Sold by: Amazon Web ServicesÂ
Deployed on AWS
The AWS API MCP Server enables AI assistants to interact with AWS services and resources through AWS CLI commands. It provides programmatic access to manage your AWS infrastructure while maintaining proper security controls. This server acts as a bridge between AI assistants and AWS services, allowing you to create, update, and manage AWS resources across all available services. It helps with AWS CLI command selection and provides access to the latest AWS API features and services, even those released after an AI model's knowledge cutoff date. This MCP server is meant for testing, development, and evaluation purposes.
Overview
The AWS API MCP Server enables AI assistants to interact with AWS services through the Model Context Protocol (MCP). When deployed to AgentCore, it provides secure, scalable access to AWS APIs with built-in authentication and session isolation.
This server acts as a bridge between AI assistants and AWS services, allowing you to query, manage, and interact with AWS resources across all available services. It helps with AWS CLI command selection and provides access to the latest AWS API features, even those released after an AI model's knowledge cutoff date.
When deployed via AWS Marketplace to AgentCore Runtime, the server runs in a managed runtime environment with IAM-based permissions and external authentication. This eliminates the need for local credential management while providing enterprise-grade security and scalability.
For local development, testing, and alternative deployment methods, see the GitHub repository. https://github.com/awslabs/mcp/tree/main/src/aws-api-mcp-serverÂ
Highlights
- The AWS API MCP Server enables AI assistants to interact with AWS services and resources through AWS CLI commands.
- Acts as a bridge between AI assistants and AWS services, allowing you to create, update, and manage AWS resources across all available services.
- Provides access to the latest AWS API features and services, even those released after an AI model's knowledge cutoff date.
Details
Sold by
Categories
Delivery method
Type
Supported services
Delivery option
AWS API MCP Server 1.1.4
Latest version
Operating system
Linux
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
This is a free container
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
AWS API MCP Server 1.1.4
Supported services: Learn moreÂ
- Amazon Bedrock AgentCore
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Features Comprehensive AWS CLI Support: Supports all commands available in the latest AWS CLI version, ensuring access to the most recent AWS services and features Help in Command Selection: Helps AI assistants select the most appropriate AWS CLI commands to accomplish specific tasks Command Validation: Ensures safety by validating all AWS CLI commands before execution, preventing invalid or potentially harmful operations Hallucination Protection: Mitigates the risk of model hallucination by strictly limiting execution to valid AWS CLI commands only - no arbitrary code execution is permitted Security-First Design: Built with security as a core principle, providing multiple layers of protection to safeguard your AWS infrastructure Read-Only Mode: Provides an extra layer of security that disables all mutating operations, allowing safe exploration of AWS resources
Additional details
Usage instructions
Overview
This is a highlevel deployment overview. For detailed instructions, troubleshooting, and configuration options see the complete deployment guide. https://github.com/awslabs/mcp/blob/main/src/aws-api-mcp-server/DEPLOYMENT.mdÂ
Security Best Practices
Single User Only: This deployment is designed for individual use. Do NOT use in multi-user environments.
Least Privilege: You are responsible for configuring appropriate permissions. We Recommend to start with read-only access and add permissions incrementally based on your requirements.
Credential Separation: The MCP server uses the IAM role specified during deployment, separate from your local AWS credentials. This means that the Agent will execute requests against AWS services using the MCP Server IAM Role, and and not the callers credentials.
Defense-in-Depth: AI assistants executing AWS commands can be vulnerable to prompt injection attacks. Implement layered security with minimal IAM permissions, exercise caution with untrusted data sources (logs, databases, user-generated content), and command validation workflows.
Required Environment Variables Add these to your AgentCore runtime configuration:
"AUTH_TYPE": "no-auth"
"AWS_API_MCP_HOST": "0.0.0.0"
"AWS_API_MCP_PORT": "8000"
"AWS_API_MCP_STATELESS_HTTP": "true"
"AWS_API_MCP_TRANSPORT": "streamable-http"
"AWS_API_MCP_ALLOWED_HOSTS" = "*"
"AWS_API_MCP_ALLOWED_ORIGINS" = "*"
Note:
-
AUTH_TYPE=no-auth is required since AgentCore uses external authentication such as Amazon Cognito.
-
These are the minimum required variables - additional environment variables and security configurations are available. See GitHub for complete configuration options.
Recommended Permission Model for the MCP Server
The MCP server has no inherent AWS permission requirements - permissions depend entirely on which AWS services your use case requires. You are responsible to determine and configure appropriate permissions based on your specific needs.
Start with Read-Only Access (Recommended)
aws iam attach-role-policy
--role-name your-mcp-role
--policy-arn arn:aws:iam::aws:policy/ReadOnlyAccess
Add Service-Specific Permissions
Create custom policies for specific AWS services you need and add it to the bedrock-agentcore-role that you will create in the next steps. Example for S3 access:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject", "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::your-bucket", "arn:aws:s3:::your-bucket/*" ] } ] }
Always Specify Custom Role
Authentication Methods
SigV4 (Recommended): Uses AWS credentials via AWS MCP Proxy
- Requires AWS credentials for endpoint access
- Requires bedrock-agentcore:InvokeAgentRuntime permission on your local IAM policy
- Requires use of MCP Proxy for AWS
JWT: Uses Cognito or external token providers
- Requires bearer token for endpoint access
- AgentCore creates Cognito User Pool automatically, but you must create users manually
- Use if your client requires JWT authentication
Client Configuration
Once the MCP Server is deployed to AgentCore Runtime, you will receive a runtime ARN. You must URL-encode this ARN to construct the endpoint URL for your MCP client. See documentation.
SigV4 Example (Claude Desktop/Cursor):
{ "aws-api-mcp": { "type": "stdio", "command": "uvx", "args": [ "--from", "git+https://github.com/aws/mcp-proxy-for-aws ", "mcp-proxy-for-aws", "YOUR_AGENTCORE_ENDPOINT", "--region", "us-east-1" ] } }
Once the MCP Server is deployed to AgentCore Runtime, you will receive an ARN to invoke the MCP server. Encode the ARN to invoke the MCP Server by replacing ':' with '%3A' and '/ with' '%2F'
For detailed troubleshooting, see GitHub for complete guide. https://github.com/awslabs/mcp/blob/main/src/aws-api-mcp-server/DEPLOYMENT.mdÂ
Support
Vendor support
Contact AWS Support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
LLM-compatible EC2 pricing tool that responds to natural language queries via Model Context Protocol (MCP). Supports container or API deployment.
Salt Security protects the APIs that power your business including the APIs behind AI agents, mobile apps, SaaS platforms, and microservices. Our platform delivers deep visibility, threat detection, and runtime protection to stop API attacks and secure your entire API ecosystem leveraging the AWS infrastructure.
Make is the leading AI-powered automation development platform which empowers businesses across all verticals to design, build, and automate - in just a few clicks.
The MCP server for Trelica by 1Password provides secure integration with the Trelica API, giving teams deep visibility into SaaS usage, user access, and app activity without leaving AWS-native workflows. This integration enables comprehensive visibility and read-only access across your Trelica-managed resources.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.