AWS MCP Server

# IAM Permissions for AWS MCP Server This document lists IAM permissions required for each tool category. Use **least-privilege** IAM policies. --- ## General Principles - Create a dedicated IAM user or role for the MCP server. - Use **read-only** actions only (`Describe*`, `List*`, `Get*`, `Lookup*`). - Never grant write/delete permissions for MCP tools. --- ## Service-Specific Permissions ### Identity & STS - `sts:GetCallerIdentity` ### S3 - `s3:ListAllMyBuckets` - `s3:GetBucketPolicyStatus` (if `check_public_access` is used) ### EC2 - `ec2:DescribeInstances`, `ec2:DescribeVpcs`, `ec2:DescribeSubnets`, `ec2:DescribeRouteTables` - `ec2:DescribeInternetGateways`, `ec2:DescribeNatGateways`, `ec2:DescribeSecurityGroups` - `ec2:DescribeVolumes`, `ec2:DescribeAddresses` ### IAM - `iam:ListUsers`, `iam:ListAccessKeys`, `iam:ListMFADevices` ### CloudTrail - `cloudtrail:LookupEvents` ### CloudWatch - `cloudwatch:DescribeAlarms`, `cloudwatch:GetMetricStatistics` ### CloudWatch Logs - `logs:DescribeLogStreams`, `logs:GetLogEvents`, `logs:FilterLogEvents` ### Cost Explorer - `ce:GetCostAndUsage`, `ce:GetCostForecast`, `ce:GetAnomalies` - `ce:GetSavingsPlansUtilization`, `ce:GetReservationUtilization` ### Budgets - `budgets:DescribeBudgets` ### GuardDuty - `guardduty:ListDetectors`, `guardduty:ListFindings`, `guardduty:GetFindings` ### Health - `health:DescribeEvents` ### ACM - `acm:ListCertificates`, `acm:DescribeCertificate` ### RDS - `rds:DescribeDBInstances` ### Lambda - `lambda:ListFunctions` ### Backup - `backup:ListBackupJobs` ### ELB - `elasticloadbalancing:DescribeLoadBalancers`, `elasticloadbalancing:DescribeTargetGroups` - `elasticloadbalancing:DescribeTargetHealth`, `elasticloadbalancing:DescribeListeners` - `elasticloadbalancing:DescribeRules` ### WAF - `wafv2:ListWebACLs`, `wafv2:ListIPSets`, `wafv2:GetIPSet`, `wafv2:GetSampledRequests` ### SNS - `sns:ListTopics` ### Route 53 - `route53:ListHostedZones`, `route53:ListResourceRecordSets` ### ECS - `ecs:ListClusters`, `ecs:DescribeClusters`, `ecs:ListServices`, `ecs:DescribeServices` ### EKS - `eks:ListClusters` ### Auto Scaling - `autoscaling:DescribeAutoScalingGroups`, `autoscaling:DescribeScalingActivities` ### CloudFront - `cloudfront:ListDistributions` ### Secrets Manager - `secretsmanager:ListSecrets` ### SSM - `ssm:DescribeParameters` ### CloudFormation - `cloudformation:ListStacks` ### DynamoDB - `dynamodb:ListTables` ### Support (Trusted Advisor) - `support:DescribeTrustedAdvisorChecks` (requires Business/Enterprise support plan) --- ## Example Policy (Read-Only, Full Coverage) ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sts:GetCallerIdentity", "s3:ListAllMyBuckets", "s3:GetBucketPolicyStatus", "ec2:Describe*", "iam:ListUsers", "iam:ListAccessKeys", "iam:ListMFADevices", "cloudtrail:LookupEvents", "cloudwatch:DescribeAlarms", "cloudwatch:GetMetricStatistics", "logs:DescribeLogStreams", "logs:GetLogEvents", "logs:FilterLogEvents", "ce:*", "budgets:DescribeBudgets", "guardduty:ListDetectors", "guardduty:ListFindings", "guardduty:GetFindings", "health:DescribeEvents", "acm:ListCertificates", "acm:DescribeCertificate", "rds:DescribeDBInstances", "lambda:ListFunctions", "backup:ListBackupJobs", "elasticloadbalancing:Describe*", "wafv2:ListWebACLs", "wafv2:ListIPSets", "wafv2:GetIPSet", "wafv2:GetSampledRequests", "sns:ListTopics", "route53:ListHostedZones", "route53:ListResourceRecordSets", "ecs:ListClusters", "ecs:DescribeClusters", "ecs:ListServices", "ecs:DescribeServices", "eks:ListClusters", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeScalingActivities", "cloudfront:ListDistributions", "secretsmanager:ListSecrets", "ssm:DescribeParameters", "cloudformation:ListStacks", "dynamodb:ListTables", "support:DescribeTrustedAdvisorChecks" ], "Resource": "*" } ] } ``` Narrow this further by removing actions for tools you do not use.