Terraform MCP Server
Featuredby
Provides seamless integration with the Terraform ecosystem, enabling advanced automation and interaction capabilities for Infrastructure as Code (IaC) development via Model Context Protocol.
Terraform MCP Server Overview
What is Terraform MCP Server about?
Enables Model Context Protocol (MCP)‑based interaction with Terraform Registry APIs, allowing AI‑assisted tooling to search providers, retrieve module documentation, and query Sentinel policies directly from a local or containerized server.
How to use Terraform MCP Server?
- Installation
- Docker (recommended for quick start):
docker run -i --rm hashicorp/terraform-mcp-serverfor stdio mode or add-p 8080:8080 -e TRANSPORT_MODE=streamable-http -e TRANSPORT_HOST=0.0.0.0for HTTP mode. - Go binary:
go install github.com/hashicorp/terraform-mcp-server/cmd/terraform-mcp-server@latestand runterraform-mcp-server stdioorterraform-mcp-server streamable-http.
- Docker (recommended for quick start):
- Running
- Stdio (default):
terraform-mcp-server stdio [--log-file /path/to/log]– communicates via JSON‑RPC over stdin/stdout. - Streamable‑HTTP:
terraform-mcp-server streamable-http [--transport-port 8080] [--transport-host 127.0.0.1]– exposes/mcpendpoint and health check at/health.
- Stdio (default):
- Configuration
- Set environment variables such as
TRANSPORT_MODE,TRANSPORT_HOST,TRANSPORT_PORT,MCP_SESSION_MODE,MCP_ALLOWED_ORIGINS, andMCP_CORS_MODEto tune transport and security.
- Set environment variables such as
- IDE Integration
- Add a VS Code MCP server entry in
settings.jsonor.vscode/mcp.jsonusing the Docker command shown in the README. - Similar JSON blocks are provided for Claude Desktop, Amazon Q Developer, and other AI assistants.
- Add a VS Code MCP server entry in
Key Features
- Dual transport support: Stdio and Streamable‑HTTP (SSE‑compatible).
- Provider discovery and detailed documentation retrieval.
- Module search with pagination and versioned detail fetch.
- Sentinel policy lookup for HCP Terraform/Enterprise.
- Container‑ready Docker image with simple
make docker-buildworkflow. - Configurable session modes: stateful (default) or stateless for high‑availability deployments.
- Fine‑grained CORS control via
MCP_ALLOWED_ORIGINSandMCP_CORS_MODE.
Use Cases
- AI‑augmented IaC authoring: Retrieve provider docs or module examples on‑the‑fly while writing Terraform configurations.
- CI/CD pipelines: Query the latest module versions or policy definitions programmatically before applying infrastructure changes.
- Enterprise governance: Integrate Sentinel policy search into automated compliance checks.
- Remote tooling: Run the server in a container behind a firewall and let distributed assistants communicate via the HTTP transport.
- Developer tooling: Plug into VS Code’s Copilot‑style chat to get context‑aware suggestions directly from the Terraform registry.
FAQ
Q: Do I need Docker to run the server? A: Docker is the easiest way, but you can also build and run the Go binary locally.
Q: Which transport should I use? A: Use Stdio for local development or when the client runs in the same process. Use Streamable‑HTTP for remote or distributed setups.
Q: How do I restrict access when using HTTP mode?
A: Set MCP_ALLOWED_ORIGINS to a comma‑separated list of trusted origins and keep MCP_CORS_MODE set to strict.
Q: What is the difference between stateful and stateless sessions? A: Stateful retains context between requests (useful for conversational AI), while stateless processes each request independently, aiding scalability behind load balancers.
Q: How can I test the HTTP endpoint?
A: After starting the server in HTTP mode, run curl http://localhost:8080/health – you should receive a 200 response.
Terraform MCP Server's README
Terraform MCP Server
The Terraform MCP Server is a Model Context Protocol (MCP) server that provides seamless integration with Terraform Registry APIs, enabling advanced automation and interaction capabilities for Infrastructure as Code (IaC) development.
Features
- Dual Transport Support: Both Stdio and StreamableHTTP transports
- Terraform Provider Discovery: Query and explore Terraform providers and their documentation
- Module Search & Analysis: Search and retrieve detailed information about Terraform modules
- Registry Integration: Direct integration with Terraform Registry APIs
- Container Ready: Docker support for easy deployment
Caution: The outputs and recommendations provided by the MCP server are generated dynamically and may vary based on the query, model, and the connected MCP server. Users should thoroughly review all outputs/recommendations to ensure they align with their organization's security best practices, cost-efficiency goals, and compliance requirements before implementation.
Security Note: When using the StreamableHTTP transport in production, always configure the
MCP_ALLOWED_ORIGINSenvironment variable to restrict access to trusted origins only. This helps prevent DNS rebinding attacks and other cross-origin vulnerabilities.
Prerequisites
- To run the server in a container, you will need to have Docker installed.
- Once Docker is installed, you will need to ensure Docker is running.
Transport Support
The Terraform MCP Server supports multiple transport protocols:
1. Stdio Transport (Default)
Standard input/output communication using JSON-RPC messages. Ideal for local development and direct integration with MCP clients.
2. StreamableHTTP Transport
Modern HTTP-based transport supporting both direct HTTP requests and Server-Sent Events (SSE) streams. This is the recommended transport for remote/distributed setups.
Features:
- Endpoint:
http://{hostname}:8080/mcp - Health Check:
http://{hostname}:8080/health - Environment Configuration: Set
TRANSPORT_MODE=httporTRANSPORT_PORT=8080to enable
Environment Variables:
| Variable | Description | Default |
|---|---|---|
TRANSPORT_MODE |
Set to streamable-http to enable HTTP transport (legacy http value still supported) |
stdio |
TRANSPORT_HOST |
Host to bind the HTTP server | 127.0.0.1 |
TRANSPORT_PORT |
HTTP server port | 8080 |
MCP_ENDPOINT |
HTTP server endpoint path | /mcp |
MCP_SESSION_MODE |
Session mode: stateful or stateless |
stateful |
MCP_ALLOWED_ORIGINS |
Comma-separated list of allowed origins for CORS | "" (empty) |
MCP_CORS_MODE |
CORS mode: strict, development, or disabled |
strict |
Command Line Options
# Stdio mode
terraform-mcp-server stdio [--log-file /path/to/log]
# StreamableHTTP mode
terraform-mcp-server streamable-http [--transport-port 8080] [--transport-host 127.0.0.1] [--mcp-endpoint /mcp] [--log-file /path/to/log]
Session Modes
The Terraform MCP Server supports two session modes when using the StreamableHTTP transport:
- Stateful Mode (Default): Maintains session state between requests, enabling context-aware operations.
- Stateless Mode: Each request is processed independently without maintaining session state, which can be useful for high-availability deployments or when using load balancers.
To enable stateless mode, set the environment variable:
export MCP_SESSION_MODE=stateless
Installation
Usage with VS Code
Add the following JSON block to your User Settings (JSON) file in VS Code. You can do this by pressing Ctrl + Shift + P and typing Preferences: Open User Settings (JSON).
More about using MCP server tools in VS Code's agent mode documentation.
{
"mcp": {
"servers": {
"terraform": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"hashicorp/terraform-mcp-server"
]
}
}
}
}
Optionally, you can add a similar example (i.e. without the mcp key) to a file called .vscode/mcp.json in your workspace. This will allow you to share the configuration with others.
{
"servers": {
"terraform": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"hashicorp/terraform-mcp-server"
]
}
}
}
Usage with Claude Desktop / Amazon Q Developer / Amazon Q CLI
More about using MCP server tools in Claude Desktop user documentation. Read more about using MCP server in Amazon Q from the documentation.
{
"mcpServers": {
"terraform": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"hashicorp/terraform-mcp-server"
]
}
}
}
Tool Configuration
Available Toolsets
The following sets of tools are available for the public Terraform registry:
| Toolset | Tool | Description |
|---|---|---|
providers |
search_providers |
Queries the Terraform Registry to find and list available documentation for a specific provider using the specified service_slug. Returns a list of provider document IDs with their titles and categories for resources, data sources, functions, or guides. |
providers |
get_provider_details |
Fetches the complete documentation content for a specific provider resource, data source, or function using a document ID obtained from the search_providers tool. Returns the raw documentation in markdown format. |
providers |
get_latest_provider_version |
Fetches the complete documentation content for a specific provider resource, data source, or function using a document ID obtained from the search_providers tool. Returns the raw documentation in markdown format. |
modules |
search_modules |
Searches the Terraform Registry for modules based on specified module_query with pagination. Returns a list of module IDs with their names, descriptions, download counts, verification status, and publish dates |
modules |
get_module_details |
Retrieves detailed documentation for a module using a module ID obtained from the search_modules tool including inputs, outputs, configuration, submodules, and examples. |
modules |
get_latest_module_version |
Retrieves detailed documentation for a module using a module ID obtained from the search_modules tool including inputs, outputs, configuration, submodules, and examples. |
policies |
search_policies |
Queries the Terraform Registry to find and list the appropriate Sentinel Policy based on the provided query policy_query. Returns a list of matching policies with terraform_policy_id(s) with their name, title and download counts. |
policies |
get_policy_details |
Retrieves detailed documentation for a policy set using a terraform_policy_id obtained from the search_policies tool including policy readme and implementation details. |
The following sets of tools are available for HCP Terraform or Terraform Enterprise:
| Toolset | Tool | Description |
|---|---|---|
orgs |
list_organizations |
Lists all Terraform organizations accessible to the authenticated user. |
projects |
list_projects |
Lists all projects within a specified Terraform organization. |
Resource Configuration
Available resources
| Resource URI | Description |
|---|---|
/terraform/style-guide |
Terraform Style Guide - Provides access to the official Terraform style guide documentation in markdown format |
/terraform/module-development |
Terraform Module Development Guide - Comprehensive guide covering module composition, structure, providers, publishing, and refactoring best practices |
Available Resource Templates
| Resouce Template URI | Description |
|---|---|
/terraform/providers/{namespace}/name/{name}/version/{version} |
Provider Resource Template - Dynamically retrieves detailed documentation and overview for any Terraform provider by namespace, name, and version |
Install from source
Use the latest release version:
go install github.com/hashicorp/terraform-mcp-server/cmd/terraform-mcp-server@latest
Use the main branch:
go install github.com/hashicorp/terraform-mcp-server/cmd/terraform-mcp-server@main
{
"mcp": {
"servers": {
"terraform": {
"command": "/path/to/terraform-mcp-server",
"args": ["stdio"]
}
}
}
}
Building the Docker Image locally
Before using the server, you need to build the Docker image locally:
- Clone the repository:
git clone https://github.com/hashicorp/terraform-mcp-server.git
cd terraform-mcp-server
- Build the Docker image:
make docker-build
- This will create a local Docker image that you can use in the following configuration.
# Run in stdio mode
docker run -i --rm terraform-mcp-server:dev
# Run in streamable-http mode
docker run -p 8080:8080 --rm -e TRANSPORT_MODE=streamable-http -e TRANSPORT_HOST=0.0.0.0 terraform-mcp-server:dev
Note: When running in Docker, you should set
TRANSPORT_HOST=0.0.0.0to allow connections from outside the container.
- (Optional) Test connection in http mode
# Test the connection
curl http://localhost:8080/health
- You can use it on your AI assistant as follow:
{
"mcpServers": {
"terraform": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"terraform-mcp-server:dev"
]
}
}
}
Development
Prerequisites
- Go (check go.mod file for specific version)
- Docker (optional, for container builds)
Available Make Commands
| Command | Description |
|---|---|
make build |
Build the binary |
make test |
Run all tests |
make test-e2e |
Run end-to-end tests |
make docker-build |
Build Docker image |
make run-http |
Run HTTP server locally |
make docker-run-http |
Run HTTP server in Docker |
make test-http |
Test HTTP health endpoint |
make clean |
Remove build artifacts |
make help |
Show all available commands |
Contributing
- Fork the repository
- Create your feature branch
- Make your changes
- Run tests
- Submit a pull request
License
This project is licensed under the terms of the MPL-2.0 open source license. Please refer to LICENSE file for the full terms.
Security
For security issues, please contact security@hashicorp.com or follow our security policy.
Support
For bug reports and feature requests, please open an issue on GitHub.
For general questions and discussions, open a GitHub Discussion.
Terraform MCP Server Reviews
Login Required
Please log in to share your review and rating for this MCP.
Actions
Terraform MCP Server's Information
- Author
- hashicorp
- Category
- Development Tools
- Language
- Go
- License
- Mozilla Public License 2.0
- Stars
- 910
- Updated
- about 1 month ago
Related MCP Servers
Discover more MCP servers with similar functionality and use cases
Zed
OfficialClientby zed-industries
Provides real-time collaborative editing powered by Rust, enabling developers to edit code instantly across machines with a responsive, GPU-accelerated UI.
Cline
Clientby cline
Provides autonomous coding assistance directly in the IDE, enabling file creation, editing, terminal command execution, browser interactions, and tool extension with user approval at each step.
Continue
Clientby continuedev
Provides continuous AI assistance across IDEs, terminals, and CI pipelines, offering agents, chat, inline editing, and autocomplete to accelerate software development.
GitHub MCP Server
by github
Enables AI agents, assistants, and chatbots to interact with GitHub via natural‑language commands, providing read‑write access to repositories, issues, pull requests, workflows, security data and team activity.
Goose
Clientby block
Automates engineering tasks by installing, executing, editing, and testing code using any large language model, providing end‑to‑end project building, debugging, workflow orchestration, and external API interaction.
Roo Code
OfficialClientby RooCodeInc
An autonomous coding agent that lives inside VS Code, capable of generating, refactoring, debugging code, managing files, running terminal commands, controlling a browser, and adapting its behavior through custom modes and instructions.
Mcp Agent
Clientby lastmile-ai
A lightweight, composable framework for building AI agents using Model Context Protocol and simple workflow patterns.
Firebase CLI
by firebase
Provides a command‑line interface to manage, test, and deploy Firebase projects, covering hosting, databases, authentication, cloud functions, extensions, and CI/CD workflows.
Gptme
Clientby gptme
Empowers large language models to act as personal AI assistants directly inside the terminal, providing capabilities such as code execution, file manipulation, web browsing, vision, and interactive tool usage.