Control Plane

Overview

Control Plane is a hosted MCP server and AI plugin for deploying and operating containerized workloads, secrets, networking, templates, observability, access control, and migrations across AWS, GCP, Azure, OCI, and private clouds.

Installation

Claude Code users add the marketplace with /plugin marketplace add https://github.com/controlplane-com/ai-plugin.git, install cpln@controlplane, and reload plugins. Codex users add the same marketplace and install the cpln plugin from /plugins; the docs recommend enabling plugins = true and plugin_hooks = true for guardrail injection. Antigravity CLI users install https://github.com/controlplane-com/ai-plugin/plugins/cpln. Generic MCP clients connect to the hosted remote.

Remote Target

The server is hosted at https://mcp.cpln.io/mcp. The plugin and generic MCP configs use toolsets=full to expose the complete toolset. The registry remote stores the base endpoint and records toolsets as a query parameter.

Authentication

The hosted MCP server uses OAuth 2.1 + PKCE. Users sign in to Control Plane and choose which organizations the AI client may access. Tokens are scoped to the granted orgs and enforced server-side on every call. The optional CPLN_TOKEN environment variable is only for local cpln CLI workflows and fallback, not for hosted MCP transport.

Capabilities

The plugin provides Control Plane domain skills, two guided agents, guardrails, and a full-profile MCP toolset for live infrastructure management. Workflows include workload deployment and troubleshooting, Kubernetes/Docker Compose/Helm migration, secrets, domains, access control, autoscaling, stateful storage, observability, templates, private networking, and security.

Limitations and Safety

Treat MCP access as production access. Destructive or high-blast-radius operations require explicit confirmation and a blast-radius explanation. Some workflows remain CLI-only, including image build/copy, port-forward, file copy, Kubernetes conversion, declarative apply, interactive TTY sessions, and streamed logs. Secret reveal requires permission and should use least privilege.

Registry Metadata Note

The Wardn draft version remains 1.0.0 because this is the existing Wardn submission version under review. Upstream server.json currently declares 1.0.1 at commit 3949035252ff89920dc926a36795a7180aef4ef2; the difference is captured in sourceReview.versionRationale and limitations.

Additional documented environment variables are scoped outside hosted MCP transport: CPLN_HOME, CPLN_REFRESH_TOKEN, CPLN_API_URL, CPLN_SERVICE_ACCOUNT_TOKEN, MANAGE_KINDS, RECONCILE_INTERVAL_SECONDS, and platform-injected or reserved workload runtime variables such as CPLN_GLOBAL_ENDPOINT, CPLN_GVC_ALIAS, CPLN_LOCATION, CPLN_PROVIDER, CPLN_WORKLOAD, CPLN_WORKLOAD_VERSION, CPLN_IMAGE, CPLN_NAME, and CPLN_MAIN. Hosted MCP authentication remains OAuth 2.1 + PKCE.