hashicorp/terraform-mcp-serverPublic

NotificationsYou must be signed in to change notification settings
Fork52
Star743

The Terraform MCP Server provides seamless integration with Terraform ecosystem, enabling advanced automation and interaction capabilities for Infrastructure as Code (IaC) development.

License

MPL-2.0 license

743 stars 52 forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 210 Commits
.github		.github
.release		.release
cmd/terraform-mcp-server		cmd/terraform-mcp-server
e2e		e2e
pkg/hashicorp/tfregistry		pkg/hashicorp/tfregistry
public/images		public/images
scripts		scripts
version		version
.copywrite.hcl		.copywrite.hcl
.gitignore		.gitignore
.go-version		.go-version
CHANGELOG.md		CHANGELOG.md
CODEOWNERS		CODEOWNERS
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
go.mod		go.mod
go.sum		go.sum
scan.hcl		scan.hcl

Repository files navigation

Terraform MCP Server

The Terraform MCP Server is aModel Context Protocol (MCP)server that provides seamless integration with Terraform Registry APIs, enabling advancedautomation and interaction capabilities for Infrastructure as Code (IaC) development.

Features

Dual Transport Support: Both Stdio and StreamableHTTP transports
Terraform Provider Discovery: Query and explore Terraform providers and their documentation
Module Search & Analysis: Search and retrieve detailed information about Terraform modules
Registry Integration: Direct integration with Terraform Registry APIs
Container Ready: Docker support for easy deployment

Caution: The outputs and recommendations provided by the MCP server are generated dynamically and may vary based on the query, model, and the connected MCP server. Users shouldthoroughly review all outputs/recommendations to ensure they align with their organization'ssecurity best practices,cost-efficiency goals, andcompliance requirements before implementation.

Security Note: When using the StreamableHTTP transport in production, always configure theMCP_ALLOWED_ORIGINS environment variable to restrict access to trusted origins only. This helps prevent DNS rebinding attacks and other cross-origin vulnerabilities.

Prerequisites

To run the server in a container, you will need to haveDocker installed.
Once Docker is installed, you will need to ensure Docker is running.

Transport Support

The Terraform MCP Server supports multiple transport protocols:

1. Stdio Transport (Default)

Standard input/output communication using JSON-RPC messages. Ideal for local development and direct integration with MCP clients.

2. StreamableHTTP Transport

Modern HTTP-based transport supporting both direct HTTP requests and Server-Sent Events (SSE) streams. This is the recommended transport for remote/distributed setups.

Features:

Endpoint:http://{hostname}:8080/mcp
Health Check:http://{hostname}:8080/health
Environment Configuration: SetTRANSPORT_MODE=http orTRANSPORT_PORT=8080 to enable

Environment Variables:

Variable	Description	Default
`TRANSPORT_MODE`	Set to`streamable-http` to enable HTTP transport (legacy`http` value still supported)	`stdio`
`TRANSPORT_HOST`	Host to bind the HTTP server	`127.0.0.1`
`TRANSPORT_PORT`	HTTP server port	`8080`
`MCP_SESSION_MODE`	Session mode:`stateful` or`stateless`	`stateful`
`MCP_ALLOWED_ORIGINS`	Comma-separated list of allowed origins for CORS	`""` (empty)
`MCP_CORS_MODE`	CORS mode:`strict`,`development`, or`disabled`	`strict`

Command Line Options

# Stdio modeterraform-mcp-server stdio [--log-file /path/to/log]# StreamableHTTP modeterraform-mcp-server streamable-http [--transport-port 8080] [--transport-host 127.0.0.1] [--log-file /path/to/log]

Session Modes

The Terraform MCP Server supports two session modes when using the StreamableHTTP transport:

Stateful Mode (Default): Maintains session state between requests, enabling context-aware operations.
Stateless Mode: Each request is processed independently without maintaining session state, which can be useful for high-availability deployments or when using load balancers.

To enable stateless mode, set the environment variable:

export MCP_SESSION_MODE=stateless

Installation

Usage with VS Code

Add the following JSON block to your User Settings (JSON) file in VS Code. You can do this by pressingCtrl + Shift + P and typingPreferences: Open User Settings (JSON).

More about using MCP server tools in VS Code'sagent mode documentation.

{"mcp": {"servers": {"terraform": {"command":"docker","args": ["run","-i","--rm","hashicorp/terraform-mcp-server"        ]      }    }  }}

Optionally, you can add a similar example (i.e. without the mcp key) to a file called.vscode/mcp.json in your workspace. This will allow you to share the configuration with others.

{"servers": {"terraform": {"command":"docker","args": ["run","-i","--rm","hashicorp/terraform-mcp-server"      ]    }  }}

Usage with Claude Desktop / Amazon Q Developer / Amazon Q CLI

More about using MCP server tools in Claude Desktopuser documentation.Read more about using MCP server in Amazon Q from thedocumentation.

{"mcpServers": {"terraform": {"command":"docker","args": ["run","-i","--rm","hashicorp/terraform-mcp-server"      ]    }  }}

Tool Configuration

Available Toolsets

The following sets of tools are available:

Toolset	Tool	Description
`providers`	`resolveProviderDocID`	Queries the Terraform Registry to find and list available documentation for a specific provider using the specified`serviceSlug`. Returns a list of provider document IDs with their titles and categories for resources, data sources, functions, or guides.
`providers`	`getProviderDocs`	Fetches the complete documentation content for a specific provider resource, data source, or function using a document ID obtained from the`resolveProviderDocID` tool. Returns the raw documentation in markdown format.
`modules`	`searchModules`	Searches the Terraform Registry for modules based on specified`moduleQuery` with pagination. Returns a list of module IDs with their names, descriptions, download counts, verification status, and publish dates
`modules`	`moduleDetails`	Retrieves detailed documentation for a module using a module ID obtained from the`searchModules` tool including inputs, outputs, configuration, submodules, and examples.
`policies`	`searchPolicies`	Queries the Terraform Registry to find and list the appropriate Sentinel Policy based on the provided query`policyQuery`. Returns a list of matching policies with terraformPolicyIDs with their name, title and download counts.
`policies`	`policyDetails`	Retrieves detailed documentation for a policy set using a terraformPolicyID obtained from the`searchPolicies` tool including policy readme and implementation details.

Install from source

Use the latest release version:

go install github.com/hashicorp/terraform-mcp-server/cmd/terraform-mcp-server@latest

Use the main branch:

go install github.com/hashicorp/terraform-mcp-server/cmd/terraform-mcp-server@main

{"mcp": {"servers": {"terraform": {"command":"/path/to/terraform-mcp-server","args": ["stdio"]      }    }  }}

Building the Docker Image locally

Before using the server, you need to build the Docker image locally:

Clone the repository:

git clone https://github.com/hashicorp/terraform-mcp-server.gitcd terraform-mcp-server

Build the Docker image:

make docker-build

This will create a local Docker image that you can use in the following configuration.

# Run in stdio modedocker run -i --rm terraform-mcp-server:dev# Run in streamable-http modedocker run -p 8080:8080 --rm -e TRANSPORT_MODE=streamable-http -e TRANSPORT_HOST=0.0.0.0 terraform-mcp-server:dev

Note: When running in Docker, you should setTRANSPORT_HOST=0.0.0.0 to allow connections from outside the container.

(Optional) Test connection in http mode

# Test the connectioncurl http://localhost:8080/health

You can use it on your AI assistant as follow:

{"mcpServers": {"terraform": {"command":"docker","args": ["run","-i","--rm","terraform-mcp-server:dev"      ]    }  }}

Development

Prerequisites

Go (checkgo.mod file for specific version)
Docker (optional, for container builds)

Available Make Commands

Command	Description
`make build`	Build the binary
`make test`	Run all tests
`make test-e2e`	Run end-to-end tests
`make docker-build`	Build Docker image
`make run-http`	Run HTTP server locally
`make docker-run-http`	Run HTTP server in Docker
`make test-http`	Test HTTP health endpoint
`make clean`	Remove build artifacts
`make help`	Show all available commands

Contributing

Fork the repository
Create your feature branch
Make your changes
Run tests
Submit a pull request

License

This project is licensed under the terms of the MPL-2.0 open source license. Please refer toLICENSE file for the full terms.

Security

For security issues, please contactsecurity@hashicorp.com or follow oursecurity policy.

Support

For bug reports and feature requests, please open an issue on GitHub.

For general questions and discussions, open a GitHub Discussion.

About

The Terraform MCP Server provides seamless integration with Terraform ecosystem, enabling advanced automation and interaction capabilities for Infrastructure as Code (IaC) development.