PolicyPulse MCP
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| PORT | No | Port for the SSE server. Also accepts POLICYPULSE_PORT. | 8000 |
| KUBECONFIG | No | Path to kubeconfig file used in kubeconfig mode. | ~/.kube/config |
| AZURE_CLIENT_ID | No | Client ID for service principal or user-assigned managed identity. | |
| AZURE_TENANT_ID | No | Azure AD tenant ID required when using service principal authentication. | |
| POLICYPULSE_LOG | No | Log level: DEBUG, INFO, WARNING. | INFO |
| POLICYPULSE_DEMO | No | Set to 'true' to use mock data without requiring any cluster or Azure credentials. | false |
| POLICYPULSE_HOST | No | Bind address for the SSE server. | 0.0.0.0 |
| AZURE_CLIENT_SECRET | No | Client secret for service principal authentication. | |
| POLICYPULSE_CLUSTERS | No | Comma-separated list of clusters in format 'label:context' (kubeconfig mode) or 'label:resourceGroup/clusterName' (workload identity mode). | |
| AZURE_CREDENTIAL_TYPE | No | Azure credential type: 'cli', 'managed_identity', 'service_principal', or 'auto'. | auto |
| AZURE_SUBSCRIPTION_ID | No | Azure subscription ID required for Azure Policy and workload identity authentication. | |
| POLICYPULSE_TRANSPORT | No | Transport mode: 'stdio' for local clients, 'sse' for hosted deployments. | stdio |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": false
} |
| prompts | {
"listChanged": false
} |
| resources | {
"subscribe": false,
"listChanged": false
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| cluster_statusA | Which policy engines are connected and whether demo mode is active. |
| list_policiesA | List all policies across connected engines, optionally filtered by engine name. |
| get_violationsA | All active violations enriched with compliance framework refs. namespace: restrict to a specific Kubernetes namespace. engine: one of gatekeeper, kyverno, azure_policy. min_severity: only return violations at or above this level (critical → info). cluster: restrict to a specific cluster label (multi-cluster mode only). |
| get_compliance_risk_summaryB | Cross-engine risk summary: severity breakdown, top risks, and regulatory impact. |
| explain_violationB | Plain-English explanation of one violation with framework mapping and remediation. |
| check_manifest_complianceA | Static policy check for a Kubernetes manifest (YAML or JSON) — no cluster needed. |
| list_controlsB | The full compliance control catalog with framework mappings and remediation guidance. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/raviteja-pegata/policy-pulse-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server