Give Claude access to all 200+ AWS services through the AWS CLI. This MCP server lets Claude run AWS CLI commands on your behalf. Instead of wrapping each AWS API individually, it wraps the CLI itself—giving Claude complete AWS access through just two tools: Claude learns commands on-demand using --help, then executes them. Your IAM policy controls what it can actually do. - Streamable HTTP transp
Add this skill
npx mdskills install alexei-led/aws-mcp-serverProvides comprehensive AWS CLI access with excellent docs, clear security model, and multiple transport options
Give Claude access to all 200+ AWS services through the AWS CLI.
This MCP server lets Claude run AWS CLI commands on your behalf. Instead of wrapping each AWS API individually, it wraps the CLI itself—giving Claude complete AWS access through just two tools:
| Tool | Purpose |
|---|---|
aws_cli_help | Get documentation for any AWS command |
aws_cli_pipeline | Execute AWS CLI commands with optional pipes (jq, grep, etc.) |
Claude learns commands on-demand using --help, then executes them. Your IAM policy controls what it can actually do.
flowchart LR
Claude[Claude] -->|MCP| Server[AWS MCP Server]
Server --> CLI[AWS CLI]
CLI --> AWS[AWS Cloud]
IAM[Your IAM Policy] -.->|controls| AWS
streamable-http transport for web-based MCP clients, replacing the deprecated sse transport (#33)isError: true) instead of regular results (#34)instructions field (#35)uvx)Add to your MCP settings (Cmd+Shift+P → "Claude: Open MCP Config"):
{
"mcpServers": {
"aws": {
"command": "uvx",
"args": ["aws-mcp"]
}
}
}
Add to your Claude Desktop config file:
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"aws": {
"command": "uvx",
"args": ["aws-mcp"]
}
}
}
Docker provides stronger isolation by running commands in a container:
{
"mcpServers": {
"aws": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-v",
"~/.aws:/home/appuser/.aws:ro",
"ghcr.io/alexei-led/aws-mcp-server:latest"
]
}
}
}
Note: Replace
~/.awswith the full path on Windows (e.g.,C:\Users\YOU\.aws).
For web-based MCP clients, use the streamable-http transport:
docker run --rm -p 8000:8000 \
-e AWS_MCP_TRANSPORT=streamable-http \
-v ~/.aws:/home/appuser/.aws:ro \
ghcr.io/alexei-led/aws-mcp-server:latest
The server will be available at http://localhost:8000/mcp.
Note: The
ssetransport is deprecated. Usestreamable-httpinstead.
The server uses the standard AWS credential chain. Your credentials are discovered automatically from:
AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY~/.aws/credentials~/.aws/config (for profiles and region)To use a specific profile:
{
"mcpServers": {
"aws": {
"command": "uvx",
"args": ["aws-mcp"],
"env": {
"AWS_PROFILE": "my-profile"
}
}
}
}
| Environment Variable | Description | Default |
|---|---|---|
AWS_PROFILE | AWS profile to use | default |
AWS_REGION | AWS region (also accepts AWS_DEFAULT_REGION) | us-east-1 |
AWS_CONFIG_FILE | Custom path to AWS config file | ~/.aws/config |
AWS_SHARED_CREDENTIALS_FILE | Custom path to credentials file | ~/.aws/credentials |
| Environment Variable | Description | Default |
|---|---|---|
AWS_MCP_TIMEOUT | Command execution timeout in seconds | 300 |
AWS_MCP_MAX_OUTPUT | Maximum output size in characters | 100000 |
AWS_MCP_TRANSPORT | Transport protocol (stdio, sse, or streamable-http) | stdio |
AWS_MCP_SANDBOX | Sandbox mode (auto, disabled, required) | auto |
AWS_MCP_SANDBOX_CREDENTIALS | Credential passing (env, aws_config, both) | both |
Your IAM policy is your security boundary. This server executes whatever AWS commands Claude requests—IAM controls what actually succeeds.
Best practices:
For detailed security architecture, see Security Documentation.
MIT License — see LICENSE for details.
Install via CLI
npx mdskills install alexei-led/aws-mcp-serverAWS MCP Server is a free, open-source AI agent skill. Give Claude access to all 200+ AWS services through the AWS CLI. This MCP server lets Claude run AWS CLI commands on your behalf. Instead of wrapping each AWS API individually, it wraps the CLI itself—giving Claude complete AWS access through just two tools: Claude learns commands on-demand using --help, then executes them. Your IAM policy controls what it can actually do. - Streamable HTTP transp
Install AWS MCP Server with a single command:
npx mdskills install alexei-led/aws-mcp-serverThis downloads the skill files into your project and your AI agent picks them up automatically.
AWS MCP Server works with Claude Code, Claude Desktop, Cursor, Vscode Copilot, Windsurf, Continue Dev, Gemini Cli, Amp, Roo Code, Goose. Skills use the open SKILL.md format which is compatible with any AI coding agent that reads markdown instructions.