MCP server for managing RosettaHUB user AWS cloud accounts via SOAP API

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for danielcregg from gravatar.com danielcregg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Daniel Cregg
  • Tags aws , classroom , cloud , education , mcp , model-context-protocol , rosettahub
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

rosettahub-mcp-server

An MCP server for managing RosettaHUB user AWS cloud accounts

CI PyPI Python License Coverage

RosettaHUB is a platform used by educators to provision and manage user AWS cloud environments. This MCP server wraps the RosettaHUB SOAP API into 16 tools and 2 resources, letting AI assistants like Claude manage user accounts through natural language.

Example: "Show me which users have used over 80% of their budget" or "Run aws ec2 describe-instances across all user accounts"

Quick Start

Install

pip install rosettahub-mcp-server

Configure

export RH_API_KEY="your-rosettahub-api-key"
export RH_ORG="Your-Org-Name"

Add to Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "rosettahub": {
      "command": "uvx",
      "args": ["rosettahub-mcp-server"],
      "env": {
        "RH_API_KEY": "your-api-key",
        "RH_ORG": "Your-Org-Name"
      }
    }
  }
}

Add to Claude Code

claude mcp add rosettahub -e RH_API_KEY=your-key -e RH_ORG=Your-Org -- rosettahub-mcp-server

Tools

Account & API Info

Tool Description
test_connection Test the API connection and return authenticated user info
list_accounts List your own RosettaHUB cloud accounts
list_user_accounts List all user accounts with budget details
list_users List all federated users in the organization
list_api_methods List all available RosettaHUB SOAP API methods

AWS Execution

Tool Description
aws_exec Run an AWS CLI command across all user accounts
aws_exec_user Run an AWS CLI command on one user's account
ec2_list List EC2 instances across all user accounts
get_sts_credentials Get temporary AWS STS credentials for a user
get_console_url Get a sign-in URL for a user's AWS Console

Budget Management

Tool Description
budget_status Show budget, spending, and remaining balance for all users
budget_transfer Transfer budget to all user accounts
budget_transfer_user Transfer budget to one user's account

Access Control

Tool Description
quarantine_user Quarantine a user (restrict cloud access)
unquarantine_user Unquarantine a user (restore cloud access)
set_allowed_regions Set which AWS regions a user can use

Resources

URI Description
rosettahub://users JSON list of current user logins
rosettahub://budget-summary JSON budget data for all users

Configuration

Environment Variable Required Default Description
RH_API_KEY Yes Your RosettaHUB API key
RH_ORG Yes Your RosettaHUB organization name
RH_AWS_REGION No eu-west-1 Default AWS region for commands
RH_WSDL_URL No RosettaHUB public API Override WSDL endpoint URL

Security

  • Command validation — All AWS commands must start with aws to prevent arbitrary execution
  • Region validation — Region parameters are validated against AWS format to prevent flag injection
  • No shell injection — Commands run with shell=False using shlex.split()
  • Subprocess timeout — AWS CLI calls are capped at 60 seconds to prevent hung processes
  • Minimal subprocess environment — Only AWS credentials and PATH are passed to child processes
  • Temporary credentials — AWS access uses short-lived STS sessions (1 hour default), never long-term keys
  • Logging to stderr — stdout is reserved for MCP JSON-RPC transport

Architecture

src/rosettahub_mcp_server/
├── server.py        # FastMCP instance and entry point
├── config.py        # Environment variable loading
├── client.py        # Singleton SOAP client (zeep)
├── types.py         # TypedDict return types
├── tools/
│   ├── account_tools.py    # 5 account/API info tools
│   ├── aws_tools.py        # 5 AWS execution tools
│   ├── budget_tools.py     # 3 budget tools
│   └── user_mgmt_tools.py  # 3 access control tools
└── resources/
    └── user_resources.py # 2 MCP resources

Development

git clone https://github.com/danielcregg/rosettahub-mcp-server.git
cd rosettahub-mcp-server
pip install -e ".[dev]"

Run tests

pytest -v

All tests use mocked SOAP responses — no API key needed.

Lint & type check

ruff check src/ tests/
mypy src/ --ignore-missing-imports

Run locally

export RH_API_KEY="your-key"
export RH_ORG="Your-Org"
rosettahub-mcp-server

Disclaimer

This is an unofficial, community-maintained integration. It is not affiliated with, endorsed by, or sponsored by RosettaHUB. "RosettaHUB" is a trademark of its respective owner.

License

MIT — see LICENSE for details.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for danielcregg from gravatar.com danielcregg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Daniel Cregg
  • Tags aws , classroom , cloud , education , mcp , model-context-protocol , rosettahub
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

0.2.0

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rosettahub_mcp_server-0.2.0.tar.gz (20.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

rosettahub_mcp_server-0.2.0-py3-none-any.whl (15.9 kB view details)

Uploaded Python 3

File details

Details for the file rosettahub_mcp_server-0.2.0.tar.gz.

File metadata

  • Download URL: rosettahub_mcp_server-0.2.0.tar.gz
  • Upload date:
  • Size: 20.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for rosettahub_mcp_server-0.2.0.tar.gz
Algorithm Hash digest
SHA256 75ee5bad9b8daed22d1fa41e17524163a6030ebd653009dbb87597d5a7e9e2cc
MD5 00d7029d767835d136c875ae8290fe5b
BLAKE2b-256 2f37a8f9f3d96d6dff104a83781eb26201fcae24b72aa22d8fdb4f145d42b97b

See more details on using hashes here.

Provenance

The following attestation bundles were made for rosettahub_mcp_server-0.2.0.tar.gz:

Publisher: publish.yml on danielcregg/rosettahub-mcp-server

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file rosettahub_mcp_server-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for rosettahub_mcp_server-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 d5ae02b68c2b28c912ec79f869665c4c2095b9b467579fbe93c2de29d3457337
MD5 23972f861bb9bab94d27aec8ceb918a2
BLAKE2b-256 1b2c1ac3338467ac17bb62c9237cdabe0e668b81e93994dd725179f610e770fc

See more details on using hashes here.

Provenance

The following attestation bundles were made for rosettahub_mcp_server-0.2.0-py3-none-any.whl:

Publisher: publish.yml on danielcregg/rosettahub-mcp-server

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page