aws-mcp

aws-mcp is a local Model Context Protocol (MCP) server that lets an AI assistant query and manage AWS resources (across regions) using your locally configured AWS credentials/profiles (including SSO). It’s designed to be run on your machine and connected to via Claude Desktop’s MCP server configuration.

Evaluated Mar 30, 2026 (21d ago)
Homepage ↗ Repo ↗ Ai Ml ai-ml aws mcp devtools infrastructure security
⚙ Agent Friendliness
50
/ 100
Can an agent use this?
🔒 Security
54
/ 100
Is it safe for agents?
⚡ Reliability
29
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
72
Documentation
65
Error Messages
0
Auth Simplicity
75
Rate Limits
0

🔒 Security

TLS Enforcement
60
Auth Strength
65
Scope Granularity
25
Dep. Hygiene
45
Secret Handling
70

Security posture is largely dependent on local execution and your AWS IAM configuration. The README claims 'no credentials are exposed to external services' and that local credentials are used, which is a positive sign, but it does not provide evidence on logging/redaction, tool-level authorization boundaries, or explicit least-privilege guidance. Scope granularity for AWS operations is not described. TLS is not directly addressed because the server is local via MCP; this score reflects that there is no explicit network security guidance in the provided README.

⚡ Reliability

Uptime/SLA
0
Version Stability
50
Breaking Changes
30
Error Recovery
35
AF Security Reliability

Best When

You want a local, agent-driven AWS exploration/administration workflow from an MCP-capable assistant (e.g., Claude Desktop) and already have AWS credentials configured locally.

Avoid When

You cannot run local software on the machine that holds AWS credentials, or you require a centrally managed, audited, least-privilege policy with clear tool-level authorization boundaries.

Use Cases

  • List and inspect AWS resources (e.g., EC2 instances, S3 buckets, Lambda functions, ECS clusters)
  • Perform controlled management tasks in AWS using natural language
  • Use different AWS profiles/SSO credentials for different environments
  • Support multi-region discovery and administration workflows

Not For

  • Running as a multi-tenant hosted service for untrusted users
  • Any workflow that requires a public HTTP API endpoint for third-party automation
  • Scenarios needing strong, explicit IAM least-privilege scoping guidance within the MCP tool itself (not evidenced in README)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: Local AWS credentials/config (~/.aws) AWS SSO authentication (via existing local configuration)
OAuth: No Scopes: No

Authentication is not described as OAuth for the MCP server; instead it uses whatever AWS credentials/profiles are configured locally. The README mentions SSO support but does not describe any tool-level authorization scopes for AWS actions.

Pricing

Free tier: No
Requires CC: No

No pricing information in provided materials; appears to be self-hosted/local open-source tooling.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Natural-language requests may lead to broad AWS queries; ensure your AWS IAM permissions are scoped appropriately before use.
  • MCP server is configured via Claude Desktop local command/args; incorrect paths/node versions can prevent startup.
  • Multi-profile/SSO behavior depends on your local AWS configuration; mismatches can cause authorization failures.

Alternatives

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for aws-mcp.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

Scores are editorial opinions as of 2026-03-30.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered