get_security_list
Retrieve detailed security list information from Oracle Cloud Infrastructure, including all ingress and egress rules, to manage network security configurations.
Instructions
Get detailed information about a specific security list.
Args:
security_list_id: OCID of the security list to retrieve
Returns:
Detailed security list with all ingress and egress rules
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| security_list_id | Yes |
Implementation Reference
- mcp_server_oci/tools/security.py:54-156 (handler)Core handler function that fetches OCI security list details using VirtualNetworkClient and formats ingress/egress rules into a dictionary.def get_security_list(network_client: oci.core.VirtualNetworkClient, security_list_id: str) -> Dict[str, Any]: """ Get details of a specific security list. Args: network_client: OCI VirtualNetwork client security_list_id: OCID of the security list Returns: Details of the security list """ try: security_list = network_client.get_security_list(security_list_id).data # Format ingress rules ingress_rules = [] if security_list.ingress_security_rules: for rule in security_list.ingress_security_rules: ingress_rules.append({ "protocol": rule.protocol, "source": rule.source, "source_type": rule.source_type, "is_stateless": rule.is_stateless, "description": rule.description, "tcp_options": { "destination_port_range": { "min": rule.tcp_options.destination_port_range.min if rule.tcp_options and rule.tcp_options.destination_port_range else None, "max": rule.tcp_options.destination_port_range.max if rule.tcp_options and rule.tcp_options.destination_port_range else None, } if rule.tcp_options and rule.tcp_options.destination_port_range else None, "source_port_range": { "min": rule.tcp_options.source_port_range.min if rule.tcp_options and rule.tcp_options.source_port_range else None, "max": rule.tcp_options.source_port_range.max if rule.tcp_options and rule.tcp_options.source_port_range else None, } if rule.tcp_options and rule.tcp_options.source_port_range else None, } if rule.tcp_options else None, "udp_options": { "destination_port_range": { "min": rule.udp_options.destination_port_range.min if rule.udp_options and rule.udp_options.destination_port_range else None, "max": rule.udp_options.destination_port_range.max if rule.udp_options and rule.udp_options.destination_port_range else None, } if rule.udp_options and rule.udp_options.destination_port_range else None, "source_port_range": { "min": rule.udp_options.source_port_range.min if rule.udp_options and rule.udp_options.source_port_range else None, "max": rule.udp_options.source_port_range.max if rule.udp_options and rule.udp_options.source_port_range else None, } if rule.udp_options and rule.udp_options.source_port_range else None, } if rule.udp_options else None, "icmp_options": { "type": rule.icmp_options.type if rule.icmp_options else None, "code": rule.icmp_options.code if rule.icmp_options else None, } if rule.icmp_options else None, }) # Format egress rules egress_rules = [] if security_list.egress_security_rules: for rule in security_list.egress_security_rules: egress_rules.append({ "protocol": rule.protocol, "destination": rule.destination, "destination_type": rule.destination_type, "is_stateless": rule.is_stateless, "description": rule.description, "tcp_options": { "destination_port_range": { "min": rule.tcp_options.destination_port_range.min if rule.tcp_options and rule.tcp_options.destination_port_range else None, "max": rule.tcp_options.destination_port_range.max if rule.tcp_options and rule.tcp_options.destination_port_range else None, } if rule.tcp_options and rule.tcp_options.destination_port_range else None, "source_port_range": { "min": rule.tcp_options.source_port_range.min if rule.tcp_options and rule.tcp_options.source_port_range else None, "max": rule.tcp_options.source_port_range.max if rule.tcp_options and rule.tcp_options.source_port_range else None, } if rule.tcp_options and rule.tcp_options.source_port_range else None, } if rule.tcp_options else None, "udp_options": { "destination_port_range": { "min": rule.udp_options.destination_port_range.min if rule.udp_options and rule.udp_options.destination_port_range else None, "max": rule.udp_options.destination_port_range.max if rule.udp_options and rule.udp_options.destination_port_range else None, } if rule.udp_options and rule.udp_options.destination_port_range else None, "source_port_range": { "min": rule.udp_options.source_port_range.min if rule.udp_options and rule.udp_options.source_port_range else None, "max": rule.udp_options.source_port_range.max if rule.udp_options and rule.udp_options.source_port_range else None, } if rule.udp_options and rule.udp_options.source_port_range else None, } if rule.udp_options else None, "icmp_options": { "type": rule.icmp_options.type if rule.icmp_options else None, "code": rule.icmp_options.code if rule.icmp_options else None, } if rule.icmp_options else None, }) security_list_details = { "id": security_list.id, "display_name": security_list.display_name, "compartment_id": security_list.compartment_id, "vcn_id": security_list.vcn_id, "lifecycle_state": security_list.lifecycle_state, "time_created": str(security_list.time_created), "ingress_security_rules": ingress_rules, "egress_security_rules": egress_rules, } logger.info(f"Retrieved details for security list {security_list_id}") return security_list_details except Exception as e: logger.exception(f"Error getting security list details: {e}") raise
- mcp_server_oci/mcp_server.py:736-752 (registration)MCP tool registration with @mcp.tool(name='get_security_list') decorator. The wrapper function mcp_get_security_list calls the core handler with the network client.@mcp.tool(name="get_security_list") @mcp_tool_wrapper( start_msg="Getting security list details for {security_list_id}...", success_msg="Retrieved security list details successfully", error_prefix="Error getting security list details" ) async def mcp_get_security_list(ctx: Context, security_list_id: str) -> Dict[str, Any]: """ Get detailed information about a specific security list. Args: security_list_id: OCID of the security list to retrieve Returns: Detailed security list with all ingress and egress rules """ return get_security_list(oci_clients["network"], security_list_id)