# AWS > Inspect AWS resources, read CloudWatch logs, and audit IAM from an AI agent. [Canonical HTML page](https://top-mcps.com/mcp/aws) · [server.json](https://top-mcps.com/mcp/aws.json) · [methodology](https://top-mcps.com/about/methodology) ## Install ### Claude Desktop — `claude_desktop_config.json` Paste under mcpServers. Fully quit and reopen Claude after editing. ```json { "mcpServers": { "aws": { "command": "uvx", "args": [ "awslabs.aws-documentation-mcp-server" ], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "${AWS_REGION}" } } } } ``` ### Claude Code — `CLI or .mcp.json` Run from your repo. Commit .mcp.json to share with your team. ```shell # export AWS_PROFILE=agent-readonly # export AWS_REGION=us-east-1 claude mcp add aws -- uvx awslabs.aws-documentation-mcp-server ``` ### Cursor — `.cursor/mcp.json` Global path: ~/.cursor/mcp.json. Reload window after editing. ```json { "mcpServers": { "aws": { "command": "uvx", "args": [ "awslabs.aws-documentation-mcp-server" ], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "${AWS_REGION}" } } } } ``` ### VS Code — `.vscode/mcp.json` VS Code uses the "servers" key (not "mcpServers"). ```jsonc { "servers": { "aws": { "command": "uvx", "args": [ "awslabs.aws-documentation-mcp-server" ], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "${AWS_REGION}" } } } } ``` ### Windsurf — `~/.codeium/windsurf/mcp_config.json` Open via Cascade → hammer icon → Configure. ```json { "mcpServers": { "aws": { "command": "uvx", "args": [ "awslabs.aws-documentation-mcp-server" ], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "${AWS_REGION}" } } } } ``` ### Cline — `cline_mcp_settings.json` Open via the Cline sidebar → MCP Servers → Edit. ```json { "mcpServers": { "aws": { "command": "uvx", "args": [ "awslabs.aws-documentation-mcp-server" ], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "${AWS_REGION}" } } } } ``` ### Continue — `~/.continue/config.json` Continue uses modelContextProtocolServers with a transport block. ```json { "experimental": { "modelContextProtocolServers": [ { "transport": { "type": "stdio", "command": "uvx", "args": [ "awslabs.aws-documentation-mcp-server" ], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "${AWS_REGION}" } } } ] } } ``` ### Codex CLI — `~/.codex/config.toml` Codex uses TOML. Each server is a [mcp_servers.] subtable. ```shell # ~/.codex/config.toml [mcp_servers.aws] command = "uvx" args = [ "awslabs.aws-documentation-mcp-server", ] env = { AWS_PROFILE = "${AWS_PROFILE}", AWS_REGION = "${AWS_REGION}" } ``` ### Zed — `~/.config/zed/settings.json` Zed calls them "context_servers". Settings live-reload on save. ```jsonc { "context_servers": { "aws": { "command": { "path": "uvx", "args": [ "awslabs.aws-documentation-mcp-server" ] }, "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "${AWS_REGION}" } } } } ``` ### ChatGPT — `ChatGPT → Apps directory` AWS doesn't ship a hosted HTTPS endpoint today. ChatGPT supports remote MCP servers only — to use this server in ChatGPT you'll need to deploy it to a public HTTPS URL first (e.g. via Cloudflare Workers or Vercel) or wait for an official remote build. ```none ``` ## At a glance - **Maintainer:** AWS Labs - **Transport:** stdio - **Auth model:** API key - **Required secrets:** AWS_PROFILE, AWS_REGION - **Supported clients:** Claude, Cursor, VS Code, Windsurf, Any MCP-compatible client, AWS account - **License:** Apache-2.0 - **Language:** Python - **Latest version:** latest - **Last verified:** 2026-06-02 - **GitHub stars:** 9,180 (fetched 2026-06-02T13:16:41.398Z) - **Score:** 89/100 (rubric 2026-04 — see https://top-mcps.com/about/methodology) - **Source:** https://github.com/awslabs/mcp ## Tools & permissions | Tool | Description | Args | Side effects | |------|-------------|------|--------------| | `list_ec2_instances` | List EC2 instances in the configured region. | `—` | read | | `list_s3_buckets` | List S3 buckets in the account. | `—` | read | | `get_cloudwatch_logs` | Fetch log events from a CloudWatch log group. | `log_group: string, start_time?: string` | read | | `list_iam_roles` | List IAM roles. | `—` | read | | `get_caller_identity` | Return the IAM identity the MCP is acting as. | `—` | read | ## Security & scope - **Access scope:** read-only - **Sandbox:** Authenticates with the standard AWS credential chain — env vars, profile, IMDS, or SSO. Read-only at the tool layer; pair with an IAM role scoped to ReadOnlyAccess (or tighter) for defence in depth. - **Gotchas:** - Never wire the agent to your developer admin profile — create a dedicated read-only IAM role. - CloudWatch Logs has per-request size limits; long log scans require paging. - STS GetCallerIdentity is exposed so the agent can verify which account it is acting against — check this before any cross-account work. ## Quick answer **What it does.** Wraps the AWS SDK for read operations across EC2, S3, Lambda, RDS, IAM, CloudWatch, and STS. Exposes resource enumeration, log fetch, metric queries, and identity inspection to AI models. **Best for:** - Incident investigation - IAM and security audits - CloudWatch log search - Cost-tagged resource enumeration - Cross-service status checks **Not for:** - Provisioning new infrastructure - Unattended writes to production - Workloads needing AWS services outside the read surface ## Description The official AWS MCP connects an AI agent to an AWS account via standard AWS credentials. Lists resources across the most-used services (EC2, S3, Lambda, RDS, IAM), reads CloudWatch logs and metrics, and runs read-only audits. The MCP is read-only by design — provisioning belongs in Terraform or CloudFormation, not in a conversation. ## Why it matters AWS is the dominant cloud. An agent that can "tell me why my Lambda timed out last night" or "show me which S3 buckets are public" replaces a click-through tour of the AWS Console with a single prompt. ## Key features - Read-only by design - Standard AWS credential chain (env, profile, IMDS, SSO) - CloudWatch logs + metrics - IAM + STS audit tools - Resource enumeration across EC2, S3, Lambda, RDS ## FAQ ### How does auth work? The standard AWS credential chain — env vars, ~/.aws/credentials profile, IMDS on EC2, or SSO. Set AWS_PROFILE to point at a dedicated read-only profile rather than your admin role. ### Read-only? Yes by design. The MCP intentionally does not expose Put/Create/Delete operations. For provisioning, drive Terraform or CloudFormation from the agent and review the diff before apply. ### Which services are covered? The most-used: EC2, S3, Lambda, RDS, IAM, CloudWatch (logs + metrics), STS, plus a generic boto3 call tool for less-common services. The AWS Labs project is adding service coverage actively. ### How do I scope it down? Use a dedicated IAM role with ReadOnlyAccess as the baseline and trim further. The MCP cannot enforce permissions the role itself does not have. ## Changelog - **2026-06-02** — Refreshed install snippets and fact sheet; verified for 2026. - **2025-04-15** — Initial directory listing.