MCP.so
Sign In

Overview

What is AWS MCP Server?

A REST API server that connects to AWS accounts, similar to the AWS CLI. It provides endpoints to interact with S3, EC2, and Lambda services, enabling users to list, read, create, update, and delete AWS resources programmatically.

How to use AWS MCP Server?

Install dependencies with npm install, then configure AWS credentials via a .env file or the standard AWS credentials file (~/.aws/credentials). Start the server with npm start. Interact using curl, Postman, a web browser (GET only), or a custom frontend application.

Key features of AWS MCP Server

  • Connect to AWS accounts using multiple credential sources (env vars, credentials file, config file, instance profiles)
  • Supports S3, EC2, and Lambda service operations
  • Profile‑based configuration similar to AWS CLI
  • REST API endpoints for listing, starting, stopping, and invoking resources
  • Security measures: .gitignore for secrets, pre‑commit hooks, secrets checker script

Use cases of AWS MCP Server

  • List all S3 buckets and their objects
  • Start and stop EC2 instances remotely
  • Retrieve and invoke Lambda functions
  • Build a custom frontend acting as a simplified AWS Management Console

FAQ from AWS MCP Server

How do I configure AWS credentials?

You can use environment variables (e.g., in a .env file), the AWS credentials file at ~/.aws/credentials, the AWS config file, or an IAM instance profile when running on EC2. For temporary credentials (Access Key starts with ASIA), include AWS_SESSION_TOKEN.

What types of AWS credentials are supported?

Long‑term credentials (Access Key starting with AKIA) and temporary credentials (starting with ASIA). Temporary credentials require a session token and expire after a few hours. AWS CLI profiles and IAM roles on EC2 are also supported.

How can I interact with the server?

Use curl from the command line, a REST client like Postman, a web browser (for GET requests only), or build a frontend application that makes API calls to the server.

What security measures are included?

The project’s .gitignore excludes .env and sensitive files. A pre‑commit Git hook checks for potential secrets, and a manual secrets checker script (./scripts/check-secrets.sh) can be run to scan for hardcoded credentials.

What transport does the server use?

The server exposes REST APIs over HTTP on port 3000 (e.g., http://localhost:3000/api/s3/buckets). Authentication is handled via AWS credentials configured on the server side.

Tags

More from Cloud & Infrastructure