Back to Skill Directory

MCP Server

Cloud InfrastructureAmazon AWSApache 2.0

AWS MCP Server

by AWS / Community · aws-sdk/mcp-server

AWS MCP Server connects your AI coding assistant directly to Amazon Web Services, exposing S3, Lambda, DynamoDB, EC2, and CloudWatch as conversational tools. Instead of switching to the AWS Console or manually writing SDK calls, you ask your agent to list S3 buckets, invoke a Lambda function, query a DynamoDB table, or tail CloudWatch logs — all without leaving your IDE.

Cloud infrastructure management has always required context-switching and precise CLI syntax. AWS MCP eliminates that friction by letting the agent translate natural language intent into correct AWS API calls, chain multi-service operations together, handle pagination automatically, and surface errors with actionable explanations. It uses the standard AWS credential chain, so your existing profiles and IAM roles work out of the box.

5+
Services Covered
S3, Lambda, DynamoDB...
IAM
Auth
credential chain auto-detect
<5min
Setup
npm install + AWS profile
Apache 2.0
License
open source

Quick Install

claude mcp add aws -- npx @aws-sdk/mcp-server

Key Features

S3 Object Storage

List buckets and objects, upload files, download content, set bucket policies, manage lifecycle rules, and generate presigned URLs. The agent handles multipart uploads for large files and automatically paginates list responses for buckets with thousands of objects.

Lambda Function Management

List functions, invoke them synchronously or asynchronously, update function code, manage environment variables, and configure concurrency limits. The agent can deploy ZIP packages, check invocation logs, and compare function configurations across environments.

DynamoDB Operations

Query tables using key conditions and filter expressions, scan with pagination, get and put individual items, batch write, and describe table schemas. The agent generates correct DynamoDB expression syntax automatically, eliminating the most common source of SDK errors.

EC2 Instance Management

List instances with rich filter support, describe instance types and pricing, start and stop instances, check system status, and retrieve instance metadata. Useful for fleet management tasks, cost optimization audits, and automated incident response workflows.

CloudWatch Logs & Metrics

Query log groups with CloudWatch Insights, tail recent log streams, retrieve metric statistics, and describe alarms. The agent can correlate Lambda errors with specific log events, helping debug production issues without ever leaving the coding assistant interface.

Multi-Region & Multi-Account

Specify a target AWS region or profile for any operation, enabling cross-region infrastructure queries and multi-account management from a single session. Switch between dev, staging, and production accounts by simply specifying the profile name in your request.

Execution Brief

Use this page as a rollout checklist, not just reference text.

Suggest update

Tool Mapping Lens

Organize Tools by Workflow Phase

Catalog-oriented pages work best when users can map discovery, evaluation, and rollout in a clear path instead of reading an undifferentiated list.

  • Define the job-to-be-done first
  • Group tools by stage
  • Prioritize by adoption friction

Actionable Utility Module

Skill Implementation Board

Use this board for AWS MCP Server before rollout. Capture inputs, apply one decision rule, execute the checklist, and log outcome.

Input: Objective

Deliver one measurable improvement with aws mcp server claude code amazon web services s3 lambda dynamodb cloud automation

Input: Baseline Window

20-30 minutes

Input: Fallback Window

8-12 minutes

Decision TriggerActionExpected Output
Input: one workflow objective and release owner are definedRun preview execution with fixed acceptance criteria.Go or hold decision backed by repeatable evidence.
Input: output quality below baseline or retries increaseLimit scope, isolate root issue, and rerun controlled test.One confirmed correction path before wider rollout.
Input: checks pass for two consecutive replay windowsPromote to broader traffic with fallback path active.Stable rollout with low operational surprise.

Execution Steps

  1. Record objective, owner, and stop condition.
  2. Execute one controlled preview run.
  3. Measure quality, latency, and correction burden.
  4. Promote only when pass criteria are stable.

Output Template

tool=aws mcp server claude code amazon web services s3 lambda dynamodb cloud automation
objective=
preview_result=pass|fail
primary_metric=
next_step=rollout|patch|hold
Share execution feedback

What Is AWS MCP Server?

AWS MCP Server is a Model Context Protocol bridge that translates natural language requests from AI coding assistants into Amazon Web Services API calls. It covers the most commonly used AWS services — S3 for object storage, Lambda for serverless compute, DynamoDB for NoSQL databases, EC2 for virtual machines, and CloudWatch for monitoring — exposing them as structured MCP tools that Claude Code or any compatible client can invoke.

Managing cloud infrastructure has traditionally meant context-switching between the IDE, AWS Console, CLI terminal, and documentation. AWS MCP Server collapses this into a single conversational interface. You describe what you need — "find all S3 buckets in us-east-1 that haven't had objects modified in 90 days" — and the agent executes the necessary AWS API calls, handles pagination, formats the results, and presents actionable findings directly in the conversation.

The server authenticates using the standard AWS credential chain, which means it automatically discovers credentials from environment variables, ~/.aws/credentials profiles, or IAM instance roles. This zero-configuration authentication model makes it immediately usable for developers who already have the AWS CLI configured, and easy to adapt for CI/CD pipelines and containerized environments.

AWS MCP Server works best as part of a broader MCP ecosystem. Combine it with Filesystem MCP to sync local build artifacts to S3, GitHub MCP to trigger Lambda deployments on PR merges, or Postgres MCP to migrate data between RDS and DynamoDB. The agent orchestrates multi-service workflows that would otherwise require custom scripts and careful error handling.

How to Calculate Better Results with aws mcp server claude code amazon web services s3 lambda dynamodb cloud automation

Install the AWS MCP server package using the quick install command above. The package bundles the AWS SDK v3 and requires no separate installation of AWS CLI or SDK libraries. Ensure Node.js 18 or later is installed on your system.

Configure AWS credentials using your preferred method. For local development, run "aws configure" to create a default profile or "aws configure --profile myprofile" for a named profile. Set AWS_DEFAULT_REGION to your target region. The MCP server inherits these settings automatically when launched by your AI client.

Register the server with Claude Code or your MCP client using the quick install command. For other clients, add the npx command to your MCP configuration JSON with any required environment variables such as AWS_PROFILE or AWS_REGION specified in the env section of the server config.

Verify connectivity by asking your agent to list your S3 buckets or describe your Lambda functions in a specific region. If the agent returns a list of resources, the authentication and network configuration are correct. Test a write operation — such as uploading a small test file to S3 — to confirm the IAM permissions grant the access level you need for your workflows.

Treat this page as a decision map. Build a shortlist fast, then run a focused second pass for security, ownership, and operational fit.

When a team keeps one shared selection rubric, tool adoption speeds up because evaluators stop debating criteria every time a new option appears.

Worked Examples

Automated Lambda deployment pipeline with log verification

  1. You've updated a Node.js Lambda function and need to deploy and verify it without leaving your coding session
  2. Ask the agent to ZIP the function directory, upload the package to a designated S3 bucket, and invoke UpdateFunctionCode using AWS MCP
  3. The agent monitors the function update status, waiting for the state to return Active before proceeding
  4. The agent then invokes the Lambda function with a test payload using the RequestResponse invocation type to get synchronous output
  5. Using CloudWatch MCP tools, the agent retrieves the most recent log stream for the function and extracts the last 50 log events
  6. The agent summarizes the invocation result and any errors or cold start metrics from the logs, confirming the deployment is healthy

Outcome: A complete deploy-and-verify cycle executed from within the IDE in under two minutes, with log confirmation that eliminates the usual console-switching workflow.

DynamoDB table audit and cost optimization

  1. You need to audit DynamoDB tables across your AWS account to identify unused tables and over-provisioned capacity
  2. Ask the agent to list all DynamoDB tables in us-east-1 and describe each table to retrieve provisioned throughput, item count, and last modified date
  3. The agent queries CloudWatch metrics for ConsumedReadCapacityUnits and ConsumedWriteCapacityUnits over the past 30 days for each table
  4. Tables with zero consumed capacity in 30 days are flagged as candidates for deletion; tables where consumed capacity is consistently below 20% of provisioned are flagged for downscaling
  5. The agent computes estimated monthly savings for each recommendation using the DynamoDB pricing formula for on-demand vs provisioned mode
  6. A structured report is generated listing each table, its current configuration, utilization percentage, and recommended action with estimated cost savings

Outcome: A data-driven DynamoDB cost audit completed in minutes, identifying specific tables and the exact capacity adjustments needed to reduce AWS spend without impacting performance.

Frequently Asked Questions

What is the AWS MCP Server?

AWS MCP Server is a Model Context Protocol integration that exposes Amazon Web Services APIs as MCP tools your AI coding assistant can invoke directly. It covers core AWS services including S3 (object storage), Lambda (serverless functions), DynamoDB (NoSQL database), EC2 (virtual machines), and CloudWatch (monitoring and logging). Instead of switching to the AWS Console or writing SDK code manually, you can ask your agent to list S3 buckets, invoke a Lambda function, or query DynamoDB table items — all from within Claude Code or any MCP-compatible client.

How do I authenticate AWS MCP Server with my AWS account?

AWS MCP Server uses the standard AWS credential chain, meaning it automatically picks up credentials from environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN), the ~/.aws/credentials file, or IAM instance roles when running on EC2. For local development, the recommended approach is to configure a named profile via the AWS CLI using "aws configure --profile your-profile-name" and set the AWS_PROFILE environment variable. For CI/CD, use short-lived credentials via AWS STS assume-role or OIDC federation.

Which AWS services does AWS MCP support?

AWS MCP Server covers the most commonly used AWS services: S3 for object storage operations (list, get, put, delete objects and buckets), Lambda for function invocation and management, DynamoDB for table queries, scans, and item operations, EC2 for instance listing and management, and CloudWatch for log group queries and metric retrieval. Additional services may be available depending on the specific MCP server implementation you install. Check the package README for the full list of supported service APIs.

Is AWS MCP Server safe to use with production AWS accounts?

Yes, with proper IAM configuration. Follow the principle of least privilege: create a dedicated IAM user or role for the MCP server with only the permissions it needs. For example, if the agent only reads S3 and queries DynamoDB, grant only s3:GetObject, s3:ListBucket, dynamodb:Query, and dynamodb:GetItem. Avoid using credentials with AdministratorAccess in local development. Use AWS CloudTrail to audit all API calls made by the MCP server, providing a full audit trail of what your agent did.

Can I use AWS MCP Server to deploy code to Lambda?

Yes. AWS MCP Server exposes Lambda operations including UpdateFunctionCode, which allows the agent to package and deploy new function code. A typical workflow involves the agent building a deployment ZIP, uploading it to S3, then invoking UpdateFunctionCode to deploy the new version. Combined with CloudWatch log access, the agent can deploy a change and immediately check the Lambda execution logs to verify the deployment succeeded. This creates a tight feedback loop for serverless development.

How does AWS MCP Server compare to using the AWS CLI directly?

The AWS CLI requires precise command syntax and parameter knowledge. AWS MCP Server lets your AI agent translate natural language requests into the correct AWS API calls, handling parameter construction, pagination, error handling, and response formatting automatically. The agent can also chain multiple AWS API calls together — for example, listing all Lambda functions in a region, checking their last modified dates, and identifying functions that haven't been updated in over 90 days — without you writing any shell scripts.

Missing a better tool match?

Send the exact workflow you are solving and we will prioritize a new comparison or rollout guide.

Submit feedback