How to add Cloudwright to Claude Desktop
Describe a cloud architecture in English; get Terraform, cost estimates, and compliance checks across AWS/GCP/Azure. Paste the config into ~/Library/Application Support/Claude/claude_desktop_config.json and restart Claude Desktop.
Last updated June 14, 2026 ยท 31โ ยท stdio ยท apikey
Claude Desktop config for Cloudwright
pip install cloudwright-ai-mcp{
"mcpServers": {
"cloudwright": {
"command": "cloudwright",
"args": [
"mcp"
]
}
}
}Setup steps
- 1Open Claude Desktop โ Settings โ Developer โ Edit Config (this opens ~/Library/Application Support/Claude/claude_desktop_config.json).
- 2Paste the Cloudwright config below under the top-level "mcpServers" key.
- 3Fill in any placeholder secrets (API keys, paths) in the snippet.
- 4Save the file, then fully quit and reopen Claude Desktop.
- 5Open a chat and confirm Cloudwright's tools appear under the ๐ tools menu.
Before you start
- Python 3.12+
- pip install cloudwright-ai-mcp
- ANTHROPIC_API_KEY (preferred) or OPENAI_API_KEY for the LLM-powered design/modify tools; cost, validate, analyze, and export run offline
What Cloudwright can do in Claude Desktop
designGenerate a structured cloud architecture spec from a natural-language description (design group; LLM-powered).
costProduce a region-aware, per-component cost breakdown across AWS, GCP, Azure, and Databricks with per-line pricing-confidence flags (cost group).
validateValidate a spec against compliance frameworks (HIPAA, SOC 2, PCI-DSS, FedRAMP, GDPR, NIST, Well-Architected) and emit findings (validate group).
analyzeRun architecture analysis such as lint anti-patterns, quality scoring, blast-radius/SPOF analysis, drift, policy, and security checks (analyze group).
exportExport the spec to Terraform, OpenTofu, Pulumi (TypeScript or Python), or CloudFormation with safe-by-default hardening (export group).
sessionManage Cloudwright session state across tool calls (session group).
Security
The design and modify tools call an LLM and require ANTHROPIC_API_KEY (preferred) or OPENAI_API_KEY in the environment; cost, validate, analyze, and export run fully offline. Terraform/Pulumi exporters apply safe-by-default hardening (encryption, IMDSv2, locked-down S3, RDS deletion protection) and escape user-supplied config values against HCL injection. The `cloudwright plan` step does not pass the LLM key into the IaC subprocess.
Cloudwright + Claude Desktop FAQ
Where is the Claude Desktop config file?
Claude Desktop reads MCP servers from ~/Library/Application Support/Claude/claude_desktop_config.json. Paste the Cloudwright config there under the "mcpServers" key and restart the client.
Is Cloudwright safe to use with Claude Desktop?
The design and modify tools call an LLM and require ANTHROPIC_API_KEY (preferred) or OPENAI_API_KEY in the environment; cost, validate, analyze, and export run fully offline. Terraform/Pulumi exporters apply safe-by-default hardening (encryption, IMDSv2, locked-down S3, RDS deletion protection) and escape user-supplied config values against HCL injection. The `cloudwright plan` step does not pass the LLM key into the IaC subprocess.
How do I install and run the MCP server?
Install with `pip install cloudwright-ai-mcp`, then run `cloudwright mcp` for all tools over stdio. Use `cloudwright mcp --tools design,cost` for a subset or `cloudwright mcp --transport sse` for HTTP clients.
Do I need an API key?
Only the LLM-backed design and modify tools need a key (ANTHROPIC_API_KEY preferred, or OPENAI_API_KEY). Cost, validate, analyze, and export work fully offline.
Which clients does it work with?
Any MCP-compatible client. The README provides a claude_desktop_config.json mcpServers block and notes the same shape works for Cursor and Cline.