select-profile
Choose an AWS profile for initiating AWS interactions via MCP Server, with optional SSO authentication and region specification to streamline resource management.
Instructions
Selects AWS profile to use for subsequent interactions. If needed, does SSO authentication
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| profile | Yes | Name of the AWS profile to select | |
| region | No | Region to use (if not provided, us-east-1 is used) |
Implementation Reference
- index.ts:168-175 (handler)Handler logic for the 'select-profile' tool: parses input, retrieves credentials using getCredentials, updates global profile state variables, and returns a success message.} else if (name === "select-profile") { const { profile, region } = SelectProfileSchema.parse(args); const credentials = await getCredentials(profiles[profile], profile); selectedProfile = profile; selectedProfileCredentials = credentials; selectedProfileRegion = region || "us-east-1"; return createTextResponse("Authenticated!"); } else {
- index.ts:120-123 (schema)Zod schema used for input validation in the select-profile handler.const SelectProfileSchema = z.object({ profile: z.string(), region: z.string().optional(), });
- index.ts:90-108 (registration)Registration of the 'select-profile' tool in the ListTools response, including description and input schema definition.{ name: "select-profile", description: "Selects AWS profile to use for subsequent interactions. If needed, does SSO authentication", inputSchema: { type: "object", properties: { profile: { type: "string", description: "Name of the AWS profile to select", }, region: { type: "string", description: "Region to use (if not provided, us-east-1 is used)", }, }, required: ["profile"], }, },
- index.ts:214-232 (helper)Helper function to list all available AWS profiles from credentials and config files, used by select-profile handler.async function listCredentials() { let credentials: any; let configs: any; let error: any; try { credentials = new AWS.IniLoader().loadFrom({}); } catch (error) { error = `Failed to load credentials: ${error}`; } try { configs = new AWS.IniLoader().loadFrom({ isConfig: true }); } catch (error) { error = `Failed to load configs: ${error}`; } const profiles = { ...(credentials || {}), ...(configs || {}) }; return { profiles, error }; }
- index.ts:234-296 (helper)Core helper function for obtaining credentials for a profile, handling SSO authentication with device flow and browser opening if necessary.async function getCredentials( creds: any, profileName: string ): Promise<AWS.Credentials | AWS.SSO.RoleCredentials | any> { if (creds.sso_start_url) { const region = creds.region || "us-east-1"; const ssoStartUrl = creds.sso_start_url; const oidc = new AWS.SSOOIDC({ region }); const registration = await oidc .registerClient({ clientName: "chatwithcloud", clientType: "public" }) .promise(); const auth = await oidc .startDeviceAuthorization({ clientId: registration.clientId!, clientSecret: registration.clientSecret!, startUrl: ssoStartUrl, }) .promise(); // open this in URL browser if (auth.verificationUriComplete) { open(auth.verificationUriComplete); } let handleId: NodeJS.Timeout; return new Promise((resolve) => { handleId = setInterval(async () => { try { const createTokenReponse = await oidc .createToken({ clientId: registration.clientId!, clientSecret: registration.clientSecret!, grantType: "urn:ietf:params:oauth:grant-type:device_code", deviceCode: auth.deviceCode, }) .promise(); const sso = new AWS.SSO({ region }); const credentials = await sso .getRoleCredentials({ accessToken: createTokenReponse.accessToken!, accountId: creds.sso_account_id, roleName: creds.sso_role_name, }) .promise(); clearInterval(handleId); return resolve(credentials.roleCredentials!); } catch (error) { if ((error as Error).message !== null) { // terminal.error(error); } } }, 2500); }); } else { return useAWSCredentialsProvider(profileName); } }