{"id":"mcp-aws-core-mcp-server","name":"aws-core-mcp-server","homepage":"https://hub.docker.com/r/mcp/aws-core-mcp-server","repo_url":"https://hub.docker.com/r/mcp/aws-core-mcp-server","category":"infrastructure","subcategories":[],"tags":["ai-ml","devtools","infrastructure","api","mcp","aws"],"what_it_does":"MCP server integration layer intended to expose AWS-related capabilities to an MCP-capable agent/runtime (e.g., for listing/querying AWS resources and/or performing AWS actions) via the Model Context Protocol.","use_cases":["Allowing an AI agent to interact with AWS environments through MCP tools","Automating common AWS workflows (inventory, discovery, operational tasks) from within an agent","Bridging an agent framework to AWS SDK/API calls through MCP"],"not_for":["Direct production automation without reviewing permissions and safety controls","Use cases requiring a full AWS console replacement UI","Environments where the MCP server cannot be deployed/secured under the organization’s network and IAM controls"],"best_when":"You want an MCP-native way to give an agent controlled access to AWS operations in a specific account/region with least-privilege IAM and clear operational guardrails.","avoid_when":"You cannot ensure secure credential handling for the MCP server or you need strong guarantees around tool-level restrictions and auditing before allowing an agent to call AWS APIs.","alternatives":["Use AWS SDK/CLI directly from your agent with a custom tool wrapper","Use AWS IAM Access Analyzer / Config rules for discovery instead of agent-driven querying","Implement a dedicated internal service (REST/GraphQL) that exposes only vetted AWS actions to agents"],"af_score":37.2,"security_score":49.5,"reliability_score":27.5,"package_type":"mcp_server","discovery_source":["docker_mcp"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:57:54.252940+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["AWS credentials (e.g., IAM user/role access keys or assumed role) required by AWS SDK"],"oauth":false,"scopes":false,"notes":"Specific MCP auth mechanism (if any) is not provided here; AWS authentication likely relies on standard AWS credential resolution (env/role/keys) configured for the server process."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; AWS API usage would typically incur AWS charges depending on the actions performed."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":37.2,"security_score":49.5,"reliability_score":27.5,"mcp_server_quality":55.0,"documentation_accuracy":40.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":20.0,"tls_enforcement":70.0,"auth_strength":50.0,"scope_granularity":35.0,"dependency_hygiene":40.0,"secret_handling":50.0,"security_notes":"Security posture depends heavily on how the MCP server is configured and where it runs. Critical factors (not verifiable from the provided info) include: enforcing HTTPS for any MCP transport, ensuring AWS credentials are not logged, and constraining IAM permissions and tool coverage to prevent the agent from performing unintended high-impact actions. AWS APIs may require robust handling of access denied and throttling errors.","uptime_documented":0.0,"version_stability":50.0,"breaking_changes_history":30.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Tool calls may require region/account context; missing or incorrect configuration can cause failed AWS requests","AWS permissions must be least-privilege; overly broad IAM roles increase blast radius","Some AWS operations are not naturally idempotent; agent retries can create duplicates if not handled carefully","Agents may unintentionally enumerate sensitive resources if discovery tools are broadly exposed"]}}