terraform-mcp-server
Verified Safeby hashicorp
Overview
The Terraform MCP Server provides seamless integration with Terraform Registry APIs and HCP Terraform/Terraform Enterprise, enabling AI assistants (LLMs) to generate high-quality Terraform code and automate IaC workflows.
Installation
docker run -i --rm hashicorp/terraform-mcp-server:0.3.3Environment Variables
- TFE_ADDRESS
- TFE_TOKEN
- TFE_SKIP_TLS_VERIFY
- TRANSPORT_MODE
- TRANSPORT_HOST
- TRANSPORT_PORT
- MCP_ENDPOINT
- MCP_SESSION_MODE
- MCP_ALLOWED_ORIGINS
- MCP_CORS_MODE
- MCP_TLS_CERT_FILE
- MCP_TLS_KEY_FILE
- MCP_RATE_LIMIT_GLOBAL
- MCP_RATE_LIMIT_SESSION
- ENABLE_TF_OPERATIONS
Security Notes
The project implements good security practices including CORS configuration with allowed origins, TLS support for HTTP transport (required for non-localhost), and clear warnings against using with untrusted clients/LLMs. Sensitive values like TFE_TOKEN are expected via environment variables and are explicitly prevented from being passed via URL query parameters. Rate limiting is also implemented. The default Docker base image uses 'scratch' for a smaller attack surface. Some tools are marked as 'destructive' but require explicit enablement via `ENABLE_TF_OPERATIONS` environment variable and user confirmation for critical actions, but the overall security relies on the calling LLM's adherence to these confirmations.
Similar Servers
kubernetes-mcp-server
Provides a Model Context Protocol (MCP) server for AI agents to interact with Kubernetes and OpenShift clusters, enabling AI-driven cluster management and diagnosis.
tfmcp
A CLI tool enabling LLMs to interact with and manage Terraform infrastructure through the Model Context Protocol (MCP), offering advanced analysis and security features.
aws-mcp-server
The AWS MCP Server allows AI assistants to execute AWS CLI commands and access AWS environment context, providing a powerful interface for cloud management and automation.
mcp-kubernetes
The mcp-kubernetes server acts as a bridge for AI assistants to interact with Kubernetes clusters, translating natural language requests into kubectl, Helm, Cilium, or Hubble operations for debugging and management.