developer-toolsapi_key

Turbot Pipes

Turbot Pipes is an intelligence, automation, and security platform built specifically for DevOps, offering hosted Steampipe database instances, shared dashboards, snapshots, and more.

Verdict

Turbot Pipes is a cloud query platform for infrastructure data. This MCP lets your team query cloud resources, compliance state, and security posture directly from Switchy. @mention it to run SQL against AWS accounts, Azure subscriptions, Kubernetes clusters, or SaaS apps — without leaving chat. DevOps and security engineers get the most value: they can audit permissions, check resource drift, or pull inventory on demand. Setup requires an API key from your Pipes workspace; queries run against connections you've already configured there. Note that this MCP manages identity and tokens — the actual query execution happens in your Pipes environment.

Common use cases

Audit IAM permissions across AWS accounts
Check Kubernetes pod security policies in real time
List all public S3 buckets during incident response
Pull Azure resource inventory for compliance reports
Review active user tokens before offboarding

Integration

Vendor: Turbot Pipes
Category: developer-tools
Auth: API_KEY
Tools: 12
Composio slug: turbot_pipes

Tools

Delete User Token
destructive
Tool to delete a specific user token. use when you need to revoke a user's token after confirming handle and token id.
Get Authenticated Actor
Tool to retrieve the authenticated actor. use when you need details about the currently authenticated actor after obtaining a valid token.
Get Identity
Tool to retrieve a specific identity by handle. use when you need details of an identity by its handle after authenticating.
Get Identity Avatar
Tool to retrieve avatar image for an identity. use when you need to display or download the user's avatar after knowing their identity handle.
Get User Token
Tool to retrieve details of a specific user token. use when you need to inspect token metadata (e.g., creation time and scopes) after confirming the user handle and token id.
List Actor Activity
Tool to list activities for the authenticated actor. use when you need detailed activity logs with optional filtering and pagination.
List actor connections
Tool to list connections associated with the authenticated actor. use after confirming authentication to retrieve the actor's connection list.
List Actor Organizations
Tool to list organizations associated with the authenticated actor. use when you have a valid access token.
List Actor Workspaces
Tool to list workspaces for the authenticated actor. use when you need to retrieve all workspaces the actor has access to.
List Identities
Tool to list all identities. use when you need to retrieve identities with optional filtering, sorting, and pagination after authentication.
List User Notifiers
Tool to list all notifiers for a user. use when you need to view a user's configured notification endpoints.
Start login via Email
Tool to start login process by sending a confirmation code to a user's email. use when initiating a passwordless email login flow.

Setup

Setup guide

11. Open your Switchy workspace and navigate to Settings > Integrations > Developer Tools. 2. Click 'Connect' next to Turbot Pipes. 3. Log into your Turbot Pipes account at pipes.turbot.com and go to Settings > Tokens. 4. Generate a new API token with read access to the workspaces and connections you want Switchy to query. 5. Copy the token and paste it into the Switchy connection dialog, then click 'Authorize'. 6. Switchy will verify the token by fetching your authenticated actor details. 7. Once connected, open any Space and type '@Turbot Pipes list my connections' to confirm the integration works. 8. To run a query, @mention Turbot Pipes and reference a connection by handle — the MCP will route your request to the Pipes API and return results inline.

What teammates see: by default, memories from Turbot Pipes are scoped to the Space (PROJECT visibility) - you can mark any memory PRIVATE or share it ORG-wide.

Works well with

Top models

Compatibility data appears once enough Spaces have used this MCP together with a given model.

How Switchy teams use it

Not enough Spaces yet to publish anonymised usage stats (we require ≥ 50 Spaces per week).

Starter prompts

List My Connections

@Turbot Pipes show me all connections associated with my account, including their handles and status.

Open in a Space →

Check Active Tokens

@Turbot Pipes list all user tokens for my account, showing creation dates and scopes for each.

Open in a Space →

View My Organizations

@Turbot Pipes retrieve the organizations I'm a member of, including their handles and roles.

Open in a Space →

Review Recent Activity

@Turbot Pipes show my activity for the past 7 days, including timestamps and action types.

Open in a Space →

Get Actor Details

@Turbot Pipes retrieve details about the currently authenticated actor, including handle and permissions.

Open in a Space →

Example outputs

Illustrative - representative of the model's voice and quality, not literal recordings.

Prompt

@turbot-pipes list all my active connections and show me which ones haven't been used in the last 30 days

Output

Based on your authenticated actor profile, you have 8 active connections across AWS, Azure, and GitHub. Three connections appear unused recently: 'aws-prod-readonly' (last activity 47 days ago), 'azure-dev' (last activity 38 days ago), and 'github-archive' (last activity 62 days ago). The remaining 5 connections show regular activity within the past week. All connections are currently in 'ready' state with valid credentials.

Notes

This example demonstrates read-heavy querying of connection metadata paired with AI reasoning to identify stale resources. Requires valid API_KEY authentication. The MCP returns connection objects with timestamps; the AI performs the date comparison and filtering logic.

Prompt

@turbot-pipes revoke my token named 'ci-pipeline-token' — I rotated credentials and this one is no longer needed

Output

Token 'ci-pipeline-token' (ID: tkn_2a8f9b3c) has been successfully deleted from your account. This token was created 14 days ago and had read-only scope for pipeline queries. Any services still using this token will now receive 401 authentication errors. You can create a replacement token through the Turbot Pipes console if needed.

Notes

This showcases a destructive write operation with immediate side effects. The MCP permanently revokes the token — there's no undo. The user must know both their handle and the exact token ID. Use cautiously in shared Spaces where multiple teammates have access to the same Turbot Pipes account.

Prompt

@turbot-pipes pull my recent activity logs and summarize what queries I've been running most frequently this week

Output

Your activity log shows 47 query executions over the past 7 days. The most frequent pattern: 18 runs of AWS security group audits (checking for overly permissive ingress rules), followed by 12 compliance queries against Azure resource tags. You also ran 8 cost analysis queries on Monday morning and 5 GitHub repository scans on Wednesday. Peak activity occurred between 9-11 AM EST on weekdays. No failed authentications or error patterns detected.

Notes

This example pairs the List Actor Activity tool with AI synthesis to surface usage patterns. The MCP returns raw activity records (timestamps, query types, status codes); the AI aggregates and interprets trends. Useful for understanding your own query habits or auditing team usage when shared credentials are involved.

Use-case deep-dives

Security audit token rotation

When Turbot Pipes wins for quarterly access reviews

A 6-person DevOps team runs quarterly security audits where they rotate API tokens and review who has access to what. Turbot Pipes is the right call here because the MCP exposes token lifecycle tools (list, inspect, delete) alongside identity and organization lookups in one authenticated session. The team lead can script a Switchy workflow that pulls all user tokens, cross-references them with current org membership, and revokes stale credentials without switching contexts. The trade-off: if your audit process needs to span multiple cloud providers or non-Turbot infrastructure, this MCP only covers Turbot-managed identities. For teams running Turbot Pipes as their central control plane, this is the fastest path to compliance-ready token hygiene.

Onboarding checklist automation

When this MCP handles new-hire identity setup

A 12-person SaaS startup onboards engineers twice a month and needs to verify each new hire's Turbot identity, avatar, and org assignments before granting repo access. Turbot Pipes is a strong fit because the MCP's Get Identity and List Actor Organizations tools let the hiring manager confirm setup in a single Switchy prompt instead of logging into the Turbot console. The workflow: paste the new hire's handle, retrieve their identity and org list, screenshot the avatar for Slack, done in under a minute. The boundary: if your onboarding spans non-Turbot systems (GitHub teams, AWS IAM roles), you'll need a second MCP or manual steps. For Turbot-first shops, this collapses a 5-minute checklist into a 30-second AI query.

Post-incident activity forensics

When activity logs answer 'who did what when'

A 4-person platform team investigates a production incident where a misconfigured connection caused an outage. They need to trace which actor made the change and when. Turbot Pipes is the right tool because List Actor Activity returns timestamped logs with optional filters, and List Actor Connections shows the current connection state—all queryable through Switchy without SSHing into log aggregators. The team can ask 'show me all activity for actor X in the last 48 hours' and get a timeline in seconds. The limit: if the incident involves non-Turbot infrastructure (Kubernetes events, CloudWatch logs), this MCP only covers the Turbot layer. For teams where Turbot Pipes is the source of truth for infrastructure changes, this is the fastest route from alert to root cause.

Frequently asked

What does the Turbot Pipes MCP do in Switchy?

It connects Switchy to your Turbot Pipes account so AI agents can query infrastructure data, manage user tokens, and inspect activity logs. Agents can list your organizations and connections, retrieve identity details, and revoke tokens without leaving the chat. Think of it as giving your AI direct read-write access to Pipes metadata and authentication artifacts.

Do I need admin access to connect Turbot Pipes?

You need an API key with sufficient scopes to perform the operations you want. The MCP uses API_KEY authentication, so whoever generates the key determines what the AI can do. If you want agents to delete user tokens or list all organizations, the key must have those permissions in Pipes. Standard user keys won't work for admin-level operations.

Can the MCP run SQL queries against my Pipes workspaces?

No. The MCP focuses on identity, token, and activity management — not query execution. If you need to run SQL against your infrastructure data in Pipes, use the Pipes API directly or a dedicated query tool. This integration is for managing who has access and auditing what they've done, not for running dashboards or reports.

How is this different from using the Turbot Pipes web console?

The MCP lets AI agents perform token and identity operations conversationally, without switching contexts. Instead of logging into the Pipes console to revoke a token or check activity logs, you ask the AI in Switchy and it executes the API calls. Faster for routine ops, but the console still has richer visualizations and bulk-edit features.

Who on the team should connect this integration?

Whoever manages Turbot Pipes access and tokens — typically a platform engineer or security lead. The API key you provide determines what the AI can do, so the person connecting it should understand the blast radius of token deletion and identity inspection. Don't hand this to someone who doesn't already have Pipes admin responsibilities.