Labsco
controlplane-com logo

Infrawise

from controlplane-com

Azure FinOps infrastructure cost optimization

๐Ÿ”ฅ๐Ÿ”ฅFreeQuick setup

Control Plane

Control Plane AI Plugin

Run containerized workloads across AWS, GCP, Azure, OCI, and your own hardware under one API. It loads Control Plane's domain knowledge, production guardrails, and live MCP tools into Claude Code, Codex, and Antigravity CLI so your assistant can deploy, troubleshoot, secure, and migrate workloads with verified cpln commands.

Authentication

MCP uses OAuth 2.1 + PKCE. Sign in to let the assistant act on your Control Plane organizations โ€” you choose which orgs it may operate on, and the token is scoped to those orgs and enforced server-side on every call. Sign in again to change the grant. Treat MCP access as production access to the orgs you grant. How to sign in:

  • Claude Code โ€” /mcp, select cpln, sign in (or claude mcp login cpln).
  • Codex โ€” codex mcp login cpln.
  • Antigravity CLI โ€” /mcp, select cpln, authenticate.

Environment variables

Optional โ€” only for the cpln CLI workflows some skills generate (CI/CD, Terraform, Pulumi). See .env.example.

VariablePurpose
CPLN_TOKENService-account token for cpln CLI calls (sensitive).
CPLN_ORGDefault organization.
CPLN_GVCDefault GVC.
CPLN_PROFILELocal cpln CLI profile.

What's included

  • Domain skills across CLI usage, access control, autoscaling, networking, observability, migration, templates, stateful storage, and security.
  • Two guided agents: workload troubleshooting and Kubernetes / Compose / Helm migration.
  • An always-on guardrail rule the assistant applies in every session.
  • Pre-configured access to the hosted Control Plane MCP server.

Security

  • MCP access is production access โ€” scoped to the orgs you grant and your own RBAC.
  • Destructive actions (deleting resources, shrinking/deleting volumes, replacing workloads, applying to production) require explicit confirmation.
  • Secret values are exposed only with reveal permission โ€” use least privilege.
  • The plugin stores no logs, secrets, prompts, or telemetry; your AI client and model provider process prompts per their own policies.

Report vulnerabilities per SECURITY.md.

More