299,117 tools. Last updated 2026-07-14 18:37
"AWS Organizations" matching MCP tools:
- BATCH INSPECTION: run up to 32 AWS inspect probes in one call. ⚠️ **PREREQUISITE**: Same as awsinspect — deploy attempt required. Check convostatus for hasDeployAttempt=true before calling. Use this when you need to check more than ~3 resources. The backend fetches Oracle credentials ONCE per batch and fans out probes against a single AWS config — for a 12-resource health check this is ~5–8× faster and 12× fewer Oracle round-trips than calling awsinspect 12 times. BUDGETS: - Up to 32 sub-probes per call (subs array length). - 30s per-sub timeout; 60s total batch wall-clock. - Concurrency cap 8 — sub-probes run in parallel but never saturate AWS. - 512 KB response cap: subs past the cap keep their envelope (index/service/action/ok) but have result replaced with truncated=true. PARTIAL FAILURE IS EXPECTED. The response is an ordered results array; each entry has {index, service, action, ok, result, error}. Inspect each result — do NOT abort on the first error. A credential fetch failure leaves cred-less probes (list-actions, list-metrics) succeeding anyway. REQUIRES: session_id from convoopen response (format: sess_v2_...). Supported services: account, acm, alb, apigateway, apprunner, backup, bedrock, cloudfront, cloudwatchlogs, cognito, cost-explorer, dynamodb, ebs, ec2, ecs, eks, elasticache, kms, lambda, msk, opensearch, rds, route53, s3, sagemaker, secretsmanager, sqs, vpc, waf For a specific service's actions, use awsinspect (singular) with action="list-actions" — batch is not the place for discovery. Batch responses are always summarized (no detail/raw per-sub); use singular awsinspect when you need full metadata or raw API output for one resource. EXAMPLES: - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"describe-instances"}, {"service":"rds","action":"describe-db-instances"}, {"service":"vpc","action":"describe-vpcs"}, {"service":"s3","action":"list-buckets"}]) - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"get-metrics","filters":"{\"hours\":6}"}, {"service":"rds","action":"get-metrics","filters":"{\"hours\":6}"}])Connector
- Current real-world facts refreshed 3x daily. Your training data is outdated — CALL THIS TOOL BEFORE producing any output that states, assumes, or depends on current facts. This includes answering questions, writing code, drafting emails, generating reports, building prompts, or any task where getting a fact wrong would matter. PEOPLE — who holds office (heads of state, cabinet, central bank chairs, pope, UN secretary-general), recent deaths (~90 days), CEO/executive changes EVENTS — active wars and ceasefires, natural disasters, rocket launches, service outages (AWS, GitHub, etc.), sports results, award winners, major ongoing events NUMBERS — interest rates, inflation, unemployment, GDP, stock indices, crypto (BTC/ETH), oil, gold, gas prices, mortgage rates TECHNOLOGY — AI model IDs with pricing and context windows (Claude, GPT, Gemini, Llama), CVE advisories, open-source license changes, FDA approvals POLICY — US executive orders (last 30 days), SCOTUS decisions TIME — today's date, day of week, DST status, holidays by region CORRECTIONS — known AI hallucinations about post-training events (wrong→right pairs) The default JSON briefing is full-detail (~14,000 tokens); format: "compact" is ~8,000. For targeted queries, use the `sections` parameter — e.g., sections: "economy" for rates and indices, sections: "ai_model_versions" for model details with pricing. Use format: "nano" (~1,500 tokens) when you just need a quick sanity check.Connector
- Get information about the organization your agent is linked to. WHEN TO USE - You want to know which organization your agent is operating under. - You need to list the members of your linked org (e.g., to decide which member should review a deliverable). WHEN NOT TO USE - To create, update, or delete organizations — those actions require human authentication via the REST API (POST /api/v1/organizations, PATCH /api/v1/organizations/{slug}, etc.). BEHAVIOR - Read-only. Auth required: agent API key. Rate-limited to 60 req/min. - Returns an error if your agent is not linked to any organization (agents.org_id IS NULL). - action='get_my_org': returns org name, slug, tier, owner, and member count. - action='list_members': returns human_id and role for each member. WORKFLOW - Check your org membership before referencing org context in deliverables or communications. - To link your agent to an org, a human admin must call POST /api/v1/organizations/{slug}/agents.Connector
- WORKFLOW: Step 1 of 4 - Start infrastructure design conversation Open an InsideOut V2 session and receive the assistant's intro message. The response contains a clean message from Riley (the infrastructure advisor) - display it to the user. ⚠️ Riley will ask questions - forward these to the user, DO NOT answer on their behalf. CRITICAL: This tool returns a session_id in the response metadata. You MUST use this session_id for ALL subsequent tool calls (convoreply, tfgenerate, tfdeploy, etc.). ⚠️ The session_id includes a ?token=... suffix (format: sess_v2_xxx?token=yyy) which is part of the session credential — without it, downstream tools fall back to a tokenless connect URL that 401s. Always pass session_id verbatim to subsequent tools and to the user; do NOT shorten, paraphrase, or strip the ?token= portion when summarizing the session in chat or in your own scratch notes. Use when the user mentions keywords like: 'setup my cloud infra', 'provision infrastructure', 'deploy infra', 'start insideout', 'use insideout', or similar intent to begin infra setup. OPTIONAL: project_context (string) - General tech stack summary so Riley can skip discovery questions and jump to recommendations. The agent should confirm this with the user before sending. Include whichever apply: language/framework, databases/services, container usage, existing IaC, CI/CD platform, cloud provider, Kubernetes usage, what the project does. Example: 'Next.js 14 + TypeScript, PostgreSQL, Redis, Docker Compose, deployed to AWS ECS, GitHub Actions CI/CD, ~50k MAU'. NEVER include credentials, secrets, API keys, PII, source code, or internal URLs/IPs -- only general metadata summaries useful to a cloud architect agent. IMPORTANT: source (string) - You MUST set this to identify which IDE/tool you are. Auto-detect from your environment: 'claude-code', 'codex', 'antigravity', 'kiro', 'vscode', 'web', 'mcp'. If unsure, use the name of your IDE/tool in lowercase. Do NOT omit this — it controls the 'Open {IDE}' button on the credential connect screen. OPTIONAL: github_username (string) - GitHub username for deploy commit attribution. Pre-populates the GitHub username field on the connect page. 💡 TIP: Examine workflow.usage prompt for more context on how to properly use these tools.Connector
- BATCH INSPECTION: run up to 32 AWS inspect probes in one call. ⚠️ **PREREQUISITE**: Same as awsinspect — deploy attempt required. Check convostatus for hasDeployAttempt=true before calling. Use this when you need to check more than ~3 resources. The backend fetches Oracle credentials ONCE per batch and fans out probes against a single AWS config — for a 12-resource health check this is ~5–8× faster and 12× fewer Oracle round-trips than calling awsinspect 12 times. BUDGETS: - Up to 32 sub-probes per call (subs array length). - 30s per-sub timeout; 60s total batch wall-clock. - Concurrency cap 8 — sub-probes run in parallel but never saturate AWS. - 512 KB response cap: subs past the cap keep their envelope (index/service/action/ok) but have result replaced with truncated=true. PARTIAL FAILURE IS EXPECTED. The response is an ordered results array; each entry has {index, service, action, ok, result, error}. Inspect each result — do NOT abort on the first error. A credential fetch failure leaves cred-less probes (list-actions, list-metrics) succeeding anyway. REQUIRES: session_id from convoopen response (format: sess_v2_...). Supported services: account, acm, alb, apigateway, apprunner, backup, bedrock, cloudfront, cloudwatchlogs, cognito, cost-explorer, dynamodb, ebs, ec2, ecs, eks, elasticache, kms, lambda, msk, opensearch, rds, route53, s3, sagemaker, secretsmanager, sqs, vpc, waf For a specific service's actions, use awsinspect (singular) with action="list-actions" — batch is not the place for discovery. Batch responses are always summarized (no detail/raw per-sub); use singular awsinspect when you need full metadata or raw API output for one resource. EXAMPLES: - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"describe-instances"}, {"service":"rds","action":"describe-db-instances"}, {"service":"vpc","action":"describe-vpcs"}, {"service":"s3","action":"list-buckets"}]) - awsinspect_batch(session_id=..., subs=[ {"service":"ec2","action":"get-metrics","filters":"{\"hours\":6}"}, {"service":"rds","action":"get-metrics","filters":"{\"hours\":6}"}])Connector
- Find grantmakers that have ACTUALLY funded organizations LIKE the caller's, using the real 7.5M-edge who-funds-whom grant graph (IRS 990-PF, 2022-2026). This is the strongest free-tier prospecting move: collaborative-filtering peer prospecting, distinct from search_funders (name/topic lookup) and search_open_grants (active RFPs). HOW IT WORKS: for each peer organization, it looks up every foundation that granted to that peer, then merges funders across peers. A funder that gave to several of your peers ranks highest. Every result carries real grant evidence — which peers the funder funded and for how much. INPUTS (provide one): - peer_orgs (PREFERRED): names or 9-digit EINs of organizations LIKE the one you're raising for — peers, aspirational orgs, or orgs with a similar mission. The graph is keyed by recipient EIN, so naming real peers yields the sharpest evidence. Up to 12 are used. - org_description: a plain-language description of the nonprofit (mission, cause, who it serves). Fallback that resolves well-funded peers by keyword over the IRS BMF; prefer peer_orgs when you can name a few peers. RECOMMENDED WORKFLOW: establish the org's mission/cause, then name 2-5 peer organizations and call this tool. Deepen any candidate with get_funder_profile / get_foundation_grants (pass the returned ein).Connector
Matching MCP Servers
- AlicenseAqualityDmaintenanceProvides tools to access AWS documentation, search for content, and get recommendations for both global and China AWS regions.Last updated3Apache 2.0
- AlicenseAqualityDmaintenanceEnables access to AWS documentation through natural language by fetching and converting documentation pages to markdown, searching AWS docs, and getting content recommendations for AWS service documentation.Last updated3Apache 2.0
Matching MCP Connectors
The AWS Knowledge MCP server is a fully managed remote Model Context Protocol server that provides real-time access to official AWS content in an LLM-compatible format. It offers structured access to AWS documentation, code samples, blog posts, What's New announcements, Well-Architected best practices, and regional availability information for AWS APIs and CloudFormation resources. Key capabilities include searching and reading documentation in markdown format, getting content recommendations, listing AWS regions, and checking regional availability for services and features.
- mailopolyOAuth
Your unified inbox — everything that reaches you, understood and actionable from your AI assistant.
- AWS resource availability per region. - Max 10 regions; multi-region needs `filters`; single-region supports `next_token`. - Status: isAvailableIn | isNotAvailableIn | isPlannedIn | Not Found. - Response key: products | service_apis | cfn_resources. Not for region counts/docs/vague queries -- use `search_documentation` / `list_regions`. Filter values must EXACTLY match AWS's catalog names; guessed, partial, or pluralized names are rejected ("values in filter parameter do not exist"). If unsure of the exact name, first call once for a single region with resource_type set and NO filters to list all valid names, then re-call filtering on the exact match.Connector
- Fetch full AWS doc pages as markdown. `search_documentation` already returns verbatim page chunks, so don't re-read a URL whose chunk you already have to "confirm" or "round out" an answer -- the chunk is the real page text; treat it as authoritative. Reading the full page is justified ONLY when the chunks genuinely lack the content: - an enumeration or aggregation ("list all X", "how many X") needs the complete set and the chunks show only part of it; - no search result is on-topic after refining the query, and a known doc URL would have the answer. Otherwise, answer from the chunks. Use exact URLs from `search_documentation`; don't guess slugs. Input: `requests: [{url, max_length?, start_index?}]`. Batch 2-5. - `max_length` default 10000. - `start_index` default 0; use prior `end_index` to continue, TOC offset to jump. Allow-listed prefixes: docs.aws.amazon.com; aws.amazon.com (not /marketplace); repost.aws/knowledge-center; docs.amplify.aws; ui.docs.amplify.aws; github.com/{aws-cloudformation/aws-cloudformation-templates, aws-samples/{aws-cdk-examples, generative-ai-cdk-constructs-samples, serverless-patterns}, awsdocs/aws-cdk-guide, awslabs/aws-solutions-constructs, cdklabs/cdk-nag} (README on `main`); constructs.dev/packages/{@aws-cdk-containers, @aws-cdk, @cdk-cloudformation, aws-analytics-reference-architecture, aws-cdk-lib, cdk-amazon-chime-resources, cdk-aws-lambda-powertools-layer, cdk-ecr-deployment, cdk-lambda-powertools-python-layer, cdk-serverless-clamscan, cdk8s, cdk8s-plus-33}; strandsagents.com/latest/documentation/docs/. Output: SUCCESS -- markdown + `total_length, start_index, end_index, truncated, redirected_url?` (truncated includes TOC with char ranges). ERROR -- `error_code` in {not_found, invalid_url, throttled, downstream_error, validation_error}.Connector
- AWS docs search. Each result's `context` is verbatim page text -- a real chunk of the actual page, not a short snippet -- and usually already contains the answer, so answer directly from it. Use `read_documentation` only when the chunks genuinely lack the needed detail. Pick ONE topic. Add a 2nd ONLY if query genuinely spans domains. Extra topics dilute ranking. - reference_documentation -- API/SDK/CLI specs, config params - current_awareness -- new/released/announced - troubleshooting -- errors, "how to fix" (NOT for conceptual/feature questions) - amplify_docs -- Amplify (+ language) - cdk_docs -- CDK concepts/guides - cdk_constructs -- CDK code samples, L3 - cloudformation -- CFN/SAM templates - strands_docs -- Strands Agents SDK (its Skills/agents concepts go here, NOT agent_skills) - agent_skills -- this tool's guided skills (load via `retrieve_skill`) - general (default) -- architecture, best practices, tutorials, feature behavior Results: rank_order (lower=better), url, title, context (verbatim page chunk -- answer directly from it).Connector
- Find cross-provider equivalents for a diagram node by infrastructure role. Given a node name (e.g. 'EC2', 'Lambda', 'ComputeEngine'), returns the infrastructure role category it belongs to and the equivalent nodes from other providers. If a node name is ambiguous, use list_categories to see all mapped roles and pick a provider-specific node name. Args: node: Node class name to look up (case-insensitive, e.g. 'EC2', 'lambda'). target_provider: Optional provider to filter equivalents to (e.g. 'gcp', 'azure', 'aws'). If omitted, all equivalents across all other providers are returned. Returns: A dict with keys: category (str): Infrastructure role category name. description (str): Human-readable description of the category. source (dict): The matched node with keys node, provider, service, import. equivalents (list[dict]): Equivalent nodes, each with keys node, provider, service, import.Connector
- Unified search across the registry and release content. Returns up to four sections — organizations, catalog entries (products + standalone sources folded into one list), curated collections (cross-org playlists), and releases with CHANGELOG chunks interleaved by relevance. Use `type` to narrow the surfaces you want and skip the expensive paths. For example, pass `type: ['catalog']` to look up a known entity by name (fast, registry-only); pass `type: ['releases']` when you only care about release content and want to avoid entity lookups. Omit `type` to search all four. Collections surface via two paths: a direct match on the collection's name/description (lexical in every mode, plus a vector match in hybrid/semantic mode) and a member rollup that includes every collection containing one of the matched orgs. Member rollups carry a list of result-set org slugs that triggered the rollup so a UI can render an "includes X" hint. Use `entity` (product slug / prod_ id OR source slug / src_ id) to scope release results to one catalog entry. Product identifiers expand to every source under the product. Use `organization` to scope to a whole org. Release retrieval defaults to hybrid (FTS5 + semantic vectors fused via RRF); it silently degrades to lexical when vector infra is unavailable and flags the result.Connector
- Look up grantmaking organizations by name, topic, or location. This tool searches 174K+ grantmaking organizations from IRS data using organization names plus grant-purpose/topic signals. Use it when you know the funder's name, want aligned funders for a cause area, or want to browse by location/size/NTEE code. Multi-word searches are ranked by relevance; simple browse/name fallback results are ordered by total assets. IMPORTANT: Use search_open_grants when the user needs active grant programs or RFPs. search_funders is for finding aligned grantmakers, including ones that may fund by relationship, LOI, or annual cycle rather than a live call.Connector
- Public mode returns FS AI RMF framework reference data only — not org-specific scoring. Use when assessing an organization FS AI RMF governance maturity stage or preparing a regulatory AI roadmap presentation. Returns INITIAL, MINIMAL, EVOLVING, or EMBEDDED classification with stage criteria and remediation priorities. Example: EVOLVING stage organizations have documented AI policies but lack systematic model validation — typical gap to EMBEDDED is 18-24 months and 12-15 additional controls. Connect org MCP for org-specific scoring. Source: FS AI Risk Management Framework.Connector
- INSPECTION: Inspect AWS infrastructure for a deployed project ⚠️ **PREREQUISITE**: This tool requires a prior deployment ATTEMPT (successful or failed). Check convostatus for hasDeployAttempt=true before calling. Works even after failed deploys to inspect orphaned resources. Inspect deployed AWS resources after a deployment attempt. Use this tool when the user asks about the status or details of their deployed infrastructure. It fetches temporary read-only credentials securely and queries the AWS API directly. RESPONSE TIERS (default is summary for token efficiency): - Summary (default): Key fields only (~500 tokens). Set detail=false, raw=false or omit both. - Detail: Full metadata for a specific resource. Set detail=true + resource filter. - Raw: Complete unprocessed API response. Set raw=true. REQUIRES: session_id from convoopen response (format: sess_v2_...). Supported services: account, acm, alb, apigateway, apprunner, backup, bedrock, cloudfront, cloudwatchlogs, cognito, cost-explorer, dynamodb, ebs, ec2, ecs, eks, elasticache, kms, lambda, msk, opensearch, rds, route53, s3, sagemaker, secretsmanager, sqs, vpc, waf For a specific service's actions, call with action="list-actions". METRICS: Use list-metrics to discover available metrics for a service (no credentials needed). Then use get-metrics to retrieve data (auto-discovers resources). Most services return CloudWatch time-series. KMS returns key health (rotation, state). SecretsManager returns secret health (rotation, last accessed/rotated). Optional filters JSON: {"hours":6,"period":300}. BILLING: Use service=cost-explorer to inspect AWS costs. Actions: get-cost-summary (last 30 days by service, filters: {"days":7,"granularity":"DAILY"}), get-cost-forecast (projected spend through end of month), get-cost-by-tag (costs grouped by tag, filters: {"tag_key":"Environment","days":30}). Requires ce:GetCostAndUsage and ce:GetCostForecast IAM permissions. EXAMPLES: - awsinspect(session_id=..., service="ec2", action="describe-instances") - awsinspect(session_id=..., service="cost-explorer", action="get-cost-summary") - awsinspect(session_id=..., service="ec2", action="get-metrics", filters="{\"hours\":6}") - awsinspect(session_id=..., service="rds", action="describe-db-instances", detail=true)Connector
- Search the NPPES NPI registry for individual practitioners and healthcare organizations by name, organization name, location, provider type, and specialty. The specialty filter accepts plain-language terms (e.g. "cardiologist", "pediatric cardiologist") and resolves them through the bundled NUCC taxonomy to the registry's exact taxonomy descriptions before searching; the resolved taxonomy is echoed back so you can see what was actually searched. Pass location as the dedicated city/state/postal_code inputs, not inside specialty. Returns a compact row per provider — NPI, name, primary specialty, city/state/ZIP, type, and active/deactivated status — suitable for disambiguation; call npi_get_provider with an NPI for the full record. At least one search criterion is required, and the registry rejects state-only searches (pair state with another filter). The registry does not treat location as a hard filter for specialty searches, so location-constrained results are post-filtered server-side to the requested city/state/postal_code. The registry never reports a true match total and only the first 1200 matches are reachable, so broad queries are capped — narrow with more filters.Connector
- Search 1.8M+ IRS-recognized tax-exempt organizations by name, keyword, city, or phrase. Optionally narrow by US state, NTEE major sector (1–10), or 501(c) subsection type. Returns EINs — pass them to nonprofit_get_organization or nonprofit_get_filings for details. Results are paginated at 25 per page; use the page parameter and num_pages to paginate. Total results cap at 10,000 in the API; if total_results === 10000 the actual count may be higher. Supports quoted phrases ("Red Cross"), required terms (+evanston), excluded terms (-dental). Data from ProPublica Nonprofit Explorer, sourced from IRS Form 990 filings.Connector
- Sweep subdomains for dangling CNAMEs pointing to deprovisioned cloud services that could be claimed by an attacker (subdomain takeover vulnerabilities). Detects 16 provider families (AWS S3/CloudFront, Azure Front Door/CDN/Blob/App Service, GCP Cloud Storage, Heroku, GitHub Pages, Vercel, Firebase, Shopify, etc.). Use when asked if subdomains are pointing to deprovisioned cloud services. Pair with discover_subdomains for full inventory.Connector
- Create a NEW architecture diagram from a graph that YOU author, and get back a shareable, editable canvas URL plus a rendered SVG and Mermaid. You produce only the SEMANTICS — nodes, the groups (VPC/cluster/...) they live in, and the directed edges between them. You do NOT lay anything out: never send x/y/position/pinned. A deterministic layout engine computes all geometry and an icon layer picks the pictures from each node's kind. kind.catalog is one of aws | gcp | azure | k8s | saas | generic, each with rich per-catalog kind.types (e.g. aws:lambda, gcp:bigquery, azure:cosmos_db, k8s:deployment, saas:kafka): - "aws" (api_gateway, lambda, s3, rds, dynamodb, sqs, bedrock, kinesis, fargate, eventbridge, aurora, ...). - "gcp" (compute_engine, gke, cloud_run, cloud_sql, spanner, firestore, bigquery, pubsub, dataflow, vertex_ai, ...). - "azure" (virtual_machine, aks, app_service, functions, blob_storage, sql_database, cosmos_db, service_bus, event_hubs, key_vault, ...). - "k8s" (pod, deployment, statefulset, daemonset, job, cronjob, service, ingress, configmap, secret, hpa, ...). - "saas" for hosted third-parties (redis, postgresql, mysql, mongodb, kafka, stripe, twilio, auth0, github, cloudflare, ...). - "generic" primitive when nothing branded fits: service, database, cache, queue, user, external_system, storage, gateway, function, note. - "generic" FLOWCHART kinds for processes/flowcharts: process, decision, terminator, data, document, subprocess. edge.kind is one of: request, response, async_event, data_flow, dependency, network, generic. WORKED EXAMPLE — a user hitting an API in a VPC that talks to Postgres: { "title": "Web API", "domain": "cloud_architecture", "graph": { "groups": [{ "id": "g_vpc", "label": "VPC", "type": "vpc" }], "nodes": [ { "id": "n_user", "label": "User", "kind": { "catalog": "generic", "type": "user" } }, { "id": "n_api", "label": "API", "kind": { "catalog": "aws", "type": "api_gateway" }, "parentId": "g_vpc" }, { "id": "n_db", "label": "Postgres", "kind": { "catalog": "aws", "type": "rds" }, "parentId": "g_vpc" } ], "edges": [ { "id": "e1", "source": "n_user", "target": "n_api", "kind": "request" }, { "id": "e2", "source": "n_api", "target": "n_db", "kind": "data_flow" } ] } } Returns { diagramId, url, svg, mermaid, version }. Give the user the url — opening it shows the same diagram on an editable canvas (anonymous; it's theirs to claim by signing in). To change the diagram afterwards, use get_diagram then edit_diagram.Connector
- Recover the native pixel grid from enlarged, softened, AI-rendered, or compressed pixel art. Standard uses the native Rust detector. Neural uses the neural reconstruction engine and accepts optional target width and height values. This repairs existing art—it does not generate a new image. Both engines are free and share a limit of 10 requests per minute per API token. Successful response JSON is limited to 850,000 bytes for AWS ALB compatibility.Connector
- List all organizations the authenticated user belongs to, with their role in each. Use switch_active_org to change which one MCP acts on.Connector