgraph
read-only
idempotent
generatenetworkpolicies
generatenetworkpolicies
read-only
idempotent
getnetworkgraphepoch
getnetworkgraphepoch
read-only
idempotent
simulatenetworkgraph
simulatenetworkgraph
sendnetworkpolicyyaml
sendnetworkpolicyyaml
getundomodification
getundomodification
read-only
idempotent
getnetworkpolicy
getnetworkpolicy
read-only
idempotent
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: API Reference — NetworkPolicyService
description: 'API Reference — NetworkPolicyService. 9 operations. Lead operation: NetworkPolicyService. Self-contained Naftiko
capability covering one Stackrox business surface.'
tags:
- Stackrox
- NetworkPolicyService
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
STACKROX_API_KEY: STACKROX_API_KEY
capability:
consumes:
- type: http
namespace: stackrox-networkpolicyservice
baseUri: https://{central-host}
description: API Reference — NetworkPolicyService business capability. Self-contained, no shared references.
resources:
- name: v1-networkpolicies
path: /v1/networkpolicies
operations:
- name: getnetworkpolicies
method: GET
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: query
type: string
- name: deploymentQuery
in: query
type: string
- name: v1-networkpolicies-apply-clusterId
path: /v1/networkpolicies/apply/{clusterId}
operations:
- name: applynetworkpolicy
method: POST
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: path
type: string
required: true
- name: body
in: body
type: object
description: Request body (JSON).
required: false
- name: v1-networkpolicies-cluster-clusterId
path: /v1/networkpolicies/cluster/{clusterId}
operations:
- name: getnetworkgraph
method: GET
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: path
type: string
required: true
- name: query
in: query
type: string
- name: v1-networkpolicies-generate-clusterId
path: /v1/networkpolicies/generate/{clusterId}
operations:
- name: generatenetworkpolicies
method: GET
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: path
type: string
required: true
- name: query
in: query
type: string
- name: deleteExisting
in: query
type: string
- name: networkDataSince
in: query
type: string
- name: v1-networkpolicies-graph-epoch
path: /v1/networkpolicies/graph/epoch
operations:
- name: getnetworkgraphepoch
method: GET
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: query
type: string
- name: v1-networkpolicies-simulate-clusterId
path: /v1/networkpolicies/simulate/{clusterId}
operations:
- name: simulatenetworkgraph
method: POST
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: path
type: string
required: true
- name: body
in: body
type: object
description: Request body (JSON).
required: false
- name: v1-networkpolicies-simulate-clusterId-notify
path: /v1/networkpolicies/simulate/{clusterId}/notify
operations:
- name: sendnetworkpolicyyaml
method: POST
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: path
type: string
required: true
- name: body
in: body
type: object
description: Request body (JSON).
required: false
- name: v1-networkpolicies-undo-clusterId
path: /v1/networkpolicies/undo/{clusterId}
operations:
- name: getundomodification
method: GET
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: clusterId
in: path
type: string
required: true
- name: v1-networkpolicies-id
path: /v1/networkpolicies/{id}
operations:
- name: getnetworkpolicy
method: GET
description: ''
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: id
in: path
type: string
required: true
authentication:
type: apikey
key: Authorization
value: '{{env.STACKROX_API_KEY}}'
placement: header
exposes:
- type: rest
namespace: stackrox-networkpolicyservice-rest
port: 8080
description: REST adapter for API Reference — NetworkPolicyService. One Spectral-compliant resource per consumed operation,
prefixed with /v1.
resources:
- path: /v1/v1/networkpolicies
name: v1-networkpolicies
description: REST surface for v1-networkpolicies.
operations:
- method: GET
name: getnetworkpolicies
description: getnetworkpolicies
call: stackrox-networkpolicyservice.getnetworkpolicies
with:
clusterId: rest.clusterId
deploymentQuery: rest.deploymentQuery
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/apply/{clusterid}
name: v1-networkpolicies-apply-clusterid
description: REST surface for v1-networkpolicies-apply-clusterId.
operations:
- method: POST
name: applynetworkpolicy
description: applynetworkpolicy
call: stackrox-networkpolicyservice.applynetworkpolicy
with:
clusterId: rest.clusterId
body: rest.body
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/cluster/{clusterid}
name: v1-networkpolicies-cluster-clusterid
description: REST surface for v1-networkpolicies-cluster-clusterId.
operations:
- method: GET
name: getnetworkgraph
description: getnetworkgraph
call: stackrox-networkpolicyservice.getnetworkgraph
with:
clusterId: rest.clusterId
query: rest.query
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/generate/{clusterid}
name: v1-networkpolicies-generate-clusterid
description: REST surface for v1-networkpolicies-generate-clusterId.
operations:
- method: GET
name: generatenetworkpolicies
description: generatenetworkpolicies
call: stackrox-networkpolicyservice.generatenetworkpolicies
with:
clusterId: rest.clusterId
query: rest.query
deleteExisting: rest.deleteExisting
networkDataSince: rest.networkDataSince
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/graph/epoch
name: v1-networkpolicies-graph-epoch
description: REST surface for v1-networkpolicies-graph-epoch.
operations:
- method: GET
name: getnetworkgraphepoch
description: getnetworkgraphepoch
call: stackrox-networkpolicyservice.getnetworkgraphepoch
with:
clusterId: rest.clusterId
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/simulate/{clusterid}
name: v1-networkpolicies-simulate-clusterid
description: REST surface for v1-networkpolicies-simulate-clusterId.
operations:
- method: POST
name: simulatenetworkgraph
description: simulatenetworkgraph
call: stackrox-networkpolicyservice.simulatenetworkgraph
with:
clusterId: rest.clusterId
body: rest.body
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/simulate/{clusterid}/notify
name: v1-networkpolicies-simulate-clusterid-notify
description: REST surface for v1-networkpolicies-simulate-clusterId-notify.
operations:
- method: POST
name: sendnetworkpolicyyaml
description: sendnetworkpolicyyaml
call: stackrox-networkpolicyservice.sendnetworkpolicyyaml
with:
clusterId: rest.clusterId
body: rest.body
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/undo/{clusterid}
name: v1-networkpolicies-undo-clusterid
description: REST surface for v1-networkpolicies-undo-clusterId.
operations:
- method: GET
name: getundomodification
description: getundomodification
call: stackrox-networkpolicyservice.getundomodification
with:
clusterId: rest.clusterId
outputParameters:
- type: object
mapping: $.
- path: /v1/v1/networkpolicies/{id}
name: v1-networkpolicies-id
description: REST surface for v1-networkpolicies-id.
operations:
- method: GET
name: getnetworkpolicy
description: getnetworkpolicy
call: stackrox-networkpolicyservice.getnetworkpolicy
with:
id: rest.id
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: stackrox-networkpolicyservice-mcp
port: 9090
transport: http
description: MCP adapter for API Reference — NetworkPolicyService. One tool per consumed operation, routed inline through
this capability's consumes block.
tools:
- name: getnetworkpolicies
description: getnetworkpolicies
hints:
readOnly: true
destructive: false
idempotent: true
call: stackrox-networkpolicyservice.getnetworkpolicies
with:
clusterId: tools.clusterId
deploymentQuery: tools.deploymentQuery
outputParameters:
- type: object
mapping: $.
- name: applynetworkpolicy
description: applynetworkpolicy
hints:
readOnly: false
destructive: false
idempotent: false
call: stackrox-networkpolicyservice.applynetworkpolicy
with:
clusterId: tools.clusterId
body: tools.body
outputParameters:
- type: object
mapping: $.
- name: getnetworkgraph
description: getnetworkgraph
hints:
readOnly: true
destructive: false
idempotent: true
call: stackrox-networkpolicyservice.getnetworkgraph
with:
clusterId: tools.clusterId
query: tools.query
outputParameters:
- type: object
mapping: $.
- name: generatenetworkpolicies
description: generatenetworkpolicies
hints:
readOnly: true
destructive: false
idempotent: true
call: stackrox-networkpolicyservice.generatenetworkpolicies
with:
clusterId: tools.clusterId
query: tools.query
deleteExisting: tools.deleteExisting
networkDataSince: tools.networkDataSince
outputParameters:
- type: object
mapping: $.
- name: getnetworkgraphepoch
description: getnetworkgraphepoch
hints:
readOnly: true
destructive: false
idempotent: true
call: stackrox-networkpolicyservice.getnetworkgraphepoch
with:
clusterId: tools.clusterId
outputParameters:
- type: object
mapping: $.
- name: simulatenetworkgraph
description: simulatenetworkgraph
hints:
readOnly: false
destructive: false
idempotent: false
call: stackrox-networkpolicyservice.simulatenetworkgraph
with:
clusterId: tools.clusterId
body: tools.body
outputParameters:
- type: object
mapping: $.
- name: sendnetworkpolicyyaml
description: sendnetworkpolicyyaml
hints:
readOnly: false
destructive: false
idempotent: false
call: stackrox-networkpolicyservice.sendnetworkpolicyyaml
with:
clusterId: tools.clusterId
body: tools.body
outputParameters:
- type: object
mapping: $.
- name: getundomodification
description: getundomodification
hints:
readOnly: true
destructive: false
idempotent: true
call: stackrox-networkpolicyservice.getundomodification
with:
clusterId: tools.clusterId
outputParameters:
- type: object
mapping: $.
- name: getnetworkpolicy
description: getnetworkpolicy
hints:
readOnly: true
destructive: false
idempotent: true
call: stackrox-networkpolicyservice.getnetworkpolicy
with:
id: tools.id
outputParameters:
- type: object
mapping: $.