MCP resources
MCP resources are read-only data an MCP client can fetch and attach as context—unlike tools, which the client calls to take an action, a resource is addressed by a URI and simply returns data. Alpacon exposes 72 resources under the alpacon:// scheme, one per read-only (list_/get_) tool, so each resource stays in sync with its underlying tool.
URI pattern
alpacon://<domain>[/<sub>]/{region}/{workspace}[/{server_id}][/<facet>]
<domain>groups resources by area:servers,metrics,audit,certs,iam, and so on.[/<sub>]is an optional literal segment that splits a domain further, e.g.certs/authoritiesversuscerts/sign-requests.{region}and{workspace}are path parameters on nearly every resource.- A trailing
{id}(e.g.{server_id},{alert_id}) addresses a single item instead of a list; a trailing literal facet (e.g./info,/cpu,/overview) selects a specific view, sometimes combined with an id ({server_id}/cpu).
A few resources don’t fit the pattern exactly:
alpacon://workspacesandalpacon://workspaces/{region}omit{workspace}(and the first omits{region}too), since these discover which workspaces exist in the first place.alpacon://alerts/active/{region}/{workspace}inserts a literal filter segment (active) before{region}, pinning the underlyinglist_alertscall toacknowledged=false.
A resource returns the same JSON as its underlying tool. For field-level detail on a returned value, see the linked tool page for that domain.
Resources by domain
Servers
| Resource | Returns | Tool |
|---|---|---|
alpacon://servers/{region}/{workspace} | Server list: names, UUIDs, status, OS, connection info | list_servers |
alpacon://servers/{region}/{workspace}/{server_id} | Single server detail: hostname, IP, OS, agent version, online status | get_server |
alpacon://servers/{region}/{workspace}/{server_id}/notes | Documentation notes attached to the server | list_server_notes |
alpacon://servers/{region}/{workspace}/{server_id}/overview | Combined hardware, OS, uptime, network, and disk overview | get_server_overview |
alpacon://server-notes/{region}/{workspace}/{note_id} | Single note detail: title, content, author, timestamps, privacy | get_server_note |
alpacon://registration-tokens/{region}/{workspace} | Alpamon registration tokens issued in the workspace | list_registration_tokens |
System information & packages
See System information & packages tools.
| Resource | Returns | Tool |
|---|---|---|
alpacon://system/{region}/{workspace}/{server_id}/info | Hardware info: CPU model, core count, RAM size, architecture | get_system_info |
alpacon://system/{region}/{workspace}/{server_id}/os-version | OS name, version, kernel version, distribution | get_os_version |
alpacon://system/{region}/{workspace}/{server_id}/users | OS-level user accounts (passwd entries) | list_system_users |
alpacon://system/{region}/{workspace}/{server_id}/groups | OS-level groups and their members | list_system_groups |
alpacon://system/{region}/{workspace}/{server_id}/packages | Installed OS packages (rpm/deb): name, version, architecture | list_system_packages |
alpacon://system/{region}/{workspace}/{server_id}/network-interfaces | Network interfaces: IP, MAC, MTU, link status | get_network_interfaces |
alpacon://system/{region}/{workspace}/{server_id}/disk-info | Physical disks and partition layout | get_disk_info |
alpacon://system/{region}/{workspace}/{server_id}/time | System clock, timezone, and uptime | get_system_time |
alpacon://packages/system/{region}/{workspace}/{server_id} | System package entries: name, version, installation details | list_system_package_entries |
alpacon://packages/python/{region}/{workspace}/{server_id} | Python packages installed on the server: name, version, details | list_python_packages |
Monitoring & alerts
See Monitoring & alerts tools.
| Resource | Returns | Tool |
|---|---|---|
alpacon://metrics/{region}/{workspace}/{server_id}/cpu | CPU utilization: current/average/min/max with health status | get_cpu_usage |
alpacon://metrics/{region}/{workspace}/{server_id}/memory | Memory utilization: current/average/min/max with health status | get_memory_usage |
alpacon://metrics/{region}/{workspace}/{server_id}/disk | Disk usage percentage and total/used/free space | get_disk_usage |
alpacon://metrics/{region}/{workspace}/{server_id}/disk-io | Disk read/write throughput: peak and average per device | get_disk_io |
alpacon://metrics/{region}/{workspace}/{server_id}/network | Network bandwidth: current/average/peak in/out (bps, pps) | get_network_traffic |
alpacon://metrics/{region}/{workspace}/{server_id}/summary | Combined CPU, memory, disk, and network summary | get_server_metrics_summary |
alpacon://metrics/{region}/{workspace}/top | Top servers ranked by resource usage over the last 24 hours | get_top_servers |
alpacon://alert-rules/{region}/{workspace} | Configured alert rules: conditions, severity, notification settings | get_alert_rules |
alpacon://alerts/{region}/{workspace} | All alerts | list_alerts |
alpacon://alerts/active/{region}/{workspace} | Unacknowledged alerts only (acknowledged=false) | list_alerts |
alpacon://alerts/{region}/{workspace}/{alert_id} | Single alert detail | get_alert |
Command execution
| Resource | Returns | Tool |
|---|---|---|
alpacon://commands/{region}/{workspace} | Recent command execution history: status, output, timestamps | list_commands |
File transfer
See File transfer tools.
| Resource | Returns | Tool |
|---|---|---|
alpacon://webftp/sessions/{region}/{workspace} | Active and past WebFTP file transfer sessions | webftp_sessions_list |
alpacon://webftp/downloads/{region}/{workspace} | Download history: filenames, sizes, timestamps, status | webftp_downloads_list |
alpacon://webftp/uploads/{region}/{workspace} | Upload history: filenames, sizes, timestamps, status | webftp_uploads_list |
Events & webhooks
| Resource | Returns | Tool |
|---|---|---|
alpacon://events/{region}/{workspace} | Recent server events, newest first | list_events |
alpacon://events/{region}/{workspace}/{event_id} | Single event detail: description, timestamp, server, reporter | get_event |
alpacon://event-subscriptions/{region}/{workspace} | Event subscriptions: channel, event type, target | list_event_subscriptions |
alpacon://webhooks/{region}/{workspace} | Configured webhook endpoints | list_webhooks |
alpacon://webhooks/{region}/{workspace}/{webhook_id} | Single webhook detail: URL, SSL verification, status, owner | get_webhook |
Audit logs
See Audit log tools.
| Resource | Returns | Tool |
|---|---|---|
alpacon://audit/activity/{region}/{workspace} | Activity logs of user and system actions | list_activity_logs |
alpacon://audit/activity/{region}/{workspace}/{log_id} | Single activity log entry detail | get_activity_log |
alpacon://audit/server-logs/{region}/{workspace} | Server command execution log history | list_server_logs |
alpacon://audit/webftp-logs/{region}/{workspace} | File transfer log history | list_webftp_logs |
alpacon://audit/session-analyses/{region}/{workspace} | AI security analysis results across the workspace | list_session_analyses |
alpacon://audit/session-analyses/{region}/{workspace}/{analysis_id} | Single analysis in full: risk factors, MITRE ATT&CK mapping, timeline | get_session_analysis_detail |
Work Sessions
See Work Session tools.
| Resource | Returns | Tool |
|---|---|---|
alpacon://work-sessions/{region}/{workspace} | Work Sessions, optionally filtered by status or requester type | work_session_list |
alpacon://work-sessions/{region}/{workspace}/{session_id} | Single Work Session: status, scopes, servers, requester_type, expires_at | work_session_get |
Access control & approvals
See Access control & approvals tools.
| Resource | Returns | Tool |
|---|---|---|
alpacon://approvals/{region}/{workspace} | Pending and historical approval requests | list_approval_requests |
alpacon://approvals/{region}/{workspace}/{request_id} | Single approval request: requester, type, reason, status | get_approval_request |
alpacon://sudo-policies/{region}/{workspace} | Sudo privilege policies: allowed commands, assigned users/servers, validity | list_sudo_policies |
alpacon://acls/command/{region}/{workspace} | Command ACL rules gating command execution | list_command_acls |
alpacon://acls/server/{region}/{workspace} | Server ACL rules gating which servers a token can access | list_server_acls |
alpacon://acls/file/{region}/{workspace} | File ACL rules gating WebFTP upload/download | list_file_acls |
IAM & API tokens
| Resource | Returns | Tool |
|---|---|---|
alpacon://iam/users/{region}/{workspace} | IAM users: username, email, active status, group count | list_iam_users |
alpacon://iam/users/{region}/{workspace}/{user_id} | Single IAM user detail | get_iam_user |
alpacon://iam/groups/{region}/{workspace} | IAM permission groups: name, description, member info | list_iam_groups |
alpacon://iam/groups/{region}/{workspace}/{group_id} | Single IAM group detail: members, description | get_iam_group |
alpacon://iam/memberships/{region}/{workspace} | IAM group memberships, optionally filtered by group | list_iam_memberships |
alpacon://iam/applications/{region}/{workspace} | IAM applications (machine service accounts) | list_iam_applications |
alpacon://iam/applications/{region}/{workspace}/{app_id} | Single IAM application detail | get_iam_application |
alpacon://tokens/{region}/{workspace} | API tokens in the workspace | list_api_tokens |
alpacon://tokens/{region}/{workspace}/{token_id} | Single API token detail: scopes, expiry, enabled status | get_api_token |
alpacon://tokens/scopes/{region}/{workspace} | Available API token permission scopes | list_api_token_scopes |
alpacon://tokens/presets/{region}/{workspace} | Bundled API token scope presets | list_api_token_presets |
Certificates
See Certificate tools.
| Resource | Returns | Tool |
|---|---|---|
alpacon://certs/authorities/{region}/{workspace} | Certificate authorities: name, domain, validity, key algorithm/size | list_certificate_authorities |
alpacon://certs/authorities/{region}/{workspace}/{ca_id} | Single CA detail | get_certificate_authority |
alpacon://certs/sign-requests/{region}/{workspace} | Certificate signing requests and their status | list_sign_requests |
alpacon://certs/sign-requests/{region}/{workspace}/{csr_id} | Single CSR detail: status, common name, SANs, CA | get_sign_request |
alpacon://certs/{region}/{workspace} | Issued certificates: common names, expiry, revocation status | list_certificates |
alpacon://certs/{region}/{workspace}/{certificate_id} | Single certificate detail: content, SANs, expiry | get_certificate |
alpacon://certs/revoke-requests/{region}/{workspace} | Certificate revocation requests and their status | list_revoke_requests |
alpacon://certs/revoke-requests/{region}/{workspace}/{revoke_id} | Single revocation request detail | get_revoke_request |
Workspaces & identity
| Resource | Returns | Tool |
|---|---|---|
alpacon://workspaces | All configured workspaces across every region | list_workspaces |
alpacon://workspaces/{region} | Workspaces configured in a single region | list_workspaces |
alpacon://current-user/{region}/{workspace} | The authenticated caller: username, email, role, UID, shell, home directory | get_current_user |
Related
- Tools: the full read/write tool set each resource is thinly wrapping
- MCP prompts: workflow guides that call these same read-only tools during triage and audit
- Getting started: connect your MCP client and see how it lists resources