Can I use Terraform Cloud as a CLI?

Yes. KosmoKrator exposes a Terraform Cloud CLI through kosmo integrations:call and the provider shortcut command. Commands can return JSON for scripts, CI, and coding agents.

Can I expose Terraform Cloud through MCP?

Yes. The KosmoKrator MCP gateway can expose selected Terraform Cloud tools to clients such as Claude Code, Cursor, Codex, and other MCP-compatible tools.

Where are Terraform Cloud credentials stored?

Terraform Cloud credentials are configured in KosmoKrator's local integration settings and reused by CLI, Lua, and MCP gateway surfaces.

Can I deny write access for Terraform Cloud MCP tools?

Yes. Start the gateway with --write=deny for read-only clients, or use ask/allow only for trusted workspaces.

productivity

Terraform Cloud MCP Integration for OpenAI Agents SDK

Connect Terraform Cloud to OpenAI Agents SDK through the local KosmoKrator MCP gateway with scoped tools, credentials, and write policy.

7 functions 7 read 0 write API token auth

Submit Terraform Cloud feedback View package source

Connect Terraform Cloud to OpenAI Agents SDK

Attach KosmoKrator integration tools to OpenAI Agents SDK workflows through a local MCP gateway.

Start the KosmoKrator MCP gateway locally and point the OpenAI Agents SDK MCP tool at that process or wrapper. The gateway is local, scoped to this integration, and starts with --write=deny so OpenAI Agents can inspect read-capable tools without receiving write access by default.

Terraform Cloud MCP Config for OpenAI Agents SDK

Use headless JSON commands for CI-style execution and MCP for agent tool discovery.

{
  "mcpServers": {
    "kosmokrator-terraform": {
      "type": "stdio",
      "command": "kosmo",
      "args": [
        "mcp:serve",
        "--integration=terraform",
        "--write=deny"
      ]
    }
  }
}

Run the Gateway Manually

kosmokrator mcp:serve --integration=terraform --write=deny

Why Use KosmoKrator Here

Scoped tools

Expose only Terraform Cloud instead of a broad multi-service tool list.

Local credentials

Reuse credentials already configured for the KosmoKrator CLI and Lua runtime.

Write policy

Start read-only, then opt into ask or allow for trusted workspaces.

Terraform Cloud Tools Visible to OpenAI Agents

OpenAI Agents sees stable MCP tool names generated from the Terraform Cloud integration catalog.

MCP tool	Source function	Type	Description
`integration__terraform__terraform_list_workspaces`	`terraform.terraform_list_workspaces`	Read	List workspaces in a Terraform Cloud organization. Returns workspace IDs, names, Terraform versions, and locked status.
`integration__terraform__terraform_get_workspace`	`terraform.terraform_get_workspace`	Read	Get details of a specific Terraform Cloud workspace by its ID. Returns workspace configuration, status, and VCS settings.
`integration__terraform__terraform_list_runs`	`terraform.terraform_list_runs`	Read	List runs for a Terraform Cloud workspace. Returns run IDs, statuses, trigger reasons, and timestamps.
`integration__terraform__terraform_get_run`	`terraform.terraform_get_run`	Read	Get details of a specific Terraform Cloud run by its ID. Returns run status, plan/apply results, and configuration version info.
`integration__terraform__terraform_list_variables`	`terraform.terraform_list_variables`	Read	List variables for a Terraform Cloud workspace. Returns variable names, types (Terraform or environment), and sensitivity flags.
`integration__terraform__terraform_list_organizations`	`terraform.terraform_list_organizations`	Read	List Terraform Cloud organizations the authenticated user has access to. Returns organization names and IDs.
`integration__terraform__terraform_get_current_user`	`terraform.terraform_get_current_user`	Read	Get the currently authenticated Terraform Cloud user. Useful for verifying authentication and retrieving user details.

Related Terraform Cloud Pages

Terraform Cloud CLIUse direct JSON commands instead of MCP discovery. Terraform Cloud MCPFull gateway reference and MCP tool names. KosmoKrator for OpenAI AgentsClient-level gateway setup.