aws-mcp
aws-mcp is a local Model Context Protocol (MCP) server that lets an AI assistant query and manage AWS resources (across regions) using your locally configured AWS credentials/profiles (including SSO). It’s designed to be run on your machine and connected to via Claude Desktop’s MCP server configuration.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security posture is largely dependent on local execution and your AWS IAM configuration. The README claims 'no credentials are exposed to external services' and that local credentials are used, which is a positive sign, but it does not provide evidence on logging/redaction, tool-level authorization boundaries, or explicit least-privilege guidance. Scope granularity for AWS operations is not described. TLS is not directly addressed because the server is local via MCP; this score reflects that there is no explicit network security guidance in the provided README.
⚡ Reliability
Best When
You want a local, agent-driven AWS exploration/administration workflow from an MCP-capable assistant (e.g., Claude Desktop) and already have AWS credentials configured locally.
Avoid When
You cannot run local software on the machine that holds AWS credentials, or you require a centrally managed, audited, least-privilege policy with clear tool-level authorization boundaries.
Use Cases
- • List and inspect AWS resources (e.g., EC2 instances, S3 buckets, Lambda functions, ECS clusters)
- • Perform controlled management tasks in AWS using natural language
- • Use different AWS profiles/SSO credentials for different environments
- • Support multi-region discovery and administration workflows
Not For
- • Running as a multi-tenant hosted service for untrusted users
- • Any workflow that requires a public HTTP API endpoint for third-party automation
- • Scenarios needing strong, explicit IAM least-privilege scoping guidance within the MCP tool itself (not evidenced in README)
Interface
Authentication
Authentication is not described as OAuth for the MCP server; instead it uses whatever AWS credentials/profiles are configured locally. The README mentions SSO support but does not describe any tool-level authorization scopes for AWS actions.
Pricing
No pricing information in provided materials; appears to be self-hosted/local open-source tooling.
Agent Metadata
Known Gotchas
- ⚠ Natural-language requests may lead to broad AWS queries; ensure your AWS IAM permissions are scoped appropriately before use.
- ⚠ MCP server is configured via Claude Desktop local command/args; incorrect paths/node versions can prevent startup.
- ⚠ Multi-profile/SSO behavior depends on your local AWS configuration; mismatches can cause authorization failures.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for aws-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.