Skip to main content

Ask Claude about your AWS, Azure, GCP, and SaaS costs. MCP server with anomaly detection, rightsizing, and Jira ticketing.

Project description

nable

Open-source, local-first FinOps. Ask your whole cloud and AI bill anything, get the fix as a pull request you approve, and prove the savings on your next invoice.

PyPI Python Tests OpenSSF Scorecard License: Elastic-2.0

nable is an MCP server that runs on your machine and connects to your real AWS, Azure, GCP, Kubernetes, and SaaS billing. It answers cost questions in your editor, finds waste, drafts the fix for your approval, and verifies the savings landed. Your credentials stay in your OS keychain and your bill never leaves your control, so the no-egress claim is something you can read in the code, not just take on faith. The local agent is open and auditable; a hosted platform is available for teams.

getnable.com · docs, quickstart, and the hosted platform

nable in Claude Desktop

User: Just downloaded nable: What's our cloud spend this month?

Claude: Here's your spend breakdown:

Total: $8,421.63 / month

Provider    | Spend
------------|----------
AWS         | $7,284.17
Datadog     | $847.20
Snowflake   | $290.26

Top AWS services:
- EC2: $3,184.52
- EKS: $1,821.34
- RDS: $1,243.80
- ElastiCache: $612.40
- S3: $184.22

Most spend is concentrated in us-east-1 ($5,841 of the $7,284 AWS total).

Quick start

Requires Python 3.10 or newer. The uvx command below fetches a matching Python for you. If you take the pip path instead, check yours first with python --version (or python3 --version). On older Python, pip reports No matching distribution found for finops-mcp.

Step 1: Install and run the setup wizard

Need uv? It is not preinstalled on macOS or most Linux:

curl -LsSf https://astral.sh/uv/install.sh | sh   # macOS / Linux
# or: brew install uv

Then:

uvx nable

No uv and don't want it? On Python 3.11+, pip install -U finops-mcp && finops welcome works too.

First run downloads dependencies, so give it a moment before the welcome screen appears.

The wizard walks through connecting your providers and auto-configures Claude Desktop at the end. No config file editing, no manual env vars.

Using Cursor? One-click install (opens Cursor and adds nable):

cursor://anysphere.cursor-deeplink/mcp/install?name=nable&config=eyJjb21tYW5kIjogInV2eCIsICJhcmdzIjogWyItLXB5dGhvbiIsICIzLjEyIiwgImZpbm9wcy1tY3AiXX0=

Then run finops setup once to connect a cloud account.

On Anaconda? Use uvx (isolated, won't touch your Anaconda environment):

brew install uv && uvx nable setup

Step 2: Connect AWS (usually one keystroke)

finops setup aws

The wizard checks for AWS credentials you already have (an SSO login, an AWS CLI profile, or default credentials), shows you the account it found, and connects it when you confirm. If you use aws on this machine already, you will not type a single key.

Checking for AWS credentials on this machine...
✓ Found working credentials: profile 'default' -> account 1234
  Connect this account? [Y/n]

Only if no working credentials are found does it walk you through creating a read-only access key. Want the IAM policy to hand your platform team first? Run finops setup aws --iam-template.

Step 3: Restart Claude Desktop and ask

What are my AWS costs this month?

Once you see a real cost breakdown, you're live. Also works with Cursor, Windsurf, and VS Code.

Step 4 (optional): Open the visual dashboard

finops serve

Serves a password-protected web dashboard at http://localhost:8080, local to your machine by default. To let your team or manager view it in a browser (no Claude required), add --host 0.0.0.0 so it binds your network. It stays password-protected; share the URL and password with them.

7-day free trial, all features unlocked. No credit card required.


To add more providers later:

finops setup aws      # add another AWS account
finops setup azure    # add Azure
finops setup slack    # configure alerts
finops setup license  # activate a Team plan key
finops serve          # open the visual dashboard

What you can ask

  • "What drove our AWS bill up 40% last month?"
  • "Which Kubernetes namespace is over-provisioned?"
  • "Are there any unusual cost spikes this week?"
  • "Which EC2 instances should we downsize?"
  • "Compare our cloud spend vs SaaS spend"
  • "Create a Jira ticket for any EC2 waste over $200/mo"
  • "Which team is spending the most on Datadog?"
  • "What will our AWS bill look like next month?"
  • "Show me RDS instances with low CPU that we could right-size"
  • "What's our effective discount rate from Savings Plans?"

Visual dashboard

finops serve

Starts a local web dashboard your whole team can open in a browser, no Claude Desktop required. Share it with an exec, a FinOps analyst, or anyone who needs to see costs without using an AI interface.

What it shows:

  • MTD spend and projected month total
  • Cost trend: 3-month historical with run-rate projection
  • Efficiency score: composite of waste, commitment coverage, anomaly response, and tag hygiene
  • Savings opportunities: ranked by dollar impact, each with a one-click "Mark done" to track actions taken
  • Savings pipeline: how much has been identified vs acted on vs verified

The dashboard reads from your local provider connections. Your data stays on your machine.

# Secure with a password (recommended when sharing on a network)
FINOPS_DASHBOARD_PASSWORD=yourpassword finops serve

# Default: auto-generates a random password and prints it at startup
finops serve

Light mode, dark mode, and 30/60/90-day lookback are built in.


Local-first and auditable

Your credentials are encrypted with Fernet and stored in your OS keyring (macOS Keychain, Windows Credential Manager, or libsecret on Linux). They never leave your machine. Cost data is cached in a local SQLite database, and nable has no backend, so we never see your cost data or credentials. One honest caveat: when you ask a question in your AI editor, the figures nable returns go to your editor's own AI to answer it, the same as any prompt, never to a nable server. If you need zero AI exposure, use the local dashboard (finops serve) or CLI, which never touch a model. Teams share findings via Slack alerts, Notion publishing, and CSV exports. No shared database required.

nable is read-only by default. It never writes to your AWS account unless you explicitly enable cleanup mode. Run finops setup aws --iam-template to generate a least-privilege IAM policy with exactly the permissions nable needs.

None of this is take-our-word-for-it. Read the source, check the OpenSSF Scorecard, run finops-doctor to see exactly what nable touches, and set NABLE_NO_TELEMETRY=1 (or FINOPS_AIRGAP=1 to forbid every non-provider request) if you want it locked down.


Manual Claude Desktop config

If finops setup doesn't auto-configure, run:

finops setup claude

Or add manually to claude_desktop_config.json:

With uvx (recommended):

{
  "mcpServers": {
    "nable": { "command": "uvx", "args": ["--python", "3.12", "finops-mcp"] }
  }
}

With absolute path:

{
  "mcpServers": {
    "nable": { "command": "/usr/local/bin/finops-mcp" }
  }
}

Use the path from which finops-mcp.

Config file locations:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
  • Linux: ~/.config/Claude/claude_desktop_config.json

Why uvx? Claude Desktop is a GUI app and doesn't inherit your shell's PATH. uvx sidesteps this by running finops-mcp in its own isolated environment. It's the most reliable option on corporate machines with managed Python installs.


Connectors (17)

Provider What it pulls
AWS Cost Explorer (free tier) · CUR via S3 (Pro: line-item granularity, savings plans, reservations)
Azure Cost Management API · Advisor cost recs · VM rightsizing (Azure Monitor) · native budgets · forecast
GCP Cloud Billing API + BigQuery export
Datadog Usage Metering API v2: real dollar amounts
Snowflake ACCOUNT_USAGE.METERING_HISTORY
Langfuse Daily metrics API: model cost, token usage, trace volume
MongoDB Atlas Invoice API
Twilio Usage Records API
Cloudflare Billing API
GitHub Actions minutes + Copilot seats
Vercel Invoice API (Enterprise)
PagerDuty Seat count
New Relic Data ingest + user counts
Stripe Fees and billing activity
Databricks DBU usage and SQL warehouse spend
OpenAI API usage and token spend by model
Anthropic Claude API usage and token spend

Azure roles. The Azure tools span three RBAC roles, granted to the service principal on each subscription. Without them, the affected tools return empty results (run finops doctor to check):

Role Unlocks
Cost Management Reader cost queries, budgets, forecast, cost-by-dimension
Reader Azure Advisor recommendations + VM list (rightsizing)
Monitoring Reader VM CPU metrics (rightsizing)
# repeat per subscription
az role assignment create --assignee <client-id> --role 'Cost Management Reader' --scope /subscriptions/<sub-id>
az role assignment create --assignee <client-id> --role Reader --scope /subscriptions/<sub-id>
az role assignment create --assignee <client-id> --role 'Monitoring Reader' --scope /subscriptions/<sub-id>

What nable actually does

nable is not just a connector that pipes billing data into Claude. It runs active analysis on your infrastructure and surfaces findings as tools Claude can reason about and act on.

Every finding is classified by how sure we are. A recommendation is something nable measured: a precise dollar figure, a safe fix, and a check that the savings actually landed on your next bill. An investigation is a signal worth confirming: an honest order-of-magnitude, never a fake-precise number, with the steps to confirm it. nable proposes, you approve, and it verifies. It never changes your infrastructure on its own.

AWS deep audit goes well beyond Cost Explorer. It pulls CloudWatch metrics for every running resource and flags waste that never shows up on your bill: gp2 volumes that should be gp3 (20% cheaper, same performance), unattached EBS volumes, idle NAT Gateways costing $32/mo in base charges, RDS backup retention set way too high, CloudWatch Log Groups with no retention policy growing forever, and Lambda functions allocated 2x the memory they actually use. Think of it as Compute Optimizer plus the layer underneath it.

Anomaly detection uses z-score, CUSUM drift, and day-of-week seasonal normalization. When something spikes, it drills into Cost Explorer by tag and tells you which team, environment, or service drove it. Anomaly findings and Slack/Teams alerts are free; auto-ticketing is a paid feature.

Rightsizing combines AWS Compute Optimizer with nable's own CloudWatch analysis. It gives you specific recommended instance types with estimated savings, not just a list of underutilized resources. Recommendations are free; ticket auto-creation is a paid feature.

Commitment analysis (a paid feature) models Savings Plans and Reserved Instance coverage against your actual usage. It shows your current effective discount rate, coverage gaps, and what you would save by purchasing additional commitments.


Open-core

The local agent is open-source and free: the MCP server, every connector, cost queries, anomaly detection, rightsizing, AI and LLM spend tracking, the local dashboard, and remediation drafts (the PRs and tickets you approve). Run it on your machine, audit it, fork the connectors.

A hosted platform is available for teams who would rather have it run for them: a managed, single-tenant workspace with dashboards anyone can use without a terminal, SSO and roles, scheduled reports, and a managed AI agent. Single-tenant by design, your bill is never pooled with anyone else's.

See getnable.com for the current plans and a free trial.


Troubleshooting

finops-doctor          # checks credentials, DB, network, audit log
finops setup claude    # re-run Claude Desktop configuration only
Symptom Fix
Tools don't appear in Claude Switch to uvx config or use absolute path
command not found: finops-mcp Re-install with pip install finops-mcp or use uvx
AWS returns no data Run finops setup aws. The wizard writes credentials to your editor config automatically.
No matching distribution found for finops-mcp Your Python is older than 3.11. Check with python --version, then install on 3.11+ (uvx nable, or python3.11 -m pip install finops-mcp).
cryptography build error / maturin failed uv tried to compile cryptography from source on Python 3.10, which has no prebuilt wheel. Use 3.11+: uvx nable, or force it with uvx --python 3.12 nable.
Python 3.8 / 3.9 / 3.10 errors nable requires Python 3.11+: python3.11 -m pip install finops-mcp
Corporate SSL errors pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org finops-mcp
Permission denied Install to user: pip install --user finops-mcp or use uvx
Works at home, not at work Use uvx (corporate IT often strips custom PATH entries)

Docs

Full setup guide: getnable.com/docs


mcp-name: io.github.chaandannn/finops-mcp

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

finops_mcp-0.8.93.tar.gz (1.1 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

finops_mcp-0.8.93-py3-none-any.whl (1.2 MB view details)

Uploaded Python 3

File details

Details for the file finops_mcp-0.8.93.tar.gz.

File metadata

  • Download URL: finops_mcp-0.8.93.tar.gz
  • Upload date:
  • Size: 1.1 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for finops_mcp-0.8.93.tar.gz
Algorithm Hash digest
SHA256 f24d13bdf945d3f99c82143cdc0843e4b19c77b80710c7154264b7f5db74c080
MD5 27ab14e6c01f20672e18c18419393cb7
BLAKE2b-256 7a200bf39f66861ae8cc0717eb6d91ae46b62da0212f49491d1b220d3d159c56

See more details on using hashes here.

Provenance

The following attestation bundles were made for finops_mcp-0.8.93.tar.gz:

Publisher: publish.yml on chaandannn/finopsmcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file finops_mcp-0.8.93-py3-none-any.whl.

File metadata

  • Download URL: finops_mcp-0.8.93-py3-none-any.whl
  • Upload date:
  • Size: 1.2 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for finops_mcp-0.8.93-py3-none-any.whl
Algorithm Hash digest
SHA256 e0bd8fd2a65c41f1c3dcf92fad98bb85a4eeb46e4a606bd0e7f16a712a20ea49
MD5 47c2ef1e058b5b0ffca1bbaae01a1735
BLAKE2b-256 f50a8784939c866f3ce97dd239fbd146e8398877ebc68c8d35aedaf5a9ef0afd

See more details on using hashes here.

Provenance

The following attestation bundles were made for finops_mcp-0.8.93-py3-none-any.whl:

Publisher: publish.yml on chaandannn/finopsmcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page