MCP server for managing RosettaHUB student AWS cloud accounts via SOAP API

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for danielcregg from gravatar.com danielcregg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Daniel Cregg
  • Tags aws , classroom , cloud , education , mcp , model-context-protocol , rosettahub
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

rosettahub-mcp-server

An MCP server for managing RosettaHUB student AWS cloud accounts

CI PyPI Python License Coverage

RosettaHUB is a platform used by educators to provision and manage student AWS cloud environments. This MCP server wraps the RosettaHUB SOAP API into 16 tools and 2 resources, letting AI assistants like Claude manage student accounts through natural language.

Example: "Show me which students have used over 80% of their budget" or "Run aws ec2 describe-instances across all student accounts"

Quick Start

Install

pip install rosettahub-mcp-server

Configure

export RH_API_KEY="your-rosettahub-api-key"
export RH_ORG="Your-Org-Name"

Add to Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "rosettahub": {
      "command": "uvx",
      "args": ["rosettahub-mcp-server"],
      "env": {
        "RH_API_KEY": "your-api-key",
        "RH_ORG": "Your-Org-Name"
      }
    }
  }
}

Add to Claude Code

claude mcp add rosettahub -e RH_API_KEY=your-key -e RH_ORG=Your-Org -- rosettahub-mcp-server

Tools

Account & API Info

Tool Description
test_connection Test the API connection and return authenticated user info
list_accounts List your own RosettaHUB cloud accounts
list_student_accounts List all student accounts with budget details
list_users List all federated users in the organization
list_api_methods List all available RosettaHUB SOAP API methods

AWS Execution

Tool Description
aws_exec Run an AWS CLI command across all student accounts
aws_exec_user Run an AWS CLI command on one student's account
ec2_list List EC2 instances across all student accounts
get_sts_credentials Get temporary AWS STS credentials for a student
get_console_url Get a sign-in URL for a student's AWS Console

Budget Management

Tool Description
budget_status Show budget, spending, and remaining balance for all students
budget_transfer Transfer budget to all student accounts
budget_transfer_user Transfer budget to one student's account

Access Control

Tool Description
quarantine_user Quarantine a student (restrict cloud access)
unquarantine_user Unquarantine a student (restore cloud access)
set_allowed_regions Set which AWS regions a student can use

Resources

URI Description
rosettahub://students JSON list of current student logins
rosettahub://budget-summary JSON budget data for all students

Configuration

Environment Variable Required Default Description
RH_API_KEY Yes Your RosettaHUB API key
RH_ORG Yes Your RosettaHUB organization name
RH_AWS_REGION No eu-west-1 Default AWS region for commands
RH_WSDL_URL No RosettaHUB public API Override WSDL endpoint URL

Security

  • Command validation — All AWS commands must start with aws to prevent arbitrary execution
  • Region validation — Region parameters are validated against AWS format to prevent flag injection
  • No shell injection — Commands run with shell=False using shlex.split()
  • Subprocess timeout — AWS CLI calls are capped at 60 seconds to prevent hung processes
  • Minimal subprocess environment — Only AWS credentials and PATH are passed to child processes
  • Temporary credentials — AWS access uses short-lived STS sessions (1 hour default), never long-term keys
  • Logging to stderr — stdout is reserved for MCP JSON-RPC transport

Architecture

src/rosettahub_mcp_server/
├── server.py        # FastMCP instance and entry point
├── config.py        # Environment variable loading
├── client.py        # Singleton SOAP client (zeep)
├── types.py         # TypedDict return types
├── tools/
│   ├── account_tools.py    # 5 account/API info tools
│   ├── aws_tools.py        # 5 AWS execution tools
│   ├── budget_tools.py     # 3 budget tools
│   └── user_mgmt_tools.py  # 3 access control tools
└── resources/
    └── student_resources.py # 2 MCP resources

Development

git clone https://github.com/danielcregg/rosettahub-mcp-server.git
cd rosettahub-mcp-server
pip install -e ".[dev]"

Run tests

pytest -v

All tests use mocked SOAP responses — no API key needed.

Lint & type check

ruff check src/ tests/
mypy src/ --ignore-missing-imports

Run locally

export RH_API_KEY="your-key"
export RH_ORG="Your-Org"
rosettahub-mcp-server

Disclaimer

This is an unofficial, community-maintained integration. It is not affiliated with, endorsed by, or sponsored by RosettaHUB. "RosettaHUB" is a trademark of its respective owner.

License

MIT — see LICENSE for details.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for danielcregg from gravatar.com danielcregg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Daniel Cregg
  • Tags aws , classroom , cloud , education , mcp , model-context-protocol , rosettahub
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.0

0.1.1

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rosettahub_mcp_server-0.1.0.tar.gz (20.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

rosettahub_mcp_server-0.1.0-py3-none-any.whl (15.9 kB view details)

Uploaded Python 3

File details

Details for the file rosettahub_mcp_server-0.1.0.tar.gz.

File metadata

  • Download URL: rosettahub_mcp_server-0.1.0.tar.gz
  • Upload date:
  • Size: 20.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for rosettahub_mcp_server-0.1.0.tar.gz
Algorithm Hash digest
SHA256 1766915a2703205f50c646a0cd94f356e36a01d4b8a17280fe11d26779f49c91
MD5 1f05098245ba055d436e6cce00e2af9b
BLAKE2b-256 2d787392d2a1b4aa15b4ad52b7a6ff468680b1e6c73c505c9b997fa5933faca0

See more details on using hashes here.

Provenance

The following attestation bundles were made for rosettahub_mcp_server-0.1.0.tar.gz:

Publisher: publish.yml on danielcregg/rosettahub-mcp-server

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file rosettahub_mcp_server-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for rosettahub_mcp_server-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b6d9038577b586b0c03cbacb1d5994eef89365cc03356092e65f56d69c78a1c9
MD5 fbc8a3532441febe99392527a894699f
BLAKE2b-256 4ffe3b6649c4f97323fd9a1b6964f00b6ad498e9a78140d754a87d53bdd62ea0

See more details on using hashes here.

Provenance

The following attestation bundles were made for rosettahub_mcp_server-0.1.0-py3-none-any.whl:

Publisher: publish.yml on danielcregg/rosettahub-mcp-server

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page