MCP server for managing RosettaHUB student AWS cloud accounts via SOAP API

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for danielcregg from gravatar.com danielcregg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Daniel Cregg
  • Tags aws , classroom , cloud , education , mcp , model-context-protocol , rosettahub
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

rosettahub-mcp-server

An MCP server for managing RosettaHUB student AWS cloud accounts

CI PyPI Python License Coverage

RosettaHUB is a platform used by educators to provision and manage student AWS cloud environments. This MCP server wraps the RosettaHUB SOAP API into 16 tools and 2 resources, letting AI assistants like Claude manage student accounts through natural language.

Example: "Show me which students have used over 80% of their budget" or "Run aws ec2 describe-instances across all student accounts"

Quick Start

Install

pip install rosettahub-mcp-server

Configure

export RH_API_KEY="your-rosettahub-api-key"
export RH_ORG="Your-Org-Name"

Add to Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "rosettahub": {
      "command": "uvx",
      "args": ["rosettahub-mcp-server"],
      "env": {
        "RH_API_KEY": "your-api-key",
        "RH_ORG": "Your-Org-Name"
      }
    }
  }
}

Add to Claude Code

claude mcp add rosettahub -e RH_API_KEY=your-key -e RH_ORG=Your-Org -- rosettahub-mcp-server

Tools

Account & API Info

Tool Description
test_connection Test the API connection and return authenticated user info
list_accounts List your own RosettaHUB cloud accounts
list_student_accounts List all student accounts with budget details
list_users List all federated users in the organization
list_api_methods List all available RosettaHUB SOAP API methods

AWS Execution

Tool Description
aws_exec Run an AWS CLI command across all student accounts
aws_exec_user Run an AWS CLI command on one student's account
ec2_list List EC2 instances across all student accounts
get_sts_credentials Get temporary AWS STS credentials for a student
get_console_url Get a sign-in URL for a student's AWS Console

Budget Management

Tool Description
budget_status Show budget, spending, and remaining balance for all students
budget_transfer Transfer budget to all student accounts
budget_transfer_user Transfer budget to one student's account

Access Control

Tool Description
quarantine_user Quarantine a student (restrict cloud access)
unquarantine_user Unquarantine a student (restore cloud access)
set_allowed_regions Set which AWS regions a student can use

Resources

URI Description
rosettahub://students JSON list of current student logins
rosettahub://budget-summary JSON budget data for all students

Configuration

Environment Variable Required Default Description
RH_API_KEY Yes Your RosettaHUB API key
RH_ORG Yes Your RosettaHUB organization name
RH_AWS_REGION No eu-west-1 Default AWS region for commands
RH_WSDL_URL No RosettaHUB public API Override WSDL endpoint URL

Security

  • Command validation — All AWS commands must start with aws to prevent arbitrary execution
  • Region validation — Region parameters are validated against AWS format to prevent flag injection
  • No shell injection — Commands run with shell=False using shlex.split()
  • Subprocess timeout — AWS CLI calls are capped at 60 seconds to prevent hung processes
  • Minimal subprocess environment — Only AWS credentials and PATH are passed to child processes
  • Temporary credentials — AWS access uses short-lived STS sessions (1 hour default), never long-term keys
  • Logging to stderr — stdout is reserved for MCP JSON-RPC transport

Architecture

src/rosettahub_mcp_server/
├── server.py        # FastMCP instance and entry point
├── config.py        # Environment variable loading
├── client.py        # Singleton SOAP client (zeep)
├── types.py         # TypedDict return types
├── tools/
│   ├── account_tools.py    # 5 account/API info tools
│   ├── aws_tools.py        # 5 AWS execution tools
│   ├── budget_tools.py     # 3 budget tools
│   └── user_mgmt_tools.py  # 3 access control tools
└── resources/
    └── student_resources.py # 2 MCP resources

Development

git clone https://github.com/danielcregg/rosettahub-mcp-server.git
cd rosettahub-mcp-server
pip install -e ".[dev]"

Run tests

pytest -v

All tests use mocked SOAP responses — no API key needed.

Lint & type check

ruff check src/ tests/
mypy src/ --ignore-missing-imports

Run locally

export RH_API_KEY="your-key"
export RH_ORG="Your-Org"
rosettahub-mcp-server

Disclaimer

This is an unofficial, community-maintained integration. It is not affiliated with, endorsed by, or sponsored by RosettaHUB. "RosettaHUB" is a trademark of its respective owner.

License

MIT — see LICENSE for details.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for danielcregg from gravatar.com danielcregg

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Daniel Cregg
  • Tags aws , classroom , cloud , education , mcp , model-context-protocol , rosettahub
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.0

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rosettahub_mcp_server-0.1.1.tar.gz (20.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

rosettahub_mcp_server-0.1.1-py3-none-any.whl (16.0 kB view details)

Uploaded Python 3

File details

Details for the file rosettahub_mcp_server-0.1.1.tar.gz.

File metadata

  • Download URL: rosettahub_mcp_server-0.1.1.tar.gz
  • Upload date:
  • Size: 20.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for rosettahub_mcp_server-0.1.1.tar.gz
Algorithm Hash digest
SHA256 36d994c520a6f8ac043b2b72464e75d781f363f82a3bc4e61db2551e87e14049
MD5 1832210c7aaf3ab8540e48bb651ffaab
BLAKE2b-256 a7c86abc9869072b90671a8cf70acd47b2dc283fb4f2047dd3bf3885716bc1b1

See more details on using hashes here.

Provenance

The following attestation bundles were made for rosettahub_mcp_server-0.1.1.tar.gz:

Publisher: publish.yml on danielcregg/rosettahub-mcp-server

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file rosettahub_mcp_server-0.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for rosettahub_mcp_server-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 7495917185cf74541be05a30671c8ff4867d400a1a317675bd476b3339d5c6e0
MD5 7507da9f868d8f4661866ca3bab1acf8
BLAKE2b-256 5a78e6940be8ea6ed09c8575990f7e817fced752d6a38b0af53eb6f0c051ae8b

See more details on using hashes here.

Provenance

The following attestation bundles were made for rosettahub_mcp_server-0.1.1-py3-none-any.whl:

Publisher: publish.yml on danielcregg/rosettahub-mcp-server

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page