Skip to main content
Glama
enesjakozh
alexei-led

AWS Model Context Protocol Server

by alexei-led
OverviewSchemaRelated ServersScoreDiscussions
Python
Hybrid

AWS MCP Server

CI PyPI Code Coverage Linter: Ruff Docker Image

Give Claude access to all 200+ AWS services through the AWS CLI.

Demo

Demo

Related MCP server: MCP2Lambda

What It Does

This MCP server lets Claude run AWS CLI commands on your behalf. Instead of wrapping each AWS API individually, it wraps the CLI itself—giving Claude complete AWS access through just two tools:

Tool

Purpose

aws_cli_help

Get documentation for any AWS command

aws_cli_pipeline

Execute AWS CLI commands with optional pipes (

jq

,

grep

, etc.)

Claude learns commands on-demand using --help, then executes them. Your IAM policy controls what it can actually do.

flowchart LR Claude[Claude] -->|MCP| Server[AWS MCP Server] Server --> CLI[AWS CLI] CLI --> AWS[AWS Cloud] IAM[Your IAM Policy] -.->|controls| AWS

Quick Start

Prerequisites

Claude Code

Add to your MCP settings (Cmd+Shift+P → "Claude: Open MCP Config"):

{ "mcpServers": { "aws": { "command": "uvx", "args": ["aws-mcp"] } } }

Claude Desktop

Add to your Claude Desktop config file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json Windows: %APPDATA%\Claude\claude_desktop_config.json

{ "mcpServers": { "aws": { "command": "uvx", "args": ["aws-mcp"] } } }

Docker (More Secure)

Docker provides stronger isolation by running commands in a container:

{ "mcpServers": { "aws": { "command": "docker", "args": [ "run", "-i", "--rm", "-v", "~/.aws:/home/appuser/.aws:ro", "ghcr.io/alexei-led/aws-mcp-server:latest" ] } } }

Note: Replace ~/.aws with the full path on Windows (e.g., C:\Users\YOU\.aws).

AWS Credentials

The server uses the standard AWS credential chain. Your credentials are discovered automatically from:

  1. Environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY

  2. Credentials file: ~/.aws/credentials

  3. Config file: ~/.aws/config (for profiles and region)

  4. IAM role: When running on EC2, ECS, or Lambda

To use a specific profile:

{ "mcpServers": { "aws": { "command": "uvx", "args": ["aws-mcp"], "env": { "AWS_PROFILE": "my-profile" } } } }

Configuration

AWS Settings

Environment Variable

Description

Default

AWS_PROFILE

AWS profile to use

default

AWS_REGION

AWS region (also accepts

AWS_DEFAULT_REGION

)

us-east-1

AWS_CONFIG_FILE

Custom path to AWS config file

~/.aws/config

AWS_SHARED_CREDENTIALS_FILE

Custom path to credentials file

~/.aws/credentials

Server Settings

Environment Variable

Description

Default

AWS_MCP_TIMEOUT

Command execution timeout in seconds

300

AWS_MCP_MAX_OUTPUT

Maximum output size in characters

100000

AWS_MCP_TRANSPORT

Transport protocol (

stdio

or

sse

)

stdio

AWS_MCP_SANDBOX

Sandbox mode (

auto

,

disabled

,

required

)

auto

AWS_MCP_SANDBOX_CREDENTIALS

Credential passing (

env

,

aws_config

,

both

)

both

Security

Your IAM policy is your security boundary. This server executes whatever AWS commands Claude requests—IAM controls what actually succeeds.

Best practices:

  • Use a least-privilege IAM role (only permissions Claude needs)

  • Never use root credentials

  • Consider Docker for additional host isolation

For detailed security architecture, see Security Documentation.

Documentation

License

MIT License — see LICENSE for details.

This server cannot be installed

-
security - not tested
A
license - permissive license
-
quality - not tested

How are these scores calculated?

Resources

Appeared in Searches

New MCP Servers

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/alexei-led/aws-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server