Model Context Protocol (MCP) server for AWS - comprehensive AWS CLI wrapper
Project description
AWS MCP Server
A Python Model Context Protocol (MCP) server that lets MCP-compatible clients inspect and operate AWS through the AWS CLI. It supports command execution with validation, command suggestions, AWS region lookup, and caller identity checks.
Features
- Execute AWS CLI commands without shell expansion, preserving quoted arguments with shell-style parsing
- Suggest common AWS CLI commands from natural language requests
- Return available AWS regions
- Return the current caller identity
- Support stdio transport for local MCP clients
- Validate configuration and write logs to stderr plus a local log file
Safety Model
This server can execute AWS CLI commands using the credentials available to the process. It blocks shell operators by using subprocess.run(..., shell=False) and flags destructive-looking commands, but it cannot replace IAM least privilege or human review. Use scoped AWS profiles or roles, prefer non-production accounts for testing, and keep destructive commands on manual approval in your MCP client.
Requirements
- Python 3.12+
- AWS CLI v2 installed and available on
PATH - AWS CLI authentication configured and configuration through an AWS profile, IAM Identity Center/SSO, environment variables, an IAM role, or another AWS-supported credential provider
- MCP-compatible client such as Claude Desktop, Cursor, VS Code, or another MCP host
Installation
When published to PyPI, install or run the server like a standard Python MCP package:
uvx mdev-aws-mcp-server
For local development from source:
git clone https://github.com/musaddiq-dev/aws-cli-mcp-server.git
cd aws-cli-mcp-server
python -m venv .venv
source .venv/bin/activate
pip install -e .
Configuration
Before running this server, install the AWS CLI using the official AWS CLI install guide, then configure credentials using the official AWS CLI sign-in guide and AWS CLI configuration guide. AWS recommends short-term credentials where possible; avoid long-term IAM user keys unless your use case requires them.
Copy the example environment file and adjust values as needed.
cp .env.example .env
| Variable | Description | Default |
|---|---|---|
AWS_REGION |
Default AWS region | us-east-1 |
AWS_PROFILE |
AWS credentials profile | default |
AWS_MCP_WORKING_DIR |
Working directory for file operations | /tmp/aws-mcp-work |
AWS_MCP_REQUIRE_CONFIRMATION |
Emit warnings for destructive-looking operations | true |
AWS_MCP_LOG_LEVEL |
Application log level | INFO |
Running
mdev-aws-mcp-server
From a local checkout before PyPI publication, run:
python -m aws_mcp_server.server
MCP Client Configuration
Use an absolute path to the installed console script. MCP servers using stdio must write protocol messages only to stdout; this server writes logs to stderr and a local file under ~/.aws-mcp-server/logs.
{
"mcpServers": {
"aws": {
"command": "/absolute/path/to/aws-cli-mcp-server/.venv/bin/mdev-aws-mcp-server",
"args": [],
"env": {
"AWS_PROFILE": "default",
"AWS_REGION": "us-east-1"
}
}
}
}
Tools
| Tool | Purpose | Safety |
|---|---|---|
call_aws |
Execute an AWS CLI command | Can modify AWS resources |
suggest_aws_commands |
Suggest common AWS CLI commands | Read-only |
get_aws_regions |
List AWS regions | Read-only |
get_caller_identity |
Return current AWS identity | Read-only |
Development
pip install -e .
pip install -e '.[dev]'
pytest
ruff check .
ruff format .
pyright
Smoke Check
python -m py_compile src/aws_mcp_server/server.py src/aws_mcp_server/config.py src/aws_mcp_server/aws/executor.py
python -m pytest
Manual AWS check, if credentials are configured:
aws sts get-caller-identity
Distribution
This repository is prepared for the common Python MCP distribution path: publish the package to PyPI, keep the mcp-name marker at the top of this README for MCP Registry ownership verification, and publish server.json metadata with the GitHub repository. After release, users should prefer uvx mdev-aws-mcp-server in local MCP client configurations.
Security Notes
- Do not commit
.env, AWS credentials, profiles, access keys, or account-specific outputs. - Use least-privilege IAM permissions for the profile or role running this server.
- Keep
call_awson explicit manual approval in your MCP client. - Do not expose this server over a network without adding authentication, TLS, and network controls.
- Review generated command suggestions before executing them.
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mdev_aws_mcp_server-0.1.0.tar.gz.
File metadata
- Download URL: mdev_aws_mcp_server-0.1.0.tar.gz
- Upload date:
- Size: 12.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
30cb3ddd7b9db9356053561843b21aeba612ef987316a05af513fa9daffcef50
|
|
| MD5 |
de8a04f1f4a5c14f4075d76c13c858e3
|
|
| BLAKE2b-256 |
75d33498f12c9a1a4063c5cd5f1057edbd486e7db706ced7d3d36a835f6e798c
|
Provenance
The following attestation bundles were made for mdev_aws_mcp_server-0.1.0.tar.gz:
Publisher:
publish-pypi.yml on musaddiq-dev/aws-cli-mcp-server
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mdev_aws_mcp_server-0.1.0.tar.gz -
Subject digest:
30cb3ddd7b9db9356053561843b21aeba612ef987316a05af513fa9daffcef50 - Sigstore transparency entry: 1606151867
- Sigstore integration time:
-
Permalink:
musaddiq-dev/aws-cli-mcp-server@dc2d4564724226befdc9b5d861c5c10b8a1b6ed4 -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/musaddiq-dev
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@dc2d4564724226befdc9b5d861c5c10b8a1b6ed4 -
Trigger Event:
release
-
Statement type:
File details
Details for the file mdev_aws_mcp_server-0.1.0-py3-none-any.whl.
File metadata
- Download URL: mdev_aws_mcp_server-0.1.0-py3-none-any.whl
- Upload date:
- Size: 11.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
06816ecaf09e1bb5214e1ff90e0c5b4a2f310208b328b1737f5d3f5f2b6dbcf5
|
|
| MD5 |
96c94514b46649080b6029861a52bc1b
|
|
| BLAKE2b-256 |
51c31226b0ef323d941b3dc5ad3031216bd18aad6a8d36cdfb905113570c60ee
|
Provenance
The following attestation bundles were made for mdev_aws_mcp_server-0.1.0-py3-none-any.whl:
Publisher:
publish-pypi.yml on musaddiq-dev/aws-cli-mcp-server
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mdev_aws_mcp_server-0.1.0-py3-none-any.whl -
Subject digest:
06816ecaf09e1bb5214e1ff90e0c5b4a2f310208b328b1737f5d3f5f2b6dbcf5 - Sigstore transparency entry: 1606152062
- Sigstore integration time:
-
Permalink:
musaddiq-dev/aws-cli-mcp-server@dc2d4564724226befdc9b5d861c5c10b8a1b6ed4 -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/musaddiq-dev
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@dc2d4564724226befdc9b5d861c5c10b8a1b6ed4 -
Trigger Event:
release
-
Statement type:
