Installation
Instructions for installing StackQL on various different platforms are provided here.
- macOS
- Linux
- Windows
- Docker
- Claude Desktop / MCP
- stackql-deploy
- Cloud Shells
macOS
StackQL is available on macOS via Homebrew and the pkg Installer, both ARM (M1/Apple Silicon) and AMD architectures are supported with a single multi-arch installer.
Homebrew
To install via Homebrew, run the following command in your terminal:
brew install stackql
Package download
StackQL is available as a signed and notarized, interactive pkg installer for MacOS.
Linux
StackQL is available for all Linux architectures.
using curl
- amd64
- arm64
curl -L https://bit.ly/stackql-zip -O \
&& unzip stackql-zip
curl -L https://bit.ly/stackql-arm64 -O \
&& unzip stackql-arm64
Package download
Alternatively, you can download the binaries here:
Windows
StackQL is available on Windows via Chocolatey and the msi Installer, x64 and x86 architectures are supported.
Chocolatey
To install via Chocolatey, run the following command in your PowerShell or cmd terminal:
choco install stackql
Package download
Alternatively, the Windows stackql binary can be downloaded here.
Claude Desktop / MCP clients
Prebuilt MCP Bundles (.mcpb) are attached to every StackQL release for one-click installation of the StackQL MCP server into Claude Desktop - no separate StackQL installation is required. Bundles are available for macOS, Windows and Linux.
The StackQL MCP server is also listed on the Official MCP Registry as io.github.stackql/stackql-mcp.
The bundle is one of several ways to run the StackQL MCP server. See Installing the MCP server for the npx, Docker, Python, CI and manual options, or Using StackQL with Claude Desktop for the full Claude Desktop walkthrough.
stackql-deploy
stackql-deploy is a stateless IaC framework built on StackQL. For full documentation see StackQL Deploy Docs.
Linux / macOS
Downloads and extracts the latest stackql-deploy binary in one step. The installer detects your OS and architecture (including Apple Silicon and Intel via a universal macOS binary) and fetches the correct release asset automatically.
curl -fsSL https://get-stackql-deploy.io/install.sh | sh
Windows
Downloads the latest binary as a .zip and extracts it to the current directory.
Invoke-WebRequest https://get-stackql-deploy.io -OutFile stackql-deploy.zip
Expand-Archive stackql-deploy.zip -DestinationPath .
cargo
If you have the Rust toolchain installed, this builds and installs the binary directly from crates.io.
cargo install stackql-deploy
Cloud Shells
StackQL can be used directly from major cloud and data platforms' built-in cloud shells and web terminals. This provides a seamless experience as these environments are pre-authorized with the identity you're logged into, eliminating the need for separate authentication setup.
- AWS
- Azure
- Databricks
AWS Cloud Shell
AWS CloudShell provides a browser-based shell with AWS CLI pre-installed and authenticated. Running StackQL in AWS CloudShell allows you to query and manage AWS resources without additional authentication steps. For detailed instructions, see our AWS CloudShell tutorial.
First, download the StackQL package:
curl -L https://bit.ly/stackql-zip -O \
&& unzip stackql-zip
Then run the StackQL AWS CloudShell script:
sh stackql-aws-cloud-shell.sh
This script starts a StackQL command shell using your AWS CloudShell credentials, allowing you to immediately start querying AWS resources.
Azure Cloud Shell
Azure Cloud Shell provides a browser-accessible shell environment with Azure CLI pre-authenticated with your Azure account. Using StackQL in Azure Cloud Shell enables seamless querying of your Azure resources without additional setup. For complete details, check our Azure Cloud Shell guide.
First, download the StackQL package:
curl -L https://bit.ly/stackql-zip -O \
&& unzip stackql-zip
Then run the StackQL Azure Cloud Shell script:
sh stackql-azure-cloud-shell.sh
This script automatically configures a StackQL session to use your Azure Cloud Shell credentials, enabling immediate access to query your Azure resources.
Google Cloud Shell
Google Cloud Shell offers a development and operations environment with Google Cloud CLI already authenticated. Running StackQL in Google Cloud Shell lets you query GCP resources using your existing authentication. Learn more in our Google Cloud Shell guide.
First, download the StackQL package:
curl -L https://bit.ly/stackql-zip -O \
&& unzip stackql-zip
Then run the StackQL Google Cloud Shell script:
sh stackql-google-cloud-shell.sh
The script sets up StackQL to use your Google Cloud Shell credentials, allowing you to immediately start querying your GCP resources using SQL syntax.
Databricks Web Terminal
Databricks workspaces include a web terminal that runs as the logged-in user. Running StackQL there lets you query your workspace using your Databricks identity, with no separate authentication setup. For example queries and account-level auth, see our Databricks Web Terminal guide.
First, download the StackQL package:
curl -L https://bit.ly/stackql-zip -O \
&& unzip stackql-zip
Then run the StackQL Databricks shell script:
sh stackql-databricks-shell.sh
This starts a StackQL session using your Databricks workspace identity, so you can immediately query workspace-scoped resources such as databricks_workspace.iam.vw_user_entitlements. For account-level queries (provisioning, billing, account IAM), set the Databricks OAuth2 service principal variables as described in the guide.
Installing the MCP server
The StackQL MCP server lets AI agents query and provision cloud resources using StackQL. It ships through several channels - they all run the same server, so pick the channel that matches your client and your trust requirements. The options below are listed roughly in order of trust and ease.
Marketplaces and directories
The server is published to the Official MCP Registry as io.github.stackql/stackql-mcp; the package registries below carry the distributable artifacts, and downstream directories pick the listing up from there.
- Registries
- Directories
| Registry | Type | Published via | Listing | Notes |
|---|---|---|---|---|
| Official MCP Registry | Canonical metadata registry | mcp-publisher CLI + server.json | modelcontextprotocol.io/searchmodelcontextprotocol.io/direct | advertises all 7 package types (mcpb x4, oci, npm, pypi) |
| npm | Package registry | npm publish | @stackql/mcp-server | npx launcher |
| PyPI | Package registry | twine upload | stackql-mcp-server | uvx / pip launcher |
| Docker Hub | Container registry | docker buildx --push | stackql/stackql-mcp | multi-arch amd64 + arm64 |
| GitHub Actions Marketplace | CI marketplace (setup-stackql-mcp action) | Public repo + release + marketplace listing | setup-stackql-mcp-server | Verified publisher; stackql/setup-stackql-mcp |
Directory and aggregator listings, in rough order of significance for discovery:
| Directory | Type | Listing |
|---|---|---|
| Cursor Directory | IDE client directory | cursor.directory |
| mcp.so | Largest aggregator | mcp.so |
| PulseMCP | Discovery, registry backer | pulsemcp |
| Glama.ai MCP | Searchable marketplace | glama.ai |
| mcpmarket.com | Aggregator | mcpmarket |
| mcpservers.org | Awesome-list site | mcpservers.org |
Prebuilt .mcpb bundle
When to use: Claude Desktop, no separate StackQL install, and you want a signed one-click bundle.
A prebuilt MCP Bundle is attached to every StackQL release for each platform:
https://github.com/stackql/stackql/releases/latest/download/stackql-mcp-<platform>.mcpb
where <platform> is one of darwin-universal, windows-x64, linux-x64, or linux-arm64. Download buttons for each platform are in the Claude Desktop / MCP tab above. Each bundle has a matching .sha256 checksum on the release page. Verify it, then install via Settings -> Extensions in Claude Desktop:
shasum -a 256 -c stackql-mcp-darwin-universal.mcpb.sha256
See Using StackQL with Claude Desktop for the full walkthrough.
Manual claude_desktop_config.json
When to use: you already have the stackql binary on your PATH and use Claude Desktop or any other stdio MCP client.
{
"mcpServers": {
"stackql": {
"command": "stackql",
"args": [
"mcp",
"--mcp.server.type=stdio",
"--approot", "/Users/you/.stackql",
"--mcp.config", "{\"server\": {\"audit\": {\"disabled\": true}}}"
]
}
}
}
All three arguments are load-bearing:
--mcp.server.type=stdioselects the stdio transport that editor-embedded clients speak.--approotpoints the provider cache at a writable directory. MCP clients may launch the server with the working directory set to/, which is not writable.--mcp.config '{"server": {"audit": {"disabled": true}}}'disables the audit log, which otherwise defaults its directory to the (possibly non-writable) working directory.
Add provider credentials with an "env" block and tune the safety contract with "mode" - see Server modes.
npx (no install)
When to use: any Node environment, when you do not want a global StackQL install.
{ "mcpServers": { "stackql": { "command": "npx", "args": ["-y", "@stackql/mcp-server"] } } }
The @stackql/mcp-server launcher downloads the signed stackql binary on first run, verifies its SHA-256, and caches it for subsequent runs.
uvx / pip (Python)
When to use: a Python environment - the same launcher packaged for Python, sharing the binary cache the npx launcher populates.
{ "mcpServers": { "stackql": { "command": "uvx", "args": ["stackql-mcp-server"] } } }
Or install it into the current environment with pip install stackql-mcp-server (Python 3.9+). The package is stackql-mcp-server on PyPI.
Docker
When to use: a containerised or otherwise isolated runtime. The image is multi-arch (amd64 and arm64).
docker run -i --rm stackql/stackql-mcp
As a client configuration:
{ "mcpServers": { "stackql": { "command": "docker", "args": ["run", "-i", "--rm", "stackql/stackql-mcp"] } } }
The image is stackql/stackql-mcp on Docker Hub.
CI and agentic workflows (GitHub Actions)
When to use: run the server inside a GitHub Actions job so an agent can query - and, if you allow it, act on - your cloud as part of CI.
stackql/setup-stackql-mcp@v1 installs the binary and writes an MCP config (defaulting to read_only mode). Pass that config to anthropics/claude-code-action through claude_args:
- id: stackql
uses: stackql/setup-stackql-mcp@v1
with:
auth: '{"github":{"type":"null_auth"}}'
- uses: anthropics/claude-code-action@v1
with:
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
prompt: |
Using stackql, list the public repositories in the stackql org and
summarise them as a markdown table.
claude_args: |
--mcp-config ${{ steps.stackql.outputs.mcp-config-file }}
--allowedTools 'mcp__stackql__*'
See the action README for more agentic recipes (cloud audits, cost estimates, and so on).
Embedded MCP
When to use: you are building an agentic app and want to vendor the MCP server into your own binary - no npx, no separate install, no runtime dependency.
Native libraries spawn the signed stackql binary over stdio behind each language's official MCP SDK client, so your app gets the same governed SQL interface to every provider in the registry. Each library defaults to read_only - escalation to a writable mode is always explicit - and can either download-and-verify the binary on first run or vendor it into your build for a single self-contained executable. The full per-language API is in the Embedded MCP reference.
- Rust
- Go
- Kotlin / JVM
- .NET
- Gleam
- Swift
The stackql-mcp crate spawns the binary behind an rmcp client. The default sidecar feature downloads and verifies the binary on first run; the vendored feature embeds it with include_bytes! for a single self-contained binary. MSRV Rust 1.88.
# Cargo.toml
stackql-mcp = "0.1"
use stackql_mcp::{Mode, StackqlMcp};
let server = StackqlMcp::builder()
.mode(Mode::ReadOnly)
.start()
.await?;
let tools = server.list_all_tools().await?;
Full reference: Embedded MCP: Rust.
The stackql-mcp-go library spawns the binary behind the official Go MCP SDK client. Vendor the binary with go:embed for a single self-contained binary, or let it download and verify on first run. Starts in read_only mode by default.
go get github.com/stackql/stackql-mcp-go
import (
"context"
stackqlmcp "github.com/stackql/stackql-mcp-go/embed"
)
client, err := stackqlmcp.StartServer(ctx, stackqlmcp.Options{
Binary: StackqlMCPBinary(),
})
defer client.Close()
Full reference: Embedded MCP: Go.
The io.stackql:stackql-mcp library spawns the binary behind the official Kotlin MCP SDK client, and a companion Gradle plugin wires the same launch into a build. Requires JDK 17 and Kotlin 2.x.
dependencies {
implementation("io.stackql:stackql-mcp:0.1.0")
}
import io.stackql.mcp.Mode
import io.stackql.mcp.StackqlMcp
val server = StackqlMcp.builder().mode(Mode.ReadOnly).start()
server.use {
val tools = server.client.listTools().tools
}
Full reference: Embedded MCP: Kotlin / JVM.
The StackQL.Mcp package spawns the binary behind the official C# MCP SDK client. Sidecar by default, or vendor the bundle as a build resource for a self-contained executable. Requires .NET 8 or later.
dotnet add package StackQL.Mcp
using StackQL.Mcp;
await using var server = await StackqlMcp.CreateBuilder()
.WithMode(StackqlMode.ReadOnly)
.StartAsync();
var tools = await server.ListToolsAsync();
Full reference: Embedded MCP: .NET / C#.
The stackql_mcp library targets the Erlang/BEAM runtime and exposes the server as an OTP child via child_spec(), so it can sit inside your own supervision tree. Starts in read_only mode by default.
gleam add stackql_mcp
import envoy
import stackql_mcp
let assert Ok(server) =
stackql_mcp.start(
config: stackql_mcp.default_config(),
home: "/home/u", os: "linux", arch: "x86_64",
getenv: envoy.get,
)
let assert Ok(tools) = stackql_mcp.list_tools(server)
Full reference: Embedded MCP: Gleam.
The stackql-mcp-swift package spawns the binary behind the official Swift MCP SDK client. The darwin-universal binary is Developer ID signed and Apple-notarised, so you can bundle it inside a signed .app and keep the app's notarisation valid. Requires macOS 13+ and Swift 6.1 (Xcode 16.3+).
// Package.swift
.package(url: "https://github.com/stackql/stackql-mcp-swift.git", from: "0.1.0")
import StackQLMCP
var options = Options()
options.mode = .readOnly
let server = try await StackQLServer.start(options)
let tools = try await server.listToolNames()
await server.stop()
Full reference: Embedded MCP: Swift.
Trust model
The same security properties hold across every channel:
- The embedded
stackqlbinary is Authenticode-signed (Windows) and Apple-notarised (macOS). - Every
.mcpbbundle ships with a published SHA-256 checksum on the release page. - The
npxanduvxlaunchers verify the downloaded binary's SHA-256 before first use. - The MCP Registry entry attests the per-platform hashes.
Using GitHub Actions
StackQL GitHub Actions are available for use in your GitHub Actions workflows. The following actions are available:
- stackql-deploy
- setup-stackql
- setup-stackql-mcp
- stackql-exec
- stackql-assert
stackql-deploy
Deploy or test infrastructure stacks using StackQL directly from your GitHub workflows. This action enables Infrastructure as Code (IaC) workflows using SQL-like syntax, allowing you to define, deploy, and manage cloud resources across multiple providers in a single workflow.
Example usage
...
jobs:
stackql-actions-test:
name: StackQL Actions Test
runs-on: ubuntu-latest
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} # add additional cloud provider creds here as needed
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Deploy a Stack
uses: stackql/stackql-deploy-action@v2
with:
command: 'build'
stack_dir: 'examples/k8s-the-hard-way'
stack_env: 'dev'
env_vars: |
GOOGLE_PROJECT=stackql-k8s-the-hard-way-demo
GOOGLE_REGION=australia-southeast1
setup-stackql
Setup StackQL in your GitHub Actions workflow.
Example usage
- name: setup StackQL
uses: stackql/setup-stackql@v2
with:
use_wrapper: true
- name: Use GitHub Provider
run: |
stackql exec -i ./examples/github-example.iql
env:
STACKQL_GITHUB_USERNAME: ${{ secrets.STACKQL_GITHUB_USERNAME }}
STACKQL_GITHUB_PASSWORD: ${{ secrets.STACKQL_GITHUB_PASSWORD }}
setup-stackql-mcp
Install the StackQL MCP server in your GitHub Actions workflow. The action installs the signed binary and writes an mcpServers config (defaulting to read_only mode) that an agentic step such as anthropics/claude-code-action consumes via claude_args.
Example usage
- id: stackql
uses: stackql/setup-stackql-mcp@v1
with:
auth: '{"github":{"type":"null_auth"}}'
- uses: anthropics/claude-code-action@v1
with:
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
prompt: |
Using stackql, list the public repositories in the stackql org and
summarise them as a markdown table.
claude_args: |
--mcp-config ${{ steps.stackql.outputs.mcp-config-file }}
--allowedTools 'mcp__stackql__*'
stackql-exec
Execute StackQL commands in your GitHub Actions workflow. Queries can be supplied in line or from a file in the repo.
Example usage
- name: exec github example
uses: stackql/stackql-exec@v2
with:
query: |
select total_private_repos
from github.orgs.orgs
where org = 'stackql'"
env:
STACKQL_GITHUB_USERNAME: ${{ secrets.STACKQL_GITHUB_USERNAME }}
STACKQL_GITHUB_PASSWORD: ${{ secrets.STACKQL_GITHUB_PASSWORD }}
stackql-assert
Perform unit tests in your GitHub Actions workflow (for assurance, governance or cloud security checks).
Example usage
- name: Use test query string and expected rows
uses: stackql/stackql-assert@v2
with:
test_query: |
SELECT name
FROM google.compute.instances
WHERE project = 'stackql-demo' AND zone = 'australia-southeast1-a' AND name = 'stackql-demo-001';
expected_rows: 1
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
Other Libraries
StackQL provides several integration methods that allow you for use in different programming languages and environments. These libraries extend StackQL's functionality, making it easy to incorporate cloud resource querying and management into your existing applications and workflows.
- pystackql
pystackql Python Package
Python wrapper to use StackQL in your Python programs. The pystackql package is available on PyPi, documentation for the pystackql package is available via Read the Docs. To install the pystackql package, run the following command:
pip install pystackql
The following example shows the pystackql package used along with pandas to run StackQL queries and return the results to a pandas.DataFrame:
from pystackql import StackQL
import pandas as pd
region = "ap-southeast-2"
stackql = StackQL()
query = """
SELECT instance_type, COUNT(*) as num_instances
FROM aws.ec2.instances
WHERE region = '%s'
GROUP BY instance_type
""" % (region)
res = stackql.execute(query)
df = pd.read_json(res)
print(df)