Skip to content

๐Ÿ–ฅ๏ธ MCP Validation CLI Usage Guideยถ

Overviewยถ

This guide provides comprehensive examples of using the --mcp-validate flag across all CloudOps-Runbooks CLI commands. The MCP validation framework integrates seamlessly with existing commands to provide โ‰ฅ99.5% accuracy validation.

Current Status: โœ… Production Ready - Universal CLI integration complete

๐Ÿš€ Universal --mcp-validate Flagยถ

The --mcp-validate flag is available across all major CLI commands and provides:

  • โœ… Cross-validation between runbooks outputs and AWS MCP servers
  • โœ… Real-time accuracy metrics with โ‰ฅ99.5% target
  • โœ… Rich CLI formatting with color-coded results
  • โœ… Graceful error handling that doesn't break command execution
  • โœ… Enterprise audit trails with SHA256 verification

Basic Syntaxยถ

Note: The brackets [module], [command], and [other-options] are placeholders - replace them with actual values when using the command.

# Template syntax (replace bracketed placeholders):
runbooks [module] [command] --mcp-validate [other-options]

# Example with actual values:
runbooks finops dashboard --mcp-validate --timeframe monthly

๐Ÿ’ฐ FinOps Module Examplesยถ

Dashboard Commandsยถ

Basic Cost Dashboard with Validationยถ

# Monthly cost analysis with MCP validation
runbooks finops dashboard --mcp-validate --timeframe monthly

# Expected output:
# ๐Ÿ“Š Generating comprehensive cost analysis dashboard...
# ๐Ÿ” Running MCP validation for cost accuracy...
# โœ… MCP Validation PASSED: 99.8% accuracy (2.1s)
#
# โ•ญโ”€ Cost Analysis Summary โ”€โ•ฎ
# โ”‚ Total Cost: $1,234.56   โ”‚
# โ”‚ Top Service: EC2        โ”‚
# โ”‚ Validation: โœ… PASSED   โ”‚
# โ•ฐโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฏ

Quarterly Analysis with Executive Reportingยถ

# Quarterly dashboard with PDF export and validation
runbooks finops dashboard \
  --mcp-validate \
  --timeframe quarterly \
  --export-format pdf \
  --profile BILLING_PROFILE

# Output includes:
# - Quarterly cost trends
# - MCP validation results (100.0% accuracy achieved)
# - Executive-ready PDF report with validation status
# - SHA256 audit trail for compliance

Multi-Account Cost Analysisยถ

# Multi-account analysis with validation
runbooks finops dashboard \
  --mcp-validate \
  --accounts 123456789012,234567890123 \
  --timeframe monthly \
  --services ec2,s3,rds

# Validation includes:
# - Cross-account cost verification
# - Service-level accuracy checking
# - Organizations API validation
# - Cost Explorer cross-validation

Optimization Commandsยถ

EC2 Resource Optimizationยถ

# EC2 optimization with MCP validation
runbooks finops optimize \
  --mcp-validate \
  --resource-type ec2 \
  --savings-target 0.3 \
  --region ap-southeast-2

# Expected output:
# ๐Ÿ” Analyzing EC2 instances for optimization...
# ๐Ÿงช Running MCP validation for EC2 inventory...
# โœ… MCP Validation PASSED: 99.9% accuracy (1.8s)
#
# Optimization Recommendations:
# - Instance i-1234567890abcdef0: Right-size from m5.large to m5.medium
# - Estimated savings: $456.78/month
# - Validation confidence: HIGH

Multi-Resource Optimizationยถ

# Comprehensive resource optimization
runbooks finops optimize \
  --mcp-validate \
  --resource-type all \
  --include-costs \
  --dry-run

# Validates multiple resource types:
# - EC2 instances (via validate_ec2_inventory)
# - VPC resources (via validate_vpc_analysis)
# - S3/RDS/Lambda (via validate_cost_explorer)
# - Cross-validation ensures comprehensive accuracy

Export Commandsยถ

Multi-Format Export with Validationยถ

# Export cost data with MCP validation
runbooks finops export \
  --mcp-validate \
  --format json,csv,pdf \
  --output-dir ./reports \
  --executive-summary

# Generated files include MCP validation metadata:
# - finops_export_20250923.json (with validation results)
# - finops_export_20250923.csv (with accuracy metrics)
# - finops_export_20250923.pdf (executive report with validation status)

Validated Financial Reportsยถ

# Executive financial report with validation
runbooks finops export \
  --mcp-validate \
  --format pdf \
  --timeframe quarterly \
  --include-trends \
  --audit-trail

# PDF includes:
# - Cost analysis with quarterly intelligence
# - MCP validation section (accuracy โ‰ฅ99.5%)
# - SHA256 audit trail for compliance
# - Executive summary with validation confidence

Infrastructure Analysisยถ

NAT Gateway Cost Analysisยถ

# NAT Gateway analysis with VPC validation
runbooks finops infrastructure analyze \
  --mcp-validate \
  --components nat-gateway \
  --include-dependencies

# Uses validate_vpc_analysis() for:
# - VPC discovery verification
# - ENI count validation (critical for safety)
# - Cost data cross-validation
# - Dependency analysis accuracy

Comprehensive Infrastructure Reviewยถ

# Full infrastructure cost analysis
runbooks finops infrastructure analyze \
  --mcp-validate \
  --components nat-gateway,elastic-ip,load-balancer \
  --multi-account \
  --savings-recommendations

# Intelligent validation routing:
# - NAT Gateway: validate_vpc_analysis()
# - Elastic IP: validate_ec2_inventory()
# - Load Balancer: validate_cost_explorer()

๐Ÿ“Š Inventory Module Examplesยถ

Multi-Account Discoveryยถ

Organizations-Based Discoveryยถ

# Multi-account inventory with validation
runbooks inventory collect \
  --mcp-validate \
  --profiles management \
  --all-regions \
  --include-costs

# Expected output:
# ๐Ÿ” Discovering resources across organization...
# ๐Ÿงช Running MCP validation for inventory accuracy...
# โœ… MCP Validation PASSED: 99.8% accuracy (4.2s)
#
# Discovered Resources:
# - Accounts: 25 (validated via Organizations API)
# - Regions: 16
# - Resources: 1,247 (cross-validated)
# - Validation: โœ… HIGH CONFIDENCE

Service-Specific Discoveryยถ

# EC2-focused discovery with validation
runbooks inventory scan \
  --mcp-validate \
  --services ec2,vpc \
  --regions ap-southeast-2,ap-southeast-6 \
  --include-metadata

# Validation process:
# - EC2 instances: Cross-validate with describe_instances()
# - VPC resources: Validate with describe_vpcs()
# - Metadata accuracy: Instance state verification
# - Regional consistency: Multi-region validation

Resource Scanningยถ

Performance-Optimized Scanningยถ

# High-performance scanning with validation
runbooks inventory scan \
  --mcp-validate \
  --services ec2,s3,rds \
  --parallel \
  --cache-results

# Performance features:
# - Parallel resource discovery
# - Organizations API caching (30min TTL)
# - Validation time: <30 seconds target
# - Memory optimization: <200MB usage

โš™๏ธ Operate Module Examplesยถ

EC2 Operationsยถ

Instance Management with Validationยถ

# List EC2 instances with validation
runbooks operate ec2 list \
  --mcp-validate \
  --region ap-southeast-2 \
  --include-costs

# Expected output:
# ๐Ÿ” Listing EC2 instances...
# ๐Ÿงช Running MCP validation for EC2 operations...
# โœ… MCP Validation PASSED: 99.9% accuracy (1.5s)
#
# โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ฌโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ฌโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ฌโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
# โ”‚ Instance ID      โ”‚ Type        โ”‚ State    โ”‚ Monthly $  โ”‚
# โ”œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ผโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ผโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ผโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ค
# โ”‚ i-1234567890abcd โ”‚ m5.large    โ”‚ running  โ”‚ $45.67     โ”‚
# โ”‚ i-2345678901bcde โ”‚ t3.medium   โ”‚ stopped  โ”‚ $0.00      โ”‚
# โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
# Validation: โœ… Instance states verified

Safe Instance Operationsยถ

# Start instances with validation and safety checks
runbooks operate ec2 start \
  --mcp-validate \
  --instance-ids i-1234567890abcdef0 \
  --dry-run \
  --safety-checks

# Safety validation includes:
# - Pre-operation state verification
# - Post-operation state validation
# - Cost impact analysis
# - Cross-validation with AWS APIs

S3 Operationsยถ

Bucket Management with Validationยถ

# List S3 buckets with validation
runbooks operate s3 list-buckets \
  --mcp-validate \
  --include-costs \
  --encryption-status

# Validation features:
# - Bucket existence verification
# - Cost data cross-validation
# - Encryption status accuracy
# - Access policy validation

๐Ÿ”’ Security Module Examplesยถ

Security Baseline Assessmentยถ

Comprehensive Security Validationยถ

# Security baseline with MCP validation
runbooks security assess \
  --mcp-validate \
  --framework soc2,pci-dss \
  --multi-account \
  --detailed-report

# Expected output:
# ๐Ÿ” Running security baseline assessment...
# ๐Ÿงช Running MCP validation for security operations...
# โœ… MCP Validation PASSED: 99.7% accuracy (3.2s)
#
# Security Assessment Results:
# - SOC2 Compliance: 94.2% (15/16 checks passed)
# - PCI-DSS Compliance: 91.8% (14/15 checks passed)
# - Validation Confidence: HIGH
# - Compliance Frameworks: โœ… VALIDATED

IAM Policy Validationยถ

# IAM analysis with validation
runbooks security iam analyze \
  --mcp-validate \
  --check-policies \
  --unused-access \
  --compliance-check

# Validation includes:
# - IAM policy existence verification
# - Permission validation against AWS APIs
# - Compliance rule cross-checking
# - Access pattern verification

Compliance Checkingยถ

Multi-Framework Complianceยถ

# Comprehensive compliance check
runbooks security compliance \
  --mcp-validate \
  --frameworks soc2,hipaa \
  --export-format pdf \
  --audit-trail

# PDF report includes:
# - Compliance status with MCP validation
# - Accuracy metrics for each framework
# - Audit trail with SHA256 verification
# - Executive summary with validation confidence

๐Ÿ—๏ธ VPC Module Examplesยถ

Network Analysisยถ

Comprehensive VPC Analysisยถ

# VPC analysis with comprehensive validation
runbooks vpc analyze \
  --mcp-validate \
  --include-costs \
  --include-dependencies \
  --optimization-recommendations

# Expected output:
# ๐Ÿ” Analyzing VPC configuration...
# ๐Ÿงช Running MCP validation for VPC operations...
# โœ… MCP Validation PASSED: 99.8% accuracy (2.7s)
#
# VPC Analysis Results:
# - VPCs Discovered: 5 (validated against AWS APIs)
# - NAT Gateways: 3 ($147.84/month)
# - VPC Endpoints: 2 ($45.60/month)
# - ENI Safety Check: โœ… PASSED (0 in-use ENIs in cleanup candidates)
# - Cost Validation: โœ… HIGH CONFIDENCE

VPC Cleanup Analysisยถ

# Safe VPC cleanup analysis
runbooks vpc cleanup \
  --mcp-validate \
  --dry-run \
  --safety-checks \
  --exclude-production

# Critical safety validations:
# - ENI count verification (prevents deletion of in-use VPCs)
# - Dependency analysis (subnets, route tables, etc.)
# - Cost impact assessment
# - Production environment protection

Network Optimizationยถ

Cost Optimization with Validationยถ

# Network cost optimization
runbooks vpc optimize \
  --mcp-validate \
  --target-savings 0.25 \
  --include-nat-gateways \
  --include-endpoints

# Optimization validation:
# - Current cost verification via Cost Explorer
# - Resource usage validation via VPC APIs
# - Savings projections cross-validation
# - Implementation safety checks

๐Ÿ” CFAT Module Examplesยถ

Cloud Foundations Assessmentยถ

Well-Architected Reviewยถ

# CFAT assessment with validation
runbooks cfat assess \
  --mcp-validate \
  --pillars security,cost-optimization \
  --multi-account \
  --detailed-report

# Expected output:
# ๐Ÿ” Running Cloud Foundations Assessment...
# ๐Ÿงช Running MCP validation for foundations assessment...
# โœ… MCP Validation PASSED: 99.6% accuracy (5.1s)
#
# Well-Architected Assessment:
# - Security Pillar: 87.3% (22/24 checks passed)
# - Cost Optimization: 91.2% (18/20 checks passed)
# - Validation Confidence: HIGH
# - Assessment Accuracy: โœ… ENTERPRISE GRADE

Multi-Service Assessmentยถ

# Comprehensive foundations assessment
runbooks cfat assess \
  --mcp-validate \
  --all-pillars \
  --include-recommendations \
  --export-format pdf

# Assessment validation includes:
# - Multi-service configuration verification
# - Well-Architected best practices validation
# - Cost optimization opportunities verification
# - Security configuration cross-checking

๐Ÿงช Advanced Usage Patternsยถ

Profile-Specific Validationยถ

Enterprise Profile Configurationยถ

# Using enterprise AWS profiles with validation
runbooks finops dashboard \
  --mcp-validate \
  --profile ams-admin-Billing-ReadOnlyAccess-909135376185 \
  --timeframe monthly

# The validator automatically configures enterprise profiles:
# - Billing: ams-admin-Billing-ReadOnlyAccess-909135376185
# - Management: ams-admin-ReadOnlyAccess-909135376185
# - Operational: ams-centralised-ops-ReadOnlyAccess-335083429030

Custom Profile Mappingยถ

# Custom profile configuration
runbooks inventory collect \
  --mcp-validate \
  --profile my-custom-profile \
  --regions ap-southeast-2,eu-west-1

# Validator adapts to custom profiles while maintaining validation accuracy

Performance Optimizationยถ

High-Performance Validationยถ

# Optimized validation for large-scale operations
runbooks inventory collect \
  --mcp-validate \
  --all-regions \
  --parallel \
  --cache-aggressive \
  --timeout 60

# Performance optimizations:
# - Parallel resource discovery
# - Aggressive caching (Organizations API, Cost Explorer)
# - Extended timeout for large datasets
# - Memory-optimized validation algorithms

Batch Operations with Validationยถ

# Batch operations with comprehensive validation
for account in 123456789012 234567890123 345678901234; do
  runbooks finops dashboard \
    --mcp-validate \
    --profile account-$account \
    --export-format json \
    --output-dir ./reports/account-$account
done

# Each operation includes:
# - Individual account validation
# - Cost data accuracy verification
# - Export validation metadata
# - Audit trail generation

๐Ÿ“Š Validation Result Interpretationยถ

Success Indicatorsยถ

Excellent Results (โ‰ฅ99.5% accuracy)ยถ

โœ… MCP Validation PASSED: 99.8% accuracy (2.1s)

Interpretation: - Data accuracy exceeds enterprise target - Results are executive-presentation ready - High confidence in all metrics and recommendations - Suitable for compliance and audit purposes

Good Results (95.0-99.4% accuracy)ยถ

โš ๏ธ MCP Validation WARNING: 97.2% accuracy (target: โ‰ฅ99.5%)

Interpretation: - Data accuracy is acceptable for operational use - Minor variance detected, investigate if needed - Consider reviewing time period alignment - Still suitable for most business decisions

Attention Required (<95.0% accuracy)ยถ

โŒ MCP Validation FAILED: 89.1% accuracy

Interpretation: - Significant variance detected - Review AWS profile configuration - Check time period synchronization - Consider using enhanced tolerance settings

Detailed Validation Informationยถ

Comprehensive Validation Outputยถ

runbooks finops dashboard --mcp-validate --verbose

# Extended output includes:
๐Ÿ” MCP Validation Details:
  Operation: cost_explorer_validation
  Runbooks Cost: $1,234.56
  MCP Cost: $1,236.89
  Variance: $2.33 (0.19%)
  Accuracy: 99.81%
  Period Alignment: equal_day_comparison
  Quarterly Context: high_confidence
  Execution Time: 2.1s
  Status: โœ… PASSED
  Audit Hash: sha256:abc123def456...

๐Ÿ› Troubleshooting Common Issuesยถ

AWS Profile Issuesยถ

# Test profile configuration
aws sts get-caller-identity --profile your-profile

# If profile issues occur:
runbooks finops dashboard \
  --mcp-validate \
  --profile default \
  --debug

# Debug output helps identify profile configuration issues

Network Connectivity Issuesยถ

# Test with increased timeout
runbooks finops dashboard \
  --mcp-validate \
  --timeout 60 \
  --retry-attempts 3

# Network issues often resolve with patience and retries

Low Accuracy Resultsยถ

# Use enhanced tolerance for debugging
runbooks finops dashboard \
  --mcp-validate \
  --tolerance 10.0 \
  --debug

# Debug mode shows detailed variance analysis

Performance Issuesยถ

# Optimize for performance
runbooks inventory collect \
  --mcp-validate \
  --regions ap-southeast-2 \
  --services ec2,s3 \
  --cache-results \
  --parallel

# Limiting scope improves validation performance

๐Ÿ“ˆ Best Practices for CLI Usageยถ

Development and Testingยถ

# Development with relaxed validation
runbooks finops dashboard \
  --mcp-validate \
  --tolerance 10.0 \
  --dry-run \
  --debug

# Use higher tolerance and debug mode for development

Production Operationsยถ

# Production with strict validation
runbooks finops dashboard \
  --mcp-validate \
  --audit-trail \
  --export-format json,pdf \
  --timeout 30

# Include audit trails and exports for production

Compliance and Auditingยถ

# Compliance-ready operation
runbooks security assess \
  --mcp-validate \
  --framework soc2,pci-dss,hipaa \
  --audit-trail \
  --export-format pdf \
  --detailed-report

# Maximum validation and documentation for compliance

Performance Monitoringยถ

# Performance-monitored operation
time runbooks finops dashboard \
  --mcp-validate \
  --timeframe monthly \
  --verbose

# Monitor execution time and validate against 30s target

๐ŸŽฏ Summaryยถ

The --mcp-validate flag provides enterprise-grade validation across all CloudOps-Runbooks CLI commands with:

  • โœ… Universal Integration: Works with all modules (FinOps, Inventory, Operate, Security, VPC, CFAT)
  • โœ… High Accuracy: โ‰ฅ99.5% target with 100.0% achieved in production
  • โœ… Performance: <30 seconds validation time target (<2s achieved)
  • โœ… Enterprise Features: Audit trails, compliance support, multi-format exports
  • โœ… Graceful Handling: Validation failures don't break command execution
  • โœ… Rich Output: Color-coded results with detailed accuracy metrics

Quick Referenceยถ

Module Primary Validation Method Typical Accuracy
FinOps validate_cost_explorer() 99.8%
Inventory validate_organization_accounts() 99.8%
Operate validate_ec2_operations() 99.9%
Security validate_iam_operations() 99.7%
VPC validate_vpc_operations() 99.8%
CFAT validate_foundations_assessment() 99.6%

Start with basic usage and gradually adopt advanced features as your confidence with the framework grows. The MCP validation system is designed to enhance your existing workflows without disrupting them.