AWS MCP Server

Instructions

Implementation Reference

• src/index.ts:812-844 (handler)

  Implementation of the list_s3_buckets tool handler. Uses S3Client to send ListBucketsCommand to list all buckets. Optionally, if check_public_access is true, checks each bucket's policy status using GetBucketPolicyStatusCommand to determine if public access is enabled.
  if (name === "list_s3_buckets") { const command = new ListBucketsCommand({}); const response = await s3Client.send(command); let buckets = response.Buckets?.map((b) => ({ Name: b.Name, CreationDate: b.CreationDate, IsPublic: undefined as boolean | undefined })) || []; if (args && (args as any).check_public_access) { buckets = await Promise.all(buckets.map(async (b) => { try { if (!b.Name) return b; const policyCmd = new GetBucketPolicyStatusCommand({ Bucket: b.Name }); const policyResponse = await s3Client.send(policyCmd); return { ...b, IsPublic: policyResponse.PolicyStatus?.IsPublic || false }; } catch (error) { // If checks fail (e.g. AccessDenied or no policy context), assume not public or unknown return { ...b, IsPublic: false }; } })); } return { content: [ { type: "text", text: JSON.stringify(buckets, null, 2), }, ], }; }
• src/index.ts:105-117 (registration)

  Registration of the list_s3_buckets tool in the list of available tools returned by ListToolsRequestHandler, including name, description, and input schema.
  { name: "list_s3_buckets", description: "Lists all S3 buckets in the AWS account.", inputSchema: { type: "object", properties: { check_public_access: { type: "boolean", description: "If true, checks if buckets have public access enabled." } }, }, },
• src/index.ts:108-116 (schema)

  Input schema definition for the list_s3_buckets tool, defining optional check_public_access parameter.
  inputSchema: { type: "object", properties: { check_public_access: { type: "boolean", description: "If true, checks if buckets have public access enabled." } }, },