talk-hashi-mcp
Verified Safeby kral2
Overview
This project demonstrates AI-assisted infrastructure and secrets management using HashiCorp's Vault and Terraform Model Context Protocol (MCP) servers within VS Code.
Installation
vault server -dev -dev-root-token-id=root -dev-listen-address="0.0.0.0:8200"Environment Variables
- VAULT_ADDR
- VAULT_TOKEN
- VAULT_NAMESPACE
- TFE_TOKEN
- TFE_HOSTNAME
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_DEFAULT_REGION
Security Notes
The project is a demo, and security practices are well-communicated. It guides users to use environment variables for sensitive credentials (AWS, Vault, TFE tokens) and advocates for least-privilege Vault policies. There are no 'eval' statements or obfuscation. The hardcoded local IP (127.0.0.1) is for a development Vault server, with clear instructions on how to set it up. It explicitly warns about AWS costs and the need to destroy resources. While a dev Vault token (`root`) is mentioned, it's explicitly for a dev server and requires user setup.
Similar Servers
terraform-mcp-server
Provides seamless integration with Terraform Registry APIs and HCP Terraform/Terraform Enterprise APIs, enabling AI assistants/LLMs to generate high-quality Terraform code and automate IaC workflows.
tfmcp
A CLI tool and MCP server that enables LLMs to analyze, manage, and operate Terraform configurations and infrastructure environments.
copilot-security-instructions
This MCP server provides a toolkit to guide GitHub Copilot toward secure coding practices by offering customizable security-focused prompts and agents for integration into development workflows.
vault-mcp-server
Provides a Model Context Protocol (MCP) server implementation to integrate HashiCorp Vault secrets management and PKI operations with LLM clients.