Skip to content

hashicorp/terraform-mcp-server

MCP Developer Tools

A Model Context Protocol (MCP) server that integrates Terraform Registry APIs for advanced IaC automation

Track releases GitHub
Go Latest v0.5.2 · 1mo ago Security brief →

Features

  • Dual transport support: Stdio and StreamableHTTP with configurable endpoints
  • Direct integration with public Terraform Registry APIs for providers, modules, and policies
  • Full workspace management for HCP Terraform and Terraform Enterprise (create, update, delete)
  • OpenTelemetry metrics for monitoring tool usage in HTTP mode

Recent releases

View all 12 releases →
v0.5.1 New feature
Notable features
  • --toolsets flag for tool groups
  • --tools flag for individual tools
  • Policy set management tools
Full changelog

0.5.1

FEATURES

  • [New Tool] list_workspace_policy_sets Read all policy sets attached to a workspace

  • [New Tool] attach_policy_set_to_workspaces Attach a policy set to one or more workspaces

  • Toolsets Flag: Added --toolsets flag to selectively enable tool groups. Three toolset groups are available: registry (public Terraform Registry), registry-private (private TFE/TFC registry), and terraform (TFE/TFC operations). Default is registry only.

  • Individual Tools Flag: Added --tools flag to enable specific tools by name for fine-grained control. Accepts comma-separated list of tool names with validation and security checks.

  • Added get_token_permissions tool to allow listing permissions for current token.

  • Added Stacks support with list_stacks and get_stack_details tools.

FIXES

  • Skip TLS flag was not propogated properly 243
  • Change Dockerfile CMD to ENTRYPOINT 246
  • Truncate large responses in list_ tools to top level summaries
  • Embedd pagination information in list_ responses

IMPROVEMENTS

  • Return input validation errors as Tool Execution Errors instead of Protocol Errors
View release on GitHub
v0.5.0 New feature
Notable features
  • get_plan_json_output
  • get_plan_details
  • get_plan_logs
Full changelog

0.5.0

FEATURES

  • [New Tool] get_plan_json_output Retrieves the structured JSON output of a Terraform plan, providing detailed resource changes in a machine-readable format that is easier to parse than plain logs
  • [New Tool] get_plan_details Fetches detailed metadata about a specific Terraform plan
  • [New Tool] get_plan_logs Retrieves the execution logs of a specific Terraform plan
  • [New Tool] get_apply_details Fetches detailed metadata about a specific Terraform apply
  • [New Tool] get_apply_logs Retrieves the execution logs of a specific Terraform apply

IMPROVEMENTS

  • Add Authorization: Bearer header support for Terraform token in proxy environments
  • Add --heartbeat-interval CLI flag and MCP_HEARTBEAT_INTERVAL env var for HTTP heartbeat in load-balanced environments
  • Set custom User-Agent header for TFE API requests to enable tracking MCP server usage separately from other go-tfe clients 268
  • Adding a new cli flags --log-level to set the desired log level for the server logs and --log-format for the logs formatting 286
  • Add OpenTelemtry instrumentation for tool call metrics - tool call count, tool error count and tool call latency 300

FIXES

  • list_runs was returning empty response due to JSON marshalling error
View release on GitHub
v0.4.0 New feature
Notable features
  • --toolsets flag for tool groups
  • --tools flag for individual tools
  • Policy set management tools
Full changelog

0.4.0

FEATURES

  • [New Tool] list_workspace_policy_sets Read all policy sets attached to a workspace

  • [New Tool] attach_policy_set_to_workspaces Attach a policy set to one or more workspaces

  • Toolsets Flag: Added --toolsets flag to selectively enable tool groups. Three toolset groups are available: registry (public Terraform Registry), registry-private (private TFE/TFC registry), and terraform (TFE/TFC operations). Default is registry only.

  • Individual Tools Flag: Added --tools flag to enable specific tools by name for fine-grained control. Accepts comma-separated list of tool names with validation and security checks.

  • Added get_token_permissions tool to allow listing permissions for current token.

  • Added Stacks support with list_stacks and get_stack_details tools.

FIXES

  • Skip TLS flag was not propogated properly 243
  • Change Dockerfile CMD to ENTRYPOINT 246
  • Truncate large responses in list_ tools to top level summaries
  • Embedd pagination information in list_ responses

IMPROVEMENTS

  • Return input validation errors as Tool Execution Errors instead of Protocol Errors
View release on GitHub
v0.3.3 New feature
Notable features
  • Search Terraform List Resources documentation
Full changelog

0.3.3 (Nov 21, 2025)

IMPROVEMENTS

  • Adding support for searching Terraform List Resources documentation
View release on GitHub
v0.3.2 New feature
Notable features
  • get_provider_capabilities tool
  • create_no_code_workspace tool
Full changelog

0.3.2 (Oct 23, 2025)

FEATURES

  • [New Tool] get_provider_capabilities Adding provider capability discovery tool to analyze available resources, data sources, functions, guides, and actions

  • [New Tool] create_no_code_workspace Adding capability to trigger a workspace run using a no code module

FIXES

  • Added a module id validator to fix issue 182
  • Fixes in readme for TFE_HOSTNAME v/s TFE_ADDRESS

IMPROVEMENTS

  • Added official MCP Registry Server JSON Specification file server.json to the repo. See #200
View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
1,393
Forks
159
Languages
Go Shell Makefile
View on GitHub

Install & Platforms

Install via
docker

Similar tools

nwiizo/tfmcp
openstack-kr/python-openstackmcp-server
aashari/mcp-server-atlassian-bitbucket
arnstarn/mcp-server-spotinst
manusa/Kubernetes MCP Server

Beta — feedback welcome: [email protected]