aws-mcp-setup
The aws-mcp-setup skill configures AWS MCP servers to enable AI agents to search AWS documentation and execute API calls. Use this skill when setting up AWS MCP for the first time, troubleshooting MCP connectivity issues, configuring documentation tools, or when users mention AWS MCP, awsdocs, uvx setup, or MCP server configuration. It provides guidance for both full AWS MCP with API access and lightweight documentation-only options.
git clone --depth 1 https://github.com/zxkane/aws-skills /tmp/aws-mcp-setup && cp -r /tmp/aws-mcp-setup/plugins/aws-common/skills/aws-mcp-setup ~/.claude/skills/aws-mcp-setupSKILL.md
# AWS MCP Server Configuration Guide
## Overview
This guide helps you configure AWS MCP tools for AI agents. Two options are available:
| Option | Requirements | Capabilities |
|--------|--------------|--------------|
| **Full AWS MCP Server** | Python 3.10+, uvx, AWS credentials | Execute AWS API calls + documentation search |
| **AWS Documentation MCP** | None | Documentation search only |
## Step 1: Check Existing Configuration
Before configuring, check if AWS MCP tools are already available using either method:
### Method A: Check Available Tools (Recommended)
Look for these tool name patterns in your agent's available tools:
- `mcp__aws-mcp__*` or `mcp__aws__*` → Full AWS MCP Server configured
- `mcp__*awsdocs*__aws___*` → AWS Documentation MCP configured
**How to check**: Run `/mcp` command to list all active MCP servers.
### Method B: Check Configuration Files
Agent tools use hierarchical configuration (precedence: local → project → user → enterprise):
| Scope | File Location | Use Case |
|-------|---------------|----------|
| Local | `.claude.json` (in project) | Personal/experimental |
| Project | `.mcp.json` (project root) | Team-shared |
| User | `~/.claude.json` | Cross-project personal |
| Enterprise | System managed directories | Organization-wide |
Check these files for `mcpServers` containing `aws-mcp`, `aws`, or `awsdocs` keys:
```bash
# Check project config
cat .mcp.json 2>/dev/null | grep -E '"(aws-mcp|aws|awsdocs)"'
# Check user config
cat ~/.claude.json 2>/dev/null | grep -E '"(aws-mcp|aws|awsdocs)"'
# Or use Claude CLI
claude mcp list
```
If AWS MCP is already configured, no further setup needed.
## Step 2: Choose Configuration Method
### Automatic Detection
Run these commands to determine which option to use:
```bash
# Check for uvx (requires Python 3.10+)
which uvx || echo "uvx not available"
# Check for valid AWS credentials
aws sts get-caller-identity || echo "AWS credentials not configured"
```
### Option A: Full AWS MCP Server (Recommended)
**Use when**: uvx available AND AWS credentials valid
**Prerequisites**:
- Python 3.10+ with `uv` package manager
- AWS credentials configured (via profile, environment variables, or IAM role)
**Required IAM Permissions**:
```json
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"aws-mcp:InvokeMCP",
"aws-mcp:CallReadOnlyTool",
"aws-mcp:CallReadWriteTool"
],
"Resource": "*"
}]
}
```
**Configuration** (add to your MCP settings):
```json
{
"mcpServers": {
"aws-mcp": {
"command": "uvx",
"args": [
"mcp-proxy-for-aws@latest",
"https://aws-mcp.us-east-1.api.aws/mcp",
"--metadata", "AWS_REGION=us-west-2"
]
}
}
}
```
**Credential Configuration Options**:
1. **AWS Profile** (recommended for development):
```json
"args": [
"mcp-proxy-for-aws@latest",
"https://aws-mcp.us-east-1.api.aws/mcp",
"--profile", "my-profile",
"--metadata", "AWS_REGION=us-west-2"
]
```
2. **Environment Variables**:
```json
"env": {
"AWS_ACCESS_KEY_ID": "...",
"AWS_SECRET_ACCESS_KEY": "...",
"AWS_REGION": "us-west-2"
}
```
3. **IAM Role** (for EC2/ECS/Lambda): No additional config needed - uses instance credentials
**Additional Options**:
- `--region <region>`: Override AWS region
- `--read-only`: Restrict to read-only tools
- `--log-level <level>`: Set logging level (debug, info, warning, error)
**Reference**: https://github.com/aws/mcp-proxy-for-aws
### Option B: AWS Documentation MCP Server (No Auth)
**Use when**:
- No Python/uvx environment
- No AWS credentials
- Only need documentation search (no API execution)
**Configuration**:
```json
{
"mcpServers": {
"awsdocs": {
"type": "http",
"url": "https://knowledge-mcp.global.api.aws"
}
}
}
```
## Step 3: Verification
After configuration, verify tools are available:
**For Full AWS MCP**:
- Look for tools: `mcp__aws-mcp__aws___search_documentation`, `mcp__aws-mcp__aws___call_aws`
**For Documentation MCP**:
- Look for tools: `mcp__awsdocs__aws___search_documentation`, `mcp__awsdocs__aws___read_documentation`
## Troubleshooting
| Issue | Cause | Solution |
|-------|-------|----------|
| `uvx: command not found` | uv not installed | Install with `pip install uv` or use Option B |
| `AccessDenied` error | Missing IAM permissions | Add aws-mcp:* permissions to IAM policy |
| `InvalidSignatureException` | Credential issue | Check `aws sts get-caller-identity` |
| Tools not appearing | MCP not started | Restart your agent after config change |AWS Bedrock AgentCore comprehensive expert for deploying and managing AI agents at scale. Use when working with any AgentCore service including Gateway, Runtime, Memory, Identity, Code Interpreter, Browser, Observability, Agent Registry, or Evaluations. Covers agent deployment, MCP tool integration, credential management, agent discovery, governance workflows, and automated quality assessment. Essential when user mentions AgentCore, agent runtime, agent registry, agent evaluation, MCP gateway, deploy agent, register MCP server, discover agents, evaluate agent quality, agent credentials, or wants to build, deploy, catalog, or monitor AI agents on AWS.
AWS Cloud Development Kit (CDK) expert for building cloud infrastructure with TypeScript/Python. Use when creating CDK stacks, defining CDK constructs, implementing infrastructure as code, or when the user mentions CDK, CloudFormation, IaC, cdk synth, cdk deploy, or wants to define AWS infrastructure programmatically. Covers CDK app structure, construct patterns, stack composition, and deployment workflows.
AWS cost optimization, monitoring, and operational excellence expert. Use when analyzing AWS bills, estimating costs, setting up CloudWatch alarms, querying logs, auditing CloudTrail activity, or assessing security posture. Essential when user mentions AWS costs, spending, billing, budget, pricing, CloudWatch, observability, monitoring, alerting, CloudTrail, audit, or wants to optimize AWS infrastructure costs and operational efficiency.
AWS serverless and event-driven architecture expert based on Well-Architected Framework. Use when building serverless APIs, Lambda functions, REST APIs, microservices, or async workflows. Covers Lambda with TypeScript/Python, API Gateway (REST/HTTP), DynamoDB, Step Functions, EventBridge, SQS, SNS, and serverless patterns. Essential when user mentions serverless, Lambda, API Gateway, event-driven, async processing, queues, pub/sub, or wants to build scalable serverless applications with AWS best practices.