playbooks

home / mcp / aws mcp server

AWS MCP Server

A Model Context Protocol server implementation for operations on AWS resources

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "rishikavikondala-mcp-server-aws": {
      "command": "uv",
      "args": [
        "--directory",
        "/path/to/repo/mcp-server-aws",
        "run",
        "mcp-server-aws"
      ],
      "env": {
        "AWS_REGION": "us-east-1",
        "AWS_ACCESS_KEY_ID": "YOUR_AWS_ACCESS_KEY_ID",
        "AWS_SECRET_ACCESS_KEY": "YOUR_AWS_SECRET_ACCESS_KEY"
      }
    }
  }
}

This MCP server implements a Model Context Protocol interface for AWS operations, enabling automated auditing of S3 and DynamoDB actions. You can run it locally and connect via an MCP client to perform common cloud operations with built‑in logging and an audit resource endpoint.

How to use

You connect to this MCP server from your MCP client (such as Claude) to perform AWS operations. Practical workflows include creating, listing, updating, and deleting S3 buckets and DynamoDB tables, as well as manipulating and querying DynamoDB items. Every action is automatically logged and can be accessed through the audit endpoint for visibility and auditing.

To start using it once you have it running locally, initiate operations from your MCP client to the available S3 and DynamoDB endpoints. Use typical read/write patterns to manage buckets, objects, tables, and items. If you encounter setup issues, use the built‑in debugging tools to verify credentials, permissions, and network access.

How to install

Prerequisites: you need Node.js and npm, or a runtime that supports the MCP local server workflow used here. You also need access to an AWS account with an IAM user that has full RW permissions for S3 and DynamoDB.

Step 1: Install the MCP server for AWS via the CLI (Claude client integration). Run the following command to install automatically for Claude:

npx -y @smithery/cli install mcp-server-aws --client claude

Step 2: Manual installation steps. Follow these steps to run the server locally without the auto‑install option.

Step 2.1: Prepare AWS credentials. Use either of these options. The server requires an IAM user with RW permissions for both S3 and DynamoDB.

Option A — Environment variables

Set the following environment variables in your shell or environment configuration: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION (defaults to us-east-1).

Option B — Default AWS credential chain

Configure credentials using the AWS CLI by running aws configure to set the default profile.

Step 2.2: Create Claude desktop configuration. Add the MCP server entry to your Claude desktop config as shown.

"mcpServers": {
  "mcp-server-aws": {
    "command": "uv",
    "args": [
      "--directory",
      "/path/to/repo/mcp-server-aws",
      "run",
      "mcp-server-aws"
    ],
    "env": [
      {"name": "AWS_ACCESS_KEY_ID", "value": "YOUR_AWS_ACCESS_KEY_ID"},
      {"name": "AWS_SECRET_ACCESS_KEY", "value": "YOUR_AWS_SECRET_ACCESS_KEY"},
      {"name": "AWS_REGION", "value": "us-east-1"}
    ]
  }
}

Step 2.3: Start Claude desktop and verify. Open the Claude app, ensure the AWS MCP server appears, and perform a read/write operation (for example, create an S3 bucket with a unique name) to confirm the setup.

Additional notes

Security and access: Use IAM credentials with the minimum required permissions for your tasks. Do not expose your AWS keys in shared environments. Rotate credentials periodically and use separate keys for different environments when possible.

Audit endpoint: All AWS operations performed through this MCP server are automatically logged. Access the audit://aws-operations resource endpoint to review activity and ensure compliance.

Tools available through this MCP server include actions for S3 and DynamoDB operations such as creating, listing, deleting, and reading buckets; uploading, listing, reading, updating, and deleting objects; and comprehensive DynamoDB table and item operations, including batch and TTL controls.

Available tools

s3_bucket_create

Create a new S3 bucket and make it available for object storage.

s3_bucket_list

List all S3 buckets under the AWS account.

s3_bucket_delete

Delete an S3 bucket and its contents.

s3_object_upload

Upload an object to an S3 bucket.

s3_object_delete

Delete an object from an S3 bucket.

s3_object_list

List objects within an S3 bucket.

s3_object_read

Read the contents of an S3 object.

dynamodb_table_create

Create a new DynamoDB table.

dynamodb_table_describe

Describe details about a DynamoDB table.

dynamodb_table_delete

Delete a DynamoDB table.

dynamodb_table_update

Update a DynamoDB table.

dynamodb_item_put

Put an item into a DynamoDB table.

dynamodb_item_get

Get an item from a DynamoDB table.

dynamodb_item_update

Update an item in a DynamoDB table.

dynamodb_item_delete

Delete an item from a DynamoDB table.

dynamodb_item_query

Query items in a DynamoDB table.

dynamodb_item_scan

Scan items in a DynamoDB table.

dynamodb_batch_get

Batch get multiple items from DynamoDB tables.

dynamodb_item_batch_write

Batch write operations for DynamoDB items.

dynamodb_batch_execute

Execute multiple PartiQL statements in a batch.

dynamodb_describe_ttl

Get the TTL settings for a DynamoDB table.

dynamodb_update_ttl

Update the TTL settings for a DynamoDB table.