OpenControl — Universal Control Plane for AI Agents

Quick Use

1. npx opencontrol@latest init to scaffold opencontrol.config.ts
2. Configure providers (aws/cloudflare/vercel) and audit settings
3. Add to Claude Desktop mcpServers config and prompt away

Intro

OpenControl is a universal control-plane MCP server from Dax Raad's team — exposes AWS, Cloudflare, Vercel, and SST infrastructure to AI agents (Claude Code, Cursor, custom agents) via natural language. Every action is audit-logged, scope-limited, and reviewable before execution. Best for: SRE-with-agents workflows, on-call triage, infra cleanup, anywhere you want Claude to actually take action on real infra but with guard rails. Works with: any MCP host. Setup time: 15 minutes.

Install

npx opencontrol@latest init
# Answers a few questions, generates opencontrol.config.ts

Sample config

// opencontrol.config.ts
import { defineConfig } from "opencontrol";

export default defineConfig({
  audit: {
    storage: "s3://my-audit-bucket/opencontrol/",
    require_approval: ["delete", "scale_down", "destroy"],
  },
  providers: {
    aws: {
      regions: ["us-east-1", "eu-west-1"],
      services: ["s3", "lambda", "dynamodb", "cloudfront"],
      role_arn: "arn:aws:iam::123456789:role/opencontrol",
    },
    cloudflare: {
      account_id: "...",
      api_token_env: "CF_API_TOKEN",
    },
    vercel: {
      team_id: "...",
      token_env: "VERCEL_TOKEN",
    },
  },
});

Claude Desktop config

{
  "mcpServers": {
    "opencontrol": {
      "command": "npx",
      "args": ["-y", "opencontrol", "mcp"],
      "env": {
        "OPENCONTROL_CONFIG": "./opencontrol.config.ts"
      }
    }
  }
}

Sample prompts that work

• "Find Lambda functions that haven't been invoked in 90 days and tag them as candidates for deletion."
• "Which Cloudflare workers have error rate above 1% in the last hour?"
• "Roll back the Vercel deployment of tokrepo-web to the version before the May 8 deploy."
• "Show me S3 buckets without lifecycle rules and estimated monthly cost."

Action approval workflow

Actions matching require_approval patterns generate a pending audit entry. Approve via:

opencontrol approvals list           # see pending
opencontrol approvals approve <id>   # green-light
opencontrol approvals reject <id>    # block

Configure Slack / email notifications for new approval requests via webhook.

FAQ

Q: How is this different from cloud MCP servers like AWS MCP? A: Cloud MCP servers expose a single cloud's API. OpenControl unifies multiple clouds + adds audit logging + approval workflows. For one-cloud teams, AWS MCP is fine; for multi-cloud or compliance-strict shops, OpenControl is the upgrade.

Q: What stops an agent from doing real damage? A: Three layers: (1) require_approval patterns force human green-light on destructive verbs; (2) IAM role scoping limits what credentials can do; (3) every action is S3-logged for forensics. Treat OpenControl as the seatbelt, not the steering wheel — still review what the agent proposes.

Q: Is it open source? A: Yes — MIT licensed. Hosted version planned by Toolbeam for teams who don't want to self-host the control plane. The MCP server itself is fully open-source today.

Source & Thanks

Built by Toolbeam (Dax Raad's team). Licensed under MIT.

toolbeam/opencontrol — ⭐ 1,200+