Cost Explorer MCP Server

fix_remaining_permissions.sh•3.22 kB

#!/bin/bash # Fix remaining Cost Explorer permissions for AgentCore Runtime execution role # This script adds the missing ce:GetTags permission set -e # Configuration EXECUTION_ROLE_ARN="arn:aws:iam::632930644527:role/AmazonBedrockAgentCoreSDKRuntime-us-west-2-cd46aaa99e" ROLE_NAME="AmazonBedrockAgentCoreSDKRuntime-us-west-2-cd46aaa99e" POLICY_NAME="CostExplorerMCPServerPolicy" REGION="us-west-2" echo "🔧 Updating Cost Explorer permissions to include ce:GetTags..." echo "Role: $ROLE_NAME" echo "Region: $REGION" # Create the updated Cost Explorer policy document with ce:GetTags cat > cost_explorer_policy_updated.json << 'EOF' { "Version": "2012-10-17", "Statement": [ { "Sid": "CostExplorerMCPServerPermissions", "Effect": "Allow", "Action": [ "ce:GetCostAndUsage", "ce:GetDimensionValues", "ce:GetReservationCoverage", "ce:GetReservationPurchaseRecommendation", "ce:GetReservationUtilization", "ce:GetUsageReport", "ce:ListCostCategoryDefinitions", "ce:GetRightsizingRecommendation", "ce:GetSavingsPlansUtilization", "ce:GetSavingsPlansCoverage", "ce:GetUsageForecast", "ce:GetCostForecast", "ce:DescribeCostCategoryDefinition", "ce:GetCostCategories", "ce:GetTagValues", "ce:GetTags" ], "Resource": "*" }, { "Sid": "CloudWatchLogsPermissions", "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents", "logs:DescribeLogGroups", "logs:DescribeLogStreams" ], "Resource": "arn:aws:logs:*:*:*" } ] } EOF echo "📋 Created updated Cost Explorer policy document with ce:GetTags" # Update the policy echo "🔄 Updating policy $POLICY_NAME..." aws iam put-role-policy \ --role-name "$ROLE_NAME" \ --policy-name "$POLICY_NAME" \ --policy-document file://cost_explorer_policy_updated.json \ --region "$REGION" echo "✅ Updated policy $POLICY_NAME with ce:GetTags permission" # Verify the policy was updated echo "🔍 Verifying policy update..." aws iam get-role-policy \ --role-name "$ROLE_NAME" \ --policy-name "$POLICY_NAME" \ --region "$REGION" \ --query 'PolicyDocument.Statement[0].Action' \ --output json echo "" echo "🎉 SUCCESS! Cost Explorer permissions updated with ce:GetTags" echo "" echo "📊 The following permissions are now granted:" echo " • All Cost Explorer API access (ce:*)" echo " • CloudWatch Logs access for monitoring" echo " • Tag-based cost allocation queries (ce:GetTags)" echo "" echo "🧪 Test the tag functionality:" echo " BEARER_TOKEN=\$BEARER_TOKEN python -c \" import asyncio from test_natural_language_scenarios import test_tag_values asyncio.run(test_tag_values()) \"" # Clean up temporary file rm -f cost_explorer_policy_updated.json echo "🔧 Permissions update complete!"

Loading blob content...

Latest Blog Posts

How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash
What is Streamable HTTP in MCP?
By punkpeye on January 2, 2026.
Streamable HTTP
What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/milan9527/CostExplorerMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

fix_remaining_permissions.sh•3.22 kB