Prometheus MCP Server

Overview Schema Related Servers Score Discussions

prometheus-mcp
terraform

prometheus-mcp-integration.tf•9.41 kB

# ============================================================================= # PROMETHEUS-MCP INTEGRATION # ============================================================================= # # QUICK START: # ──────────── # 1. Add this file to your EKS Terraform directory # 2. Copy prometheus-mcp.auto.tfvars.example → prometheus-mcp.auto.tfvars # 3. Edit prometheus-mcp.auto.tfvars with your AMP workspace ID # 4. Run: terraform apply # # That's it! The .auto.tfvars file is automatically loaded by Terraform. # # ============================================================================= # # Prerequisites: # - EKS module with enable_irsa = true # - Helm provider configured # - Dedicated node group with label: workload=prometheus-mcp # # This file creates: # - IAM role for prometheus-mcp pods (IRSA) # - IAM policy for AMP query access # - Helm release to deploy the chart # # ============================================================================= # ----------------------------------------------------------------------------- # FEATURE FLAG - ENABLE/DISABLE PROMETHEUS-MCP # ----------------------------------------------------------------------------- # Set to false to skip all prometheus-mcp resources # ----------------------------------------------------------------------------- variable "enable_prometheus_mcp" { description = "Set to true to deploy prometheus-mcp (default: false)" type = bool default = false } # ----------------------------------------------------------------------------- # REQUIRED VARIABLES (only needed when enable_prometheus_mcp = true) # ----------------------------------------------------------------------------- # These MUST be set if enable_prometheus_mcp is true. # Set them in: prometheus-mcp.auto.tfvars (see example file) # ----------------------------------------------------------------------------- variable "amp_workspace_id" { description = "Your AWS Managed Prometheus workspace ID (required if enable_prometheus_mcp = true)" type = string default = "" # Get via: aws amp list-workspaces --query "workspaces[].workspaceId" --output text } variable "aws_region" { description = "AWS region where AMP workspace is located (required if enable_prometheus_mcp = true)" type = string default = "" # Usually the same region as your EKS cluster } # ----------------------------------------------------------------------------- # OPTIONAL VARIABLES (sensible defaults provided) # ----------------------------------------------------------------------------- # Override these in prometheus-mcp.auto.tfvars if needed # ----------------------------------------------------------------------------- variable "prometheus_mcp_image" { description = "Container image for prometheus-mcp" type = string default = "ghcr.io/deeptrace/prometheus-mcp:0.1.0" } variable "prometheus_mcp_node_selector" { description = "Node selector label for scheduling prometheus-mcp pods" type = map(string) default = { workload = "prometheus-mcp" } } variable "prometheus_mcp_replicas" { description = "Number of prometheus-mcp pod replicas" type = number default = 2 } # ----------------------------------------------------------------------------- # LOCALS # ----------------------------------------------------------------------------- locals { prometheus_mcp_namespace = "prometheus-mcp" prometheus_mcp_serviceaccount = "prometheus-mcp" prometheus_mcp_oidc_url = replace(module.eks.cluster_oidc_issuer_url, "https://", "") } # ----------------------------------------------------------------------------- # NODE GROUP (add this to your eks_managed_node_groups in the EKS module) # ----------------------------------------------------------------------------- # # Add this node group to your EKS module's eks_managed_node_groups: # # prometheus-mcp = { # name = "prometheus-mcp" # instance_types = ["t3.medium"] # # min_size = 1 # max_size = 3 # desired_size = 1 # # ami_type = "AL2_x86_64" # # labels = { # workload = "prometheus-mcp" # } # # # NOTE: EKS managed node groups AUTOMATICALLY get these IAM policies: # # - AmazonEKSWorkerNodePolicy (register with EKS) # # - AmazonEC2ContainerRegistryReadOnly (pull images from ECR) <-- Handles ECR access! # # - AmazonEKS_CNI_Policy (pod networking) # # # # Optional: Add SSM for debugging # # iam_role_additional_policies = { # # ssm = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" # # } # # # Optional: Taint to ensure only prometheus-mcp pods run here # # taints = [{ # # key = "dedicated" # # value = "prometheus-mcp" # # effect = "NO_SCHEDULE" # # }] # } # # ----------------------------------------------------------------------------- # IAM ROLE FOR PROMETHEUS-MCP PODS (IRSA) # ----------------------------------------------------------------------------- resource "aws_iam_role" "prometheus_mcp_pod" { count = var.enable_prometheus_mcp ? 1 : 0 name = "${var.cluster_name}-prometheus-mcp-pod" assume_role_policy = jsonencode({ Version = "2012-10-17" Statement = [ { Effect = "Allow" Principal = { Federated = module.eks.oidc_provider_arn } Action = "sts:AssumeRoleWithWebIdentity" Condition = { StringEquals = { "${local.prometheus_mcp_oidc_url}:sub" = "system:serviceaccount:${local.prometheus_mcp_namespace}:${local.prometheus_mcp_serviceaccount}" "${local.prometheus_mcp_oidc_url}:aud" = "sts.amazonaws.com" } } } ] }) tags = { Component = "prometheus-mcp" } } # ----------------------------------------------------------------------------- # IAM POLICY - PERMISSIONS TO QUERY AMP # ----------------------------------------------------------------------------- resource "aws_iam_policy" "prometheus_mcp_query" { count = var.enable_prometheus_mcp ? 1 : 0 name = "${var.cluster_name}-prometheus-mcp-query" description = "Allows prometheus-mcp pods to query AWS Managed Prometheus" policy = jsonencode({ Version = "2012-10-17" Statement = [ { Effect = "Allow" Action = [ "aps:QueryMetrics", "aps:GetLabels", "aps:GetSeries", "aps:GetMetricMetadata" ] Resource = "arn:aws:aps:${var.aws_region}:${data.aws_caller_identity.current.account_id}:workspace/${var.amp_workspace_id}" } ] }) } resource "aws_iam_role_policy_attachment" "prometheus_mcp_pod" { count = var.enable_prometheus_mcp ? 1 : 0 role = aws_iam_role.prometheus_mcp_pod[0].name policy_arn = aws_iam_policy.prometheus_mcp_query[0].arn } # ----------------------------------------------------------------------------- # HELM RELEASE - DEPLOY PROMETHEUS-MCP # ----------------------------------------------------------------------------- resource "helm_release" "prometheus_mcp" { count = var.enable_prometheus_mcp ? 1 : 0 name = "prometheus-mcp" namespace = local.prometheus_mcp_namespace create_namespace = true # Path to the Helm chart (relative to Terraform working directory) # Adjust this path based on your repo structure chart = "${path.module}/../charts/prometheus-mcp" # AWS configuration set { name = "aws.region" value = var.aws_region } # AMP configuration set { name = "amp.workspaceId" value = var.amp_workspace_id } # IRSA configuration set { name = "irsa.enabled" value = "true" } set { name = "irsa.roleArn" value = aws_iam_role.prometheus_mcp_pod[0].arn } # Container image set { name = "image.repository" value = split(":", var.prometheus_mcp_image)[0] } set { name = "image.tag" value = length(split(":", var.prometheus_mcp_image)) > 1 ? split(":", var.prometheus_mcp_image)[1] : "latest" } # Replicas set { name = "replicaCount" value = var.prometheus_mcp_replicas } # Node selector - ensures pods run on dedicated node group dynamic "set" { for_each = var.prometheus_mcp_node_selector content { name = "nodeSelector.${set.key}" value = set.value } } # Wait for deployment to be ready wait = true timeout = 300 depends_on = [ module.eks, aws_iam_role_policy_attachment.prometheus_mcp_pod ] } # ----------------------------------------------------------------------------- # OUTPUTS # ----------------------------------------------------------------------------- output "prometheus_mcp_enabled" { description = "Whether prometheus-mcp is enabled" value = var.enable_prometheus_mcp } output "prometheus_mcp_role_arn" { description = "IAM role ARN for prometheus-mcp pods" value = var.enable_prometheus_mcp ? aws_iam_role.prometheus_mcp_pod[0].arn : null } output "prometheus_mcp_namespace" { description = "Kubernetes namespace for prometheus-mcp" value = var.enable_prometheus_mcp ? local.prometheus_mcp_namespace : null } output "prometheus_mcp_service" { description = "Kubernetes service name for prometheus-mcp" value = var.enable_prometheus_mcp ? "prometheus-mcp" : null }

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Pyda-AI/prometheus-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

prometheus-mcp-integration.tf•9.41 kB