Guides9 min read

Best MCP Servers for Cloud Engineers in 2026

Manage infrastructure faster with MCP servers that give your AI direct access to AWS, GCP, Azure, Kubernetes, Terraform, and your observability stack. Stop describing your infrastructure — show it.

By MyMCPTools Team·

Cloud infrastructure is defined by state — the live state of hundreds of resources across compute, networking, storage, and services. AI assistants that can't read that state can only give you generic advice. An AI that knows your actual VPC CIDR ranges, your current EKS node utilization, and the exact error in your Terraform plan is a different class of tool.

MCP servers give your AI direct access to your infrastructure state, turning it from a documentation reader into an active infrastructure co-pilot.

Cloud Provider Access

AWS MCP Server — Infrastructure State and Resource Management

The AWS MCP server connects your AI to AWS APIs, enabling read access to your actual resource state across EC2, S3, RDS, ECS, Lambda, IAM, and every other AWS service. Instead of describing your setup, you show it.

AWS engineering workflows:

  • Cost analysis: "Query our EC2 instances and identify any running instances that haven't received requests in the last 7 days — potential idle resource waste"
  • Security audit: "List all S3 buckets and flag any with public read ACLs or missing server-side encryption"
  • IAM review: "Find all IAM roles with administrator access policies attached and list the last-used date for each"
  • Capacity planning: "Check current RDS instance sizes across all production databases and compare against CloudWatch average CPU utilization"
  • Incident diagnosis: "Read the last 100 CloudTrail events for this EC2 instance — I need to understand what changed before it became unreachable"

Architecture documentation: A common use case is using the AWS MCP server to generate infrastructure documentation. "Enumerate our VPC topology, subnets, and route tables, then generate a Mermaid diagram of the network architecture" produces accurate documentation from live state instead of from someone's memory.

AWS CLI MCP Server — Command Generation and Execution

The AWS CLI MCP server wraps the AWS CLI for AI-assisted command generation with your actual account context. Instead of constructing complex CLI commands manually, your AI builds them from your resource inventory.

CLI-assisted operations:

  • Generate the exact AWS CLI command to rotate a specific IAM access key, using the real key ID from your account
  • Build a CloudFormation deploy command with the correct parameter overrides for a specific environment
  • Construct an S3 sync command with the correct bucket path and exclusion patterns from your actual setup
  • Generate a Lambda update-function-code command pointing to the correct ECR image tag

GCloud MCP Server — Google Cloud Platform Operations

For GCP-based infrastructure, the gcloud MCP server provides the same pattern: AI access to your actual GCP resource state for assisted operations, diagnostics, and documentation.

GCP engineering workflows:

  • List all GKE cluster configurations and identify nodes running deprecated Kubernetes versions
  • Review Cloud IAM bindings for a specific project to find over-privileged service accounts
  • Check BigQuery dataset access controls before migrating data
  • Generate gcloud commands for Cloud Run service deployments using actual project and region values
  • Audit Cloud Storage bucket lifecycle policies for cost optimization opportunities

Azure CLI MCP Server — Azure Resource Operations

Azure infrastructure teams can use the Azure CLI MCP server to bring the same live-state awareness to Azure resource groups, virtual machines, AKS clusters, and Azure services.

Azure workflows:

  • List all Azure VMs in a resource group and check their current running state and SKU
  • Review Network Security Group rules for a specific subnet before making changes
  • Check AKS node pool configurations and current utilization metrics
  • Generate az CLI commands for Azure Key Vault secret rotation workflows

Container Orchestration

Kubernetes MCP Server — Cluster State and Workload Management

The Kubernetes MCP server gives your AI direct kubectl-equivalent access to your cluster state — pods, deployments, services, configmaps, events, and logs. This is one of the highest-value MCP servers for cloud engineers: Kubernetes troubleshooting is heavily dependent on current state, and describing it manually is error-prone and slow.

Kubernetes operations workflows:

  • Incident diagnosis: "Check the events for pods in the payment namespace over the last hour — I'm getting CrashLoopBackOff alerts"
  • Resource optimization: "List all deployments and compare their requested CPU/memory vs actual usage from metrics-server — identify over-provisioned workloads"
  • Deployment verification: "Verify that the rollout completed successfully and all pods are running the new image tag after the deployment"
  • Config review: "Read the configmap for the auth service and identify any settings that differ between staging and production"
  • Network policy audit: "List all NetworkPolicy objects and identify any pods that have no egress restrictions"

Runbook automation: Complex operational procedures that involve multiple kubectl commands can be described once and executed with AI-assisted command generation. "Walk me through checking cluster health before a maintenance window" becomes a structured checklist executed against real cluster data.

Docker MCP Server — Container Diagnostics

For containerized development and operations, the Docker MCP server provides access to local or remote Docker daemon state — running containers, images, volumes, and network configurations.

Docker workflows:

  • List all running containers and identify any that have been restarting frequently
  • Read container logs for a specific service to diagnose a startup failure
  • Inspect Docker network configuration for multi-container application debugging
  • Identify large images that are consuming excess disk space on build hosts

Infrastructure as Code

Terraform MCP Server — IaC State and Plan Analysis

The Terraform MCP server brings your AI into the infrastructure-as-code workflow — reading Terraform state files, analyzing plan outputs, and understanding resource dependency graphs.

Terraform-assisted IaC workflows:

  • Plan review: "Read the terraform plan output and identify any destructive changes that affect production resources — flag anything that requires manual review"
  • State drift detection: "Compare the Terraform state for the database module against current AWS RDS resource state — are there drift indicators?"
  • Module documentation: "Read the Terraform module files for our VPC module and generate documentation for each variable"
  • Dependency analysis: "Map the resource dependencies in this Terraform configuration — which resources will be affected if I modify the security group?"
  • Refactoring assistance: "Read our current Terraform state and suggest which resources should be moved into modules for better organization"

Observability

Grafana MCP Server — Dashboard and Alert State

The Grafana MCP server gives your AI access to your Grafana dashboards, data sources, and alert configurations — enabling AI-assisted dashboard building and alert review using your actual metric schema.

Grafana operations:

  • Read an existing dashboard JSON and generate a new panel using the same data source configuration and query patterns
  • List all firing alerts across all dashboards during an incident investigation
  • Review alert thresholds across all services and identify alerts that have never fired (potential dead alerts)
  • Generate dashboard documentation from actual panel configurations

OpenTelemetry MCP Server — Trace and Metric Context

The OpenTelemetry MCP server connects your AI to your observability data — traces, metrics, and logs — enabling AI-assisted performance analysis and incident diagnosis using real telemetry.

Observability-driven diagnosis:

  • Fetch recent traces for a specific service and identify the slowest spans in the critical path
  • Query P95 latency metrics for a service over the last 24 hours to contextualize a performance regression
  • Find distributed traces that crossed the error threshold and identify their common characteristics

Documentation and Research

Brave Search MCP Server — Current Cloud Documentation

Cloud provider documentation changes constantly — new service features, deprecated APIs, updated pricing models, and security advisories. The Brave Search MCP server ensures your AI generates advice based on current documentation rather than potentially outdated training data.

Cloud documentation research:

  • "Look up the current AWS Lambda limits for provisioned concurrency — I'm designing an auto-scaling policy"
  • "Find the latest GKE Autopilot documentation for custom node pools — the behavior changed in a recent release"
  • "Search for recent AWS RDS changes to automated backup retention policies"
  • "Find the current Kubernetes documentation for the PodDisruptionBudget API — I need the exact field names"

GitHub MCP Server — Infrastructure Code Examples

Infrastructure patterns, Terraform modules, Helm charts, and Kubernetes manifests are extensively documented in open-source repositories. The GitHub MCP server gives your AI access to production-quality examples to reference when generating infrastructure code.

IaC research workflows:

  • Find production-quality Terraform modules for EKS cluster setup in the AWS Terraform modules repository
  • Search for Helm chart examples that match your application type and deployment pattern
  • Browse GitHub Actions workflow examples for your specific deployment target (ECS, Lambda, GKE)
  • Find Kubernetes operator implementations that match the pattern you're building

Recommended Stack by Cloud Engineering Role

AWS cloud engineer: AWS + Kubernetes + Terraform + Grafana + Brave Search

GCP cloud engineer: GCloud + Kubernetes + Terraform + OpenTelemetry + Brave Search

Multi-cloud / platform engineer: AWS + GCloud + Azure CLI + Kubernetes + Terraform + Grafana

SRE / on-call engineer: Kubernetes + Grafana + OpenTelemetry + AWS + Brave Search

DevOps / IaC engineer: Terraform + AWS + Docker + Kubernetes + GitHub + Brave Search

Start with your primary cloud provider's MCP server and Kubernetes — together they cover the live state access that makes AI assistance genuinely useful for infrastructure work. Add Terraform for IaC workflows and Grafana or OpenTelemetry for observability. Brave Search is always valuable for ensuring your AI's recommendations reference current documentation.

Browse the full cloud MCP servers catalog or see Best MCP Servers for DevOps Engineers for CI/CD pipeline integrations that complement this cloud infrastructure stack.

Recommended Tools

Better Stack

Free Plan

Get alerted when your APIs, browser tests, payment pipelines, or MCP server dependencies go down. Used by 100K+ developers.

Start monitoring free →

1Password

14-day Free Trial

Store and inject API keys, payment credentials, tokens, and file access secrets into your MCP server configs. Trusted by 150K+ developers.

Try 1Password free →

🔧 MCP Servers Mentioned in This Article

☁️

AWS MCP Servers

AWS Labs maintains a monorepo of specialized, open-source MCP servers that bring AWS best practices directly into AI-assisted development workflows, spanning infrastructure, data, AI/ML, cost management, and healthcare/life-sciences domains. Rather than one monolithic server, the project ships dozens of focused servers you install individually depending on the task: the AWS Documentation MCP Server for real-time official docs and API references, dedicated servers for Terraform/CDK/CloudFormation infrastructure-as-code, container and serverless platforms (ECS, EKS, Lambda), SQL/NoSQL databases (DynamoDB, RDS, Aurora), search and analytics (OpenSearch), messaging (SQS/SNS), and cost/billing analysis. Most servers install via uvx with a package name like awslabs.aws-documentation-mcp-server, run locally over stdio, and use standard AWS credential chains (IAM roles, profiles, or access keys) rather than exposing raw account credentials to the model. AWS also now offers a managed, remote "AWS MCP Server" (in preview) that combines full API coverage with pre-built agent SOPs, syntactically validated API calls, and complete CloudTrail audit logging for teams that want centralized governance instead of running servers locally. The Getting Started with Kiro/Cursor/VS Code/Claude Code sections in the repo provide one-click install configs for each server, making it straightforward to wire up only the AWS services a given project actually touches.

Local
🔧

Kubernetes MCP Server

The Kubernetes MCP server (mcp-server-kubernetes, built by Flux159) brings cluster management capabilities into AI assistant workflows, letting developers and platform engineers query and manage Kubernetes resources through natural-language interactions with Claude, Cursor, and other MCP-compatible clients. It loads your existing kubeconfig automatically, so it works with any cluster — local minikube and kind setups, Amazon EKS, Google GKE, Azure AKS, or on-premises deployments — with no separate credential setup required. Core tools exposed by the server include: listing pods, deployments, services, and namespaces; describing individual resources and their status; fetching pod logs for debugging; applying and updating manifests; scaling deployments; checking rollout status and history; and querying resource utilization and cluster events. A built-in non-destructive mode can disable delete/scale-down operations entirely, making it safe to point at production clusters for read-only diagnostics. DevOps engineers use it to debug failing deployments by asking Claude to inspect pod logs and recent events, identify resource constraints causing OOMKilled pods, or summarize the current state of a namespace before a production release. For SREs responding to incidents, it enables rapid triage through conversational commands — no memorizing kubectl flags or switching terminal windows mid-incident — and optional OpenTelemetry integration adds observability into what the AI agent actually did against the cluster. Install with: `npx mcp-server-kubernetes`. Pairs well with the GitHub MCP server for full GitOps review workflows.

Local
🔧

Terraform MCP Server

The Terraform MCP Server is HashiCorp's official integration that brings Terraform's infrastructure-as-code capabilities into AI assistants via the Model Context Protocol. It connects Claude Desktop, Cursor, VS Code, and other MCP clients to the Terraform ecosystem — letting you explore providers, look up module schemas, validate configurations, and work with HCP Terraform (Terraform Cloud) all through natural-language conversation. Core tools include: search the Terraform Registry for modules and providers by keyword, retrieve full provider schema documentation including resource arguments and attribute types, look up specific module input/output variables and their defaults, resolve provider version constraints and compatibility matrices, and run Terraform operations against HCP Terraform workspaces including plan, apply, and state inspection. A key use case is AI-assisted IaC authoring: ask Claude to "generate a Terraform module for an AWS VPC with public and private subnets using the latest aws provider schema" and the server fetches the live provider schema to ensure accurate attribute names and types rather than hallucinating outdated syntax. For HCP Terraform users, workspace integration supports listing workspaces, triggering runs, and checking plan output. HashiCorp maintains the server at hashicorp/terraform-mcp-server and distributes it as a pre-built binary for Linux, macOS (arm64 + amd64), and Windows. Install via: `npx @hashicorp/terraform-mcp-server`. Pairs well with GitHub MCP for full IaC PR review workflows.

Local
🔧

Docker MCP Server

The Docker MCP server connects your AI assistant directly to your local or remote Docker daemon, exposing container lifecycle management and image orchestration as Model Context Protocol tools. With this integration, developers can prompt Claude, Cursor, or Windsurf to inspect running containers, view real-time logs, build new images from Dockerfiles, start and stop services using Docker Compose, and prune unused system resources through natural language. Rather than switching to a terminal to type complex docker inspect commands, you can simply ask your AI to "find out why the postgres container keeps crashing" or "tail the last 100 lines of the frontend container logs and find the React error". This is a game-changer for DevOps engineers, backend developers, and system administrators who want to streamline container debugging, automate compose cluster orchestration, and troubleshoot networking issues faster. The server interacts securely with the Docker Engine API, meaning it can both read system state and execute commands like port binding or volume inspection. It works cross-platform wherever Docker Desktop or the Docker daemon is running. Docker's official implementation ships as the Docker MCP Gateway (docker/mcp-gateway), a `docker mcp` CLI plugin that acts as a single secure gateway in front of many containerized MCP servers from the Docker MCP Catalog — each downstream server runs in its own isolated container with resource limits and secret injection, so an assistant connects once to the gateway instead of wiring up dozens of individual servers. Start it with `docker mcp gateway run`, then point Claude Desktop, Cursor, or another client at the gateway; `docker mcp server enable <name>` toggles which catalog servers (including the Docker/container-management tools) are exposed. This container-per-server isolation is the key security benefit over running MCP servers directly on the host.

Local
📊

Grafana MCP Server

The official Grafana MCP server connects Claude and other AI assistants directly to your Grafana instance and its surrounding observability ecosystem, turning natural-language questions into dashboard lookups, incident investigations, and datasource queries. Dashboard tools cover search, retrieval, JSONPath-scoped property extraction, patch-based editing, and per-panel query/datasource introspection, with context-window-aware helpers like get_dashboard_summary so an agent never has to pull a full multi-megabyte dashboard JSON just to answer a simple question. Query tools speak PromQL against Prometheus (including histogram-percentile helpers), LogQL against Loki, and native query languages for InfluxDB, ClickHouse, CloudWatch, Graphite, Athena, Snowflake, Elasticsearch/OpenSearch, and Quickwit datasources — most gated behind opt-in --enabled-tools flags to keep the default tool surface lean. It also wraps Grafana Incident for creating and updating incidents, Sift for automated error-pattern and slow-request investigations, full alerting CRUD (rules, contact points, notification policies) across Grafana-managed and external Alertmanager sources, Grafana OnCall schedule/shift/alert-group management, RBAC-gated admin tools for teams/users/roles, deeplink generation so the LLM never has to guess a dashboard URL, annotations, snapshots, PNG rendering via the Grafana Image Renderer, and provisioning-repo validation for git-sync workflows. Ships as a Go binary or via uvx, authenticates with a Grafana service account token (Editor role or granular RBAC scopes), and every tool category can be individually disabled to control context-window usage.

Local
🔧

OpenTelemetry

Collect and query distributed traces, metrics, and logs using OpenTelemetry standards. Analyze application performance and correlate signals across services.

Local
☁️

AWS CLI

Execute AWS CLI commands via MCP. Query any AWS service, manage resources across regions, configure profiles, and automate complex multi-service workflows.

Local
☁️

Google Cloud CLI

Execute gcloud commands via MCP. Manage GCP resources across all services, configure projects and IAM, and automate Google Cloud workflows.

Local
☁️

Azure CLI

Execute az commands via MCP. Manage Azure resources, subscriptions, and services. Automate infrastructure deployments and resource group management.

Local
🔍

Brave Search MCP Server

The Brave Search MCP Server is the official server from Brave that gives AI assistants privacy-first web search through the independent Brave Search API — no tracking, no profiling, and results drawn from Brave's own web index rather than Google or Bing. It exposes five distinct tools that map directly to the Brave Search API endpoints: brave_web_search for general queries with pagination, freshness filters, and safe-search controls; brave_local_search for businesses, restaurants, and points of interest with automatic location filtering; brave_news_search for recent articles and current events; brave_image_search for image discovery; and brave_video_search for finding videos across the web. Authentication uses a single BRAVE_API_KEY (free tier available at brave.com/search/api) or a mounted BRAVE_API_KEY_FILE for Docker-secret setups. Install in Claude Desktop, Cursor, Windsurf, or VS Code with one npx command and choose stdio or streamable-HTTP transport. Because Brave operates its own crawler and index, the Brave Search MCP server is a strong choice for developers who want an alternative to Google-dependent search tools, need reproducible non-personalized results, or care about data privacy in agent workflows — Claude can pull fresh web context, verify facts, and research topics without leaking queries to ad-tech pipelines.

Local
💻

GitHub MCP Server

The GitHub MCP server is GitHub's official Model Context Protocol integration, giving AI assistants like Claude and Cursor direct, authenticated access to the GitHub platform and its full developer surface. With this MCP server, you can ask your AI to read and write repository files, create and merge branches, open and review pull requests, comment on and close issues, trigger GitHub Actions workflows, search across code repositories with GitHub's code search, and inspect commit history — all through natural-language prompts in your AI interface. Developers use it to supercharge code review workflows, automate issue triage, generate PR descriptions from diffs, bulk-update repository settings, and wire AI agents into CI/CD pipelines. The GitHub MCP server connects via a GITHUB_PERSONAL_ACCESS_TOKEN environment variable with scopes for the operations you need, keeping authentication clean and auditable. Install with Docker: `docker run -e GITHUB_PERSONAL_ACCESS_TOKEN=<token> ghcr.io/github/github-mcp-server` — or configure it as a remote MCP server in Claude Desktop, Cursor, VS Code, Windsurf, and Cline. With over 8,000 GitHub stars, it is the most widely deployed official code-platform MCP server and the reference implementation for AI-native GitHub automation.

Auth required
📁

Filesystem

Secure file operations with configurable access controls. Read, write, and manage files safely.

Local

📚 More from the Blog