A community-driven registry for Claude, Cursor, Windsurf, Cline & more. Not affiliated with Anthropic.
Are you the author? Sign in to claim
Infrastructure as Code for MCP access management
Infrastructure as Code for managing access to MCP community resources using Pulumi.
src/config/groups.tssrc/config/users.tsisEmailGroup: true accept emails from anyone (including external users) and notify all members. External posts are moderated for security.provisionUser: trueIf you're a maintainer and want an @modelcontextprotocol.io account, open a PR adding the following fields to your entry in src/config/users.ts:
{
github: 'your-github-username',
// ...
firstName: 'Your',
lastName: 'Name',
googleEmailPrefix: 'yourname', // -> yourname@modelcontextprotocol.io
memberOf: [ROLE_IDS.MAINTAINERS /* , ... */],
},
Once merged, Pulumi provisions the account. An admin will share your initial password (retrievable via pulumi stack output --show-secrets newGWSUserPasswords).
Note: Production deployment is automatically handled by GitHub Actions. All merges to the main branch trigger an automatic deployment via the configured GitHub Actions workflow.
Pre-requisites:
gcloud auth application-default loginpassphrase.prod.txt from the maintainersmake previewmake upThe following secrets must be configured in GitHub Actions for automated deployments:
GCP_PROD_SERVICE_ACCOUNT_KEY: GCP service account key
gs://mcp-access-prod-pulumi-state)PULUMI_PROD_PASSPHRASE: Passphrase for encrypting Pulumi state
If setting up this infrastructure for the first time:
# Create project and enable APIs
gcloud projects create mcp-access-prod
gcloud config set project mcp-access-prod
gcloud services enable storage.googleapis.com
gcloud services enable admin.googleapis.com
gcloud services enable groupssettings.googleapis.com
# Create service account
gcloud iam service-accounts create pulumi-svc \
--display-name="MCP Access Management Service Account" \
--description="Service account for Pulumi state and Google Workspace management"
# Grant storage admin permissions (for Pulumi state)
gcloud projects add-iam-policy-binding mcp-access-prod \
--member="serviceAccount:pulumi-svc@mcp-access-prod.iam.gserviceaccount.com" \
--role="roles/storage.admin"
# Create key
gcloud iam service-accounts keys create sa-key.json \
--iam-account=pulumi-svc@mcp-access-prod.iam.gserviceaccount.com
# Create GCS bucket for Pulumi state
gsutil mb gs://mcp-access-prod-pulumi-state
Then:
pulumi-svc@mcp-access-prod.iam.gserviceaccount.com# Login to Pulumi backend (GCS)
pulumi login gs://mcp-access-prod-pulumi-state
# Create production stack
export PULUMI_CONFIG_PASSPHRASE_FILE=passphrase.prod.txt
pulumi stack init prod
# Configure application secrets in Pulumi
pulumi config set --secret googleworkspace:credentials "$(cat sa-key.json)"
pulumi config set --secret github:token "ghp_your_github_token_here"
Add the CI/CD secrets to GitHub Actions (repository settings → Secrets and variables → Actions):
GCP_PROD_SERVICE_ACCOUNT_KEY: Content of sa-key.jsonPULUMI_PROD_PASSPHRASE: The passphrase you set aboveRun Claude Code as an MCP server so any agent can delegate coding tasks to it
@microsoft✓ OfficialBrowser automation using accessibility snapshots instead of screenshots
MCP server integration for DaVinci Resolve Studio
A Jetbrains IDE IntelliJ plugin aimed to provide coding agents the ability to leverage intelliJ's indexing of the codeba
