Control Plane

@Control Plane Corporation

Visit Server

3 hours ago

# cloud-infrastructure

The official Control Plane MCP server. Deploy, operate, troubleshoot, and migrate containerized workloads — plus secrets, networking, and stateful storage across AWS, GCP, Azure, OCI, and your own hardware, in natural language.

Overview Tools Comments

Overview

Control Plane MCP Server

The official Control Plane MCP server. Control Plane is a hybrid multi-cloud platform that runs containerized workloads across AWS, GCP, Azure, OCI, and your own hardware under one API. This server gives your AI assistant 150+ tools to deploy, operate, troubleshoot, secure, and migrate workloads in natural language — backed by production guardrails so it asks before doing anything destructive.

Authentication

MCP uses OAuth 2.1 + PKCE — no API keys to paste. You sign in once and choose which Control Plane organizations the assistant may operate on; the token is scoped to those orgs and enforced server-side on every call. Treat MCP access as production access to the orgs you grant.

What you can do

Deploy & operate workloads — serverless, standard, cron, stateful, and VM workloads; autoscaling, rollouts, load balancing, and multi-region placement across cloud locations.
Secrets & identity — create and reference secrets (AWS, GCP, Azure, Docker, ECR, TLS, opaque, and more); grant workloads credential-free cloud access via identity + policy (no static IAM keys).
Networking & domains — map custom domains with automatic TLS, configure firewalls (deny-by-default), CORS, CDN, rate limiting, and private networking.
Stateful storage — provision volume sets, snapshots, and HA databases; mount them to stateful and VM workloads.
Observability — query logs (LogQL), metrics, traces, audit events, and workload events; exec into running replicas.
Migrate from Kubernetes — convert Kubernetes manifests, Docker Compose, and Helm charts to Control Plane and apply them after you confirm.
Managed Kubernetes (mk8s) — provision BYOK clusters across AWS, Azure, GCP, Hetzner, Linode, DigitalOcean, and more.
IaC export — generate Terraform from existing resources.

Example prompts

"Troubleshoot why my payments-api workload in production keeps restarting."
"Put app.example.com in front of my web workload with auto-TLS."
"Give my analytics workload credential-free read access to S3 bucket prod-event-logs — no IAM keys."
"Provision a production Postgres with HA failover and S3 backups."
"Convert this kustomization.yaml to Control Plane and apply it to staging after I confirm."

Safety

MCP access is scoped to the orgs you grant and your own RBAC.
Destructive actions (deleting resources, shrinking/deleting volumes, replacing workloads, applying to production) require explicit confirmation.
Secret values are revealed only with reveal permission — least privilege by default.
The server stores no logs, secrets, prompts, or telemetry.

Configuration

{
  "mcpServers": {
    "cpln": {
      "type": "http",
      "url": "https://mcp.cpln.io/mcp?toolsets=full"
    }
  }
}

Tool profiles are selectable via the toolsets query param: core, mk8s, or full.

Editor plugins

A richer plugin — bundling domain skills, guided agents, and always-on guardrails on top of this MCP server — is available for Claude Code, Codex, and Antigravity CLI:

/plugin marketplace add https://github.com/controlplane-com/ai-plugin.git /plugin install cpln@controlplane

Links

Docs: https://docs.controlplane.com
GitHub: https://github.com/controlplane-com/ai-plugin
Support: support@controlplane.com
License: MIT

Try in Playground

Server Config

{
  "mcpServers": {
    "cpln": {
      "type": "http",
      "url": "https://mcp.cpln.io/mcp"
    }
  }
}

Build with ShipAny.