Sumedh1599/aws-mcp-server
If you are the rightful owner of aws-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
The AWS Model Context Protocol (MCP) Server bridges Large Language Models (LLMs) like Claude with AWS services, enabling direct interaction with AWS resources.
AWS Model Context Protocol (MCP) Server
The AWS MCP Server provides a bridge between Large Language Models (LLMs) like Claude and your AWS services. It enables Claude to directly interact with your AWS resources including Lambda functions, S3 buckets, DynamoDB tables, API Gateway, CloudWatch logs, IAM policies, and Cost Explorer data.
Copyright © 2025 Sumedh Patil, Aipresso Limited UK
Features
- 🔍 Comprehensive AWS Access: Connect to and manage multiple AWS services
- 🤖 LLM Integration: Built for Claude and other MCP-compatible AI assistants
- 🧠 Contextual Understanding: Allows AI to understand your AWS environment
- 🔧 Direct Operations: Execute AWS operations based on natural language requests
- 📊 Resource Visualization: View and analyze your AWS resources easily
Supported AWS Services
This MCP server enables direct interaction with:
- Lambda: View functions, get code, and invoke functions
- S3: List buckets, read/write objects, manage permissions
- DynamoDB: Query tables, get/put items, scan data
- API Gateway: List APIs, view resources, create deployments
- CloudWatch: View logs, analyze metrics, create alarms
- IAM: Review roles, users, and policies with detailed permissions
- CodeBuild: Manage build projects and view build results
- Cost Explorer: Analyze costs, get forecasts, and track spending
Installation and Setup
Prerequisites
- Node.js 16+ and npm
- AWS account with appropriate permissions
- AWS CLI installed and configured
Step 1: Clone and Install Dependencies
# Clone the repository (or download and extract it)
git clone https://github.com/your-repo/aws-mcp-server.git
# Navigate to the project directory
cd aws-mcp-server
# Install dependencies
npm install
Step 2: Configure AWS Credentials
The MCP server uses your AWS credentials. Make sure you have configured them:
# Configure AWS CLI with your credentials
aws configure
Alternatively, you can set environment variables:
export AWS_ACCESS_KEY_ID=your-access-key
export AWS_SECRET_ACCESS_KEY=your-secret-key
export AWS_REGION=your-aws-region
Step 3: Set Up IAM Permissions
Create an IAM policy with the following permissions and attach it to your IAM user or role:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:ListFunctions",
"lambda:GetFunction",
"lambda:Invoke"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"dynamodb:ListTables",
"dynamodb:DescribeTable",
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:Query",
"dynamodb:Scan",
"dynamodb:DeleteItem"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::*/*",
"arn:aws:s3:::*"
]
},
{
"Effect": "Allow",
"Action": [
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"cloudwatch:GetMetricData",
"cloudwatch:ListMetrics",
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"apigateway:GET",
"apigateway:POST"
],
"Resource": "arn:aws:apigateway:*::/restapis*"
},
{
"Effect": "Allow",
"Action": [
"codebuild:ListProjects",
"codebuild:BatchGetProjects",
"codebuild:StartBuild",
"codebuild:BatchGetBuilds",
"codebuild:ListBuildsForProject"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ce:GetCostAndUsage",
"ce:GetCostForecast",
"ce:GetDimensionValues",
"ce:GetReservationUtilization"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"iam:ListRoles",
"iam:ListUsers",
"iam:ListPolicies",
"iam:GetRole",
"iam:GetUser",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:ListAttachedRolePolicies",
"iam:ListAttachedUserPolicies"
],
"Resource": "*"
}
]
}
Here's how to set up this policy:
- Open the AWS Management Console
- Navigate to IAM → Policies → Create policy
- Click on the JSON tab
- Copy and paste the policy above
- Click "Next", give it a name (e.g., "AWS-MCP-Server-Policy") and create the policy
- Attach this policy to your IAM user or role that will be running the MCP server
Step 4: Build and Run the Server
# Build the TypeScript project
npm run build
# Start the MCP server
npm run start
The server will start and listen for MCP requests from Claude or other MCP-compatible AI assistants.
Connecting to Claude
To connect this MCP server to Claude:
- Open Claude in your browser or app
- Go to Settings → Plugins/Tools
- Select "Add a custom MCP connection"
- Provide the URL where your MCP server is running
- Test the connection
- Once connected, Claude can now interact with your AWS services
Usage Examples
Once connected to Claude, you can make requests like:
# List Lambda functions
"Please show me all my Lambda functions"
# Get Lambda function code
"What's in my zip-and-patch-runner Lambda function?"
# List S3 buckets
"Show me all my S3 buckets"
# Query DynamoDB
"Can you get items from my Users table where the userId is 'user123'?"
# View CloudWatch logs
"Show me the recent logs for my payment-processor Lambda function"
# Analyze costs
"What were my AWS costs last month broken down by service?"
# View IAM policies
"Show me the permissions for the role named 'lambda-execution-role'"
Customizing the Server
Adding New AWS Services
To add support for additional AWS services:
- Create a new service module file in the
src/servicesdirectory - Define resources, tools, and prompts for the service
- Import and register the module in
src/index.ts - Rebuild with
npm run build
Configuration Options
The server can be configured by modifying:
- AWS SDK options in
src/utils/aws-config.ts - Server options in
src/index.ts - Service-specific configurations in their respective files
Troubleshooting
Common Issues
Permission Errors:
- Ensure your IAM policy includes all necessary permissions
- Check that your AWS credentials are correctly configured
Connection Issues:
- Verify your network allows the necessary connections
- Ensure the MCP server is properly exposed if running behind a firewall
AWS SDK Errors:
- Make sure you're using a compatible AWS SDK version
- Check region settings match your AWS resources
Logs
The server logs to standard output. You can redirect these to a file for debugging:
npm run start > mcp-server.log 2>&1
Security Considerations
- This server provides direct access to your AWS resources. Use appropriate IAM restrictions.
- Consider running in a VPC or private network to limit exposure.
- Regularly audit the IAM permissions to ensure they follow the principle of least privilege.
- Monitor usage to detect any unusual patterns.
Contributing
Contributions are welcome! Please feel free to submit pull requests with enhancements, bug fixes, or documentation improvements.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Copyright © 2025 Sumedh Patil, Aipresso Limited UK