AWS MCP Server

TOOLS.md•6.22 KiB

# AWS MCP Server – Tool Catalog All tools exposed by the AWS MCP server. Parameters use snake_case. --- ## Identity & Auth | Tool | Description | Parameters | |------|-------------|------------| | `get_aws_caller_identity` | Returns AWS IAM caller identity (user/role) to verify credentials | — | | `aws_health_check` | Verifies credentials and connectivity; use first to ensure MCP can reach AWS | — | | `get_iam_policy_for_tools` | Generates least-privilege IAM policy JSON for specified tools | `tool_names` (optional array) | | `estimate_cost` | Rough cost estimate for EC2, Lambda, RDS, S3 | `service` (required), `region`, `quantity`, `unit` | | `scan_secrets_risks` | Find Secrets Manager secrets needing attention (rotation, names) | `max_results` | ## Storage | Tool | Description | Parameters | |------|-------------|------------| | `list_s3_buckets` | Lists all S3 buckets | `max_results`, `check_public_access` (boolean) | ## Compute | Tool | Description | Parameters | |------|-------------|------------| | `list_ec2_instances` | Lists EC2 instances with ID, type, state, public IP | `region` (string): Optional region override | | `get_instance_details` | Detailed info for a specific EC2 instance | `instance_id` (required) | | `list_ecs_clusters` | Lists ECS clusters with status and task counts | `max_results` | | `list_ecs_services` | Lists services in an ECS cluster | `cluster` (required) | | `list_eks_clusters` | Lists EKS clusters | — | | `list_lambda_functions` | Lists Lambda functions | `region` (optional) | | `list_auto_scaling_groups` | Lists Auto Scaling Groups with capacity | — | | `list_scaling_activities` | Recent scaling activities for an ASG | `auto_scaling_group_name` (required) | ## Networking | Tool | Description | Parameters | |------|-------------|------------| | `list_vpcs` | Lists VPCs | `region` (optional) | | `list_subnets` | Lists subnets | `vpc_id` (optional) | | `list_route_tables` | Lists route tables | `vpc_id` (optional) | | `list_internet_gateways` | Lists internet gateways | — | | `list_nat_gateways` | Lists NAT gateways | `vpc_id` (optional) | | `list_security_groups` | Lists security groups | `vpc_id` (optional) | | `list_open_security_groups` | Security groups with 0.0.0.0/0 open | `ports` (optional array) | | `list_load_balancers` | Lists ALB/NLB | — | | `list_target_groups` | Lists target groups | `load_balancer_arn` (optional) | | `list_listener_rules` | Lists listener rules for an ALB | `load_balancer_arn` (required) | | `get_target_health` | Target health for a target group | `target_group_arn` (required) | ## Cost & Budget | Tool | Description | Parameters | |------|-------------|------------| | `get_recent_cost` | Daily costs for date range (default: last 7 days) | `start_date`, `end_date` (YYYY-MM-DD) | | `get_cost_by_service` | Costs by service for date range | `start_date`, `end_date` | | `get_cost_breakdown` | Cost by service or usage type | `start_date`, `end_date`, `service_name` (optional) | | `get_cost_forecast` | Cost forecast | `start_date`, `end_date` (required), `granularity`, `prediction_interval_level` | | `get_budget_details` | Lists budgets with status and spend | `account_id` (required) | | `get_cost_anomalies` | Cost anomalies from Cost Anomaly Detection | `start_date`, `end_date` (required) | | `get_savings_plans_utilization` | Savings Plans utilization | `start_date`, `end_date` (required) | | `get_reservation_utilization` | Reserved Instance utilization | `start_date`, `end_date` (required) | ## Monitoring & Logs | Tool | Description | Parameters | |------|-------------|------------| | `list_cloudwatch_alarms` | Lists CloudWatch alarms | `state` (OK, ALARM, INSUFFICIENT_DATA) | | `get_recent_logs` | Recent logs from a log group | `log_group_name` (required), `limit` | | `search_cloudwatch_logs` | Search logs with filter pattern | `log_group_name` (required), `filter_pattern`, `limit`, `hours`, `start_time`, `end_time` | | `get_metric_statistics` | CloudWatch metric statistics | `namespace`, `metric_name` (required), `dimensions`, `start_time`, `end_time`, `period`, `statistics` | ## Audit & Security | Tool | Description | Parameters | |------|-------------|------------| | `list_recent_cloudtrail_events` | Recent CloudTrail events | `limit`, `lookup_attribute_key`, `lookup_attribute_value` | | `list_cloudtrail_changes` | CloudTrail change events for a resource | `resource_id` OR `lookup_key`+`lookup_value`, `days` | | `list_access_denied_events` | Access denied events from CloudTrail | `limit` | | `list_iam_users` | Lists IAM users | `max_results` (1–1000, default 100) | | `list_users_without_mfa` | IAM users without MFA | — | | `list_old_access_keys` | Access keys older than threshold | `days` (default: 90) | | `list_expiring_certificates` | ACM certs expiring within days | `days` (default: 30) | | `list_guardduty_findings` | GuardDuty findings | `severity`, `limit` | | `list_web_acls` | WAF Web ACLs | `scope` (REGIONAL/CLOUDFRONT) | | `get_waf_sampled_requests` | Sampled WAF requests | `web_acl_arn`, `rule_metric_name`, `scope`, `time_window_seconds` | | `check_ip_in_waf` | Checks if IP is in WAF IP sets | `ip_address` (required) | ## Database & Storage | Tool | Description | Parameters | |------|-------------|------------| | `list_rds_instances` | Lists RDS instances | `region`, `tag_filter` ({ key, value? }) | | `list_dynamodb_tables` | Lists DynamoDB tables | `max_results` | | `list_unused_ebs_volumes` | Unattached EBS volumes | — | | `list_unassociated_eips` | Unassociated Elastic IPs | — | ## Other Services | Tool | Description | Parameters | |------|-------------|------------| | `list_backup_jobs` | Backup jobs (default: FAILED, last 24h) | `state`, `hours` | | `get_service_health` | AWS Health events (open/upcoming) | — | | `list_sns_topics` | SNS topics | — | | `list_record_sets` | Route53 records for a hosted zone | `hosted_zone_id` (required) | | `list_hosted_zones` | Route53 hosted zones | — | | `list_cloudfront_distributions` | CloudFront distributions | — | | `list_secrets` | Secrets Manager secrets | — | | `list_ssm_parameters` | SSM Parameters | — | | `list_cloudformation_stacks` | CloudFormation stacks | `max_results` | | `list_trusted_advisor_checks` | Trusted Advisor checks (requires Business/Enterprise support) | — |

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/SergioSediq/aws-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

TOOLS.md•6.22 KiB