Supercharging Terraform Development with Claude Code and Terraform MCP Server
Supercharging Terraform Development with Claude Code and Terraform MCP Server
As Infrastructure as Code (IaC) becomes increasingly complex, developers need smarter tools that understand not just syntax, but the entire ecosystem of providers, modules, and best practices. In this post, I'll walk you through my experience using Claude Code with HashiCorp's Terraform MCP Server to generate production-ready Terraform configurations.
π Note: This article references AWS provider version 6.30.0 and S3 module version 5.10.0, which were the latest versions at the time of writing (January 2026). When you use the Terraform MCP Server, Claude will automatically fetch the current latest versions for you β that's the whole point!
What is MCP (Model Context Protocol)?
MCP (Model Context Protocol) is an open protocol that allows AI assistants to connect with external tools and data sources. Think of it as a bridge that gives AI models access to real-time information and specialized capabilities.
For Terraform, this means Claude can query the Terraform Registry directly to get:
- Latest provider versions
- Module documentation
- Input/output specifications
- Usage examples
The Problem: AI Without Real-Time Context
Before diving into the solution, let's understand what happens when you use an AI assistant for Terraform without MCP integration:
Without Terraform MCP Server
# Claude might generate this based on training data
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.16" # Outdated! Current version is 6.30.0
}
}
}
module "s3_bucket" {
source = "terraform-aws-modules/s3-bucket/aws"
version = "3.6.0" # Outdated! Current version is 5.10.0
# May use deprecated arguments or miss new features
bucket_name = "my-bucket" # Wrong! Should be 'bucket'
acl = "private" # Deprecated in newer versions
}
Issues you might encounter:
- Outdated versions: AI models have knowledge cutoffs and may suggest old provider/module versions
- Deprecated arguments: Module APIs change over time
- Missing security features: Newer versions often include security improvements
- Incompatibility: Old module versions may not work with newer providers
With Terraform MCP Server
# Claude generates this with real-time registry data
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 6.28" # Current and compatible
}
}
}
module "s3_bucket" {
source = "terraform-aws-modules/s3-bucket/aws"
version = "5.10.0" # Latest version
bucket_prefix = "my-app-"
# Modern security defaults
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
server_side_encryption_configuration = {
rule = {
apply_server_side_encryption_by_default = {
sse_algorithm = "AES256"
}
}
}
}
Installing Terraform MCP Server in Claude Code
Prerequisites
- Claude Code CLI installed
- Docker installed and running
Step 1: Add the MCP Server
Run the following command to add HashiCorp's Terraform MCP server to your Claude Code configuration:
claude mcp add terraform -s user -t stdio -- docker run -i --rm hashicorp/terraform-mcp-server
Let's break down this command:
| Flag | Description |
|---|---|
terraform | Name for this MCP server (you can choose any name) |
-s user | Scope: user makes it available globally, project for current project only |
-t stdio | Transport type: stdio for Docker containers |
-- | Separator for the actual command |
docker run -i --rm hashicorp/terraform-mcp-server | Docker command to run the MCP server |
Step 2: Verify Installation
Check that the server is configured and connected:
claude mcp list
You should see:
terraform: docker run -i --rm hashicorp/terraform-mcp-server - Connected
Step 3: Start Using It
Start a new Claude Code session to load the MCP tools:
claude
You can verify the available tools by asking Claude:
What terraform tools are available?
Available Terraform MCP Tools
Once connected, Claude has access to these tools:
| Tool | Description |
|---|---|
get_latest_provider_version | Get the latest version of any Terraform provider |
get_provider_capabilities | Discover what resources, data sources, and functions a provider supports |
search_providers | Search provider documentation for specific resources |
get_provider_details | Get detailed documentation for a specific resource |
search_modules | Search the Terraform Registry for community modules |
get_module_details | Get full module documentation including inputs, outputs, and examples |
get_latest_module_version | Get the latest version of a specific module |
search_policies | Search for Terraform policies |
get_policy_details | Get detailed policy documentation |
Real-World Example: Creating an S3 Module
Let me walk you through what happened when I asked Claude to create an S3 module:
My Request
please create s3 module using terraform modules from the community
What Claude Did Behind the Scenes
1. Searched for S3 Modules
Claude used search_modules to query the Terraform Registry:
{
"module_query": "aws s3 bucket"
}
This returned 15+ modules, ranked by downloads and relevance:
| Module | Downloads | Version |
|---|---|---|
| terraform-aws-modules/s3-bucket/aws | 175M+ | 5.10.0 |
| cloudposse/s3-bucket/aws | 17M+ | 4.10.0 |
| cloudposse/s3-log-storage/aws | 11M+ | 2.0.0 |
2. Retrieved Module Details
Claude used get_module_details to fetch complete documentation:
{
"module_id": "terraform-aws-modules/s3-bucket/aws/5.10.0"
}
This returned:
- All input variables with types and defaults
- All outputs with descriptions
- Provider requirements (AWS >= 6.28)
- Usage examples for different scenarios
3. Generated the Module Wrapper
With accurate, up-to-date information, Claude created a module wrapper with:
- Correct provider version constraints
- Modern security defaults (public access blocks, encryption)
- Properly typed variables
- Comprehensive outputs
The Result
modules/s3/
βββ main.tf # Uses terraform-aws-modules/s3-bucket/aws v5.10.0
βββ variables.tf # All inputs properly typed with secure defaults
βββ outputs.tf # All module outputs exposed
βββ versions.tf # Correct provider constraints (>= 6.28)
Visualizing the Flow
Here's how Claude Code, the Terraform MCP Server, and the Terraform Registry worked together during this process:
βββββββββββββββββββββββ ββββββββββββββββββββββββββ βββββββββββββββββββββββ
β Claude Code ββββββΆβ Terraform MCP Server ββββββΆβ Terraform Registry β
β (Assistant) β β (Docker Container) β β API β
βββββββββββββββββββββββ ββββββββββββββββββββββββββ βββββββββββββββββββββββ
β β β
β 1. get_latest_provider β β
β version (aws) βββββββββββββββββββββββββββββββΆβ
β ββββββββββββββββββββββββββββββββ
β β Returns: 6.30.0 β
β β β
β 2. search_modules β β
β (aws s3 bucket) βββββββββββββββββββββββββββββββΆβ
β ββββββββββββββββββββββββββββββββ
β β Returns: 15 modules ranked β
β β β
β 3. get_module_details β β
β (terraform-aws- βββββββββββββββββββββββββββββββΆβ
β modules/s3-bucket) ββββββββββββββββββββββββββββββββ
β β Returns: Full docs, inputs β
β β outputs, examples β
βΌ β β
βββββββββββββββββββββββ β β
β Generated Code β β β
β with correct β β β
β versions & β β β
β configurations β β β
βββββββββββββββββββββββ
Comparison: With vs Without MCP
| Aspect | Without MCP | With MCP |
|---|---|---|
| Provider Versions | May use outdated versions from training data | Queries registry for latest compatible versions |
| Module Selection | Limited to known modules | Searches entire registry, ranks by popularity |
| Input Variables | May use deprecated or incorrect arguments | Uses current API with correct types |
| Security Defaults | May miss modern security features | Includes latest security best practices |
| Examples | Generic examples | Real examples from module documentation |
| Compatibility | May have version conflicts | Ensures provider/module compatibility |
Advanced: Other MCP Installation Methods
Using JSON Configuration
You can also add MCP servers using JSON:
claude mcp add-json terraform '{
"command": "docker",
"args": ["run", "-i", "--rm", "hashicorp/terraform-mcp-server"],
"env": {}
}'
Project-Scoped Configuration
For project-specific MCP servers, use -s project:
claude mcp add terraform -s project -t stdio -- docker run -i --rm hashicorp/terraform-mcp-server
This creates a .mcp.json file in your project directory.
With Environment Variables (for HCP Terraform)
If you're using HCP Terraform (formerly Terraform Cloud), you can pass your token:
claude mcp add terraform -s user -t stdio \
-e TFE_TOKEN=your-token-here \
-- docker run -i --rm hashicorp/terraform-mcp-server
This enables additional enterprise tools like workspace management and run execution.
Using with Other MCP Clients
This post focuses on Claude Code, but the Terraform MCP server works with any MCP-compatible client including Claude Desktop, VS Code extensions, and custom applications. For detailed installation instructions for other clients, check out the official Terraform MCP Server documentation.
Key Takeaways
- MCP bridges the knowledge gap β AI models have training cutoffs, but MCP provides real-time access to current information.
- Better code quality β With accurate documentation, Claude generates code that follows current best practices and uses modern security features.
- Reduced debugging β No more hunting for deprecated arguments or version conflicts.
- Faster development β Claude can search the entire Terraform Registry to find the best modules for your use case.
- Easy setup β One command to install, and you're ready to go.
Conclusion
The combination of Claude Code and Terraform MCP Server transforms how we write infrastructure code. Instead of relying on potentially outdated training data, Claude can query the Terraform Registry in real-time to ensure your configurations use the latest versions, follow current best practices, and leverage the best community modules available.
If you're working with Terraform regularly, I highly recommend setting up the MCP server. The few minutes it takes to install will save you hours of debugging version conflicts and deprecated arguments.
Have questions about Terraform, AWS infrastructure, or DevOps automation? I'm a Senior DevOps Engineer specializing in cloud infrastructure and IaC. Get in touch β I'd love to help!