# OpenControl — Universal Control Plane for AI Agents > SST team's universal control-plane MCP server exposing AWS / Cloudflare / Vercel infra to AI agents in natural language. Audit-logged, scoped. ## Install Save the content below to `.claude/skills/` or append to your `CLAUDE.md`: ## Quick Use 1. `npx opencontrol@latest init` to scaffold opencontrol.config.ts 2. Configure providers (aws/cloudflare/vercel) and audit settings 3. Add to Claude Desktop mcpServers config and prompt away --- ## Intro OpenControl is a universal control-plane MCP server from Dax Raad's team — exposes AWS, Cloudflare, Vercel, and SST infrastructure to AI agents (Claude Code, Cursor, custom agents) via natural language. Every action is audit-logged, scope-limited, and reviewable before execution. Best for: SRE-with-agents workflows, on-call triage, infra cleanup, anywhere you want Claude to actually take action on real infra but with guard rails. Works with: any MCP host. Setup time: 15 minutes. --- ### Install ```bash npx opencontrol@latest init # Answers a few questions, generates opencontrol.config.ts ``` ### Sample config ```typescript // opencontrol.config.ts import { defineConfig } from "opencontrol"; export default defineConfig({ audit: { storage: "s3://my-audit-bucket/opencontrol/", require_approval: ["delete", "scale_down", "destroy"], }, providers: { aws: { regions: ["us-east-1", "eu-west-1"], services: ["s3", "lambda", "dynamodb", "cloudfront"], role_arn: "arn:aws:iam::123456789:role/opencontrol", }, cloudflare: { account_id: "...", api_token_env: "CF_API_TOKEN", }, vercel: { team_id: "...", token_env: "VERCEL_TOKEN", }, }, }); ``` ### Claude Desktop config ```json { "mcpServers": { "opencontrol": { "command": "npx", "args": ["-y", "opencontrol", "mcp"], "env": { "OPENCONTROL_CONFIG": "./opencontrol.config.ts" } } } } ``` ### Sample prompts that work - "Find Lambda functions that haven't been invoked in 90 days and tag them as candidates for deletion." - "Which Cloudflare workers have error rate above 1% in the last hour?" - "Roll back the Vercel deployment of `tokrepo-web` to the version before the May 8 deploy." - "Show me S3 buckets without lifecycle rules and estimated monthly cost." ### Action approval workflow Actions matching `require_approval` patterns generate a pending audit entry. Approve via: ```bash opencontrol approvals list # see pending opencontrol approvals approve # green-light opencontrol approvals reject # block ``` Configure Slack / email notifications for new approval requests via webhook. --- ### FAQ **Q: How is this different from cloud MCP servers like AWS MCP?** A: Cloud MCP servers expose a single cloud's API. OpenControl unifies multiple clouds + adds audit logging + approval workflows. For one-cloud teams, AWS MCP is fine; for multi-cloud or compliance-strict shops, OpenControl is the upgrade. **Q: What stops an agent from doing real damage?** A: Three layers: (1) `require_approval` patterns force human green-light on destructive verbs; (2) IAM role scoping limits what credentials can do; (3) every action is S3-logged for forensics. Treat OpenControl as the seatbelt, not the steering wheel — still review what the agent proposes. **Q: Is it open source?** A: Yes — MIT licensed. Hosted version planned by Toolbeam for teams who don't want to self-host the control plane. The MCP server itself is fully open-source today. --- ## Source & Thanks > Built by [Toolbeam](https://github.com/toolbeam) (Dax Raad's team). Licensed under MIT. > > [toolbeam/opencontrol](https://github.com/toolbeam/opencontrol) — ⭐ 1,200+ --- ## 快速使用 1. `npx opencontrol@latest init` 生成 opencontrol.config.ts 2. 配 providers(aws/cloudflare/vercel)和 audit 设置 3. 加到 Claude Desktop mcpServers 配置就能用 --- ## 简介 OpenControl 是 Dax Raad 团队做的通用控制面 MCP server —— 把 AWS / Cloudflare / Vercel / SST 基建通过自然语言暴露给 AI agent(Claude Code / Cursor / 自定义 agent)。每个动作都审计、范围限定、执行前可复核。适合 SRE 配 agent 的工作流、on-call 分流、基建清理、任何想让 Claude 实际操作真基建但要护栏的场景。任何 MCP 宿主可用。装机时间 15 分钟。 --- ### 安装 ```bash npx opencontrol@latest init # 回答几个问题,生成 opencontrol.config.ts ``` ### 配置示例 ```typescript // opencontrol.config.ts import { defineConfig } from "opencontrol"; export default defineConfig({ audit: { storage: "s3://my-audit-bucket/opencontrol/", require_approval: ["delete", "scale_down", "destroy"], }, providers: { aws: { regions: ["us-east-1", "eu-west-1"], services: ["s3", "lambda", "dynamodb", "cloudfront"], role_arn: "arn:aws:iam::123456789:role/opencontrol", }, cloudflare: { account_id: "...", api_token_env: "CF_API_TOKEN", }, vercel: { team_id: "...", token_env: "VERCEL_TOKEN", }, }, }); ``` ### Claude Desktop 配置 ```json { "mcpServers": { "opencontrol": { "command": "npx", "args": ["-y", "opencontrol", "mcp"], "env": { "OPENCONTROL_CONFIG": "./opencontrol.config.ts" } } } } ``` ### 实战 prompt 例子 - "找出 90 天没被调用的 Lambda 函数,给它们打标候选删除。" - "过去 1 小时错误率 >1% 的 Cloudflare worker 是哪些?" - "把 `tokrepo-web` 的 Vercel 部署回滚到 5 月 8 日发布前那版。" - "列没有生命周期规则的 S3 bucket + 预估月成本。" ### 动作审批流 匹配 `require_approval` 模式的动作生成待审批 audit 条目。审批方式: ```bash opencontrol approvals list # 看待审批 opencontrol approvals approve # 放行 opencontrol approvals reject # 阻止 ``` 通过 webhook 配 Slack / 邮件通知新审批请求。 --- ### FAQ **Q: 跟 AWS MCP 这种云专属 MCP server 啥区别?** A: 云 MCP 暴露单家云的 API。OpenControl 统一多云 + 加审计 + 加审批流。单云团队 AWS MCP 够用;多云或合规严的店 OpenControl 是升级。 **Q: 怎么防止 agent 干坏事?** A: 三层:(1) `require_approval` 模式强制人工放行破坏性动词;(2) IAM 角色范围限制凭证能做啥;(3) 每个动作 S3 日志便于取证。OpenControl 是安全带不是方向盘 —— 还是要审 agent 的提案。 **Q: 开源吗?** A: MIT 开源。Toolbeam 计划出托管版给不想自托管控制面的团队。MCP server 本身今天就是完全开源。 --- ## 来源与感谢 > Built by [Toolbeam](https://github.com/toolbeam) (Dax Raad's team). Licensed under MIT. > > [toolbeam/opencontrol](https://github.com/toolbeam/opencontrol) — ⭐ 1,200+ --- Source: https://tokrepo.com/en/workflows/opencontrol-universal-control-plane-for-ai-agents Author: SST