use_aws MCP Server

Overview

use_aws_mcp is a standalone Model Context Protocol server that exposes the Amazon Q Developer CLI-style use_aws tool to other MCP clients. It executes AWS CLI commands, formats parameters for the AWS CLI, adds AWS user-agent metadata, returns stdout/stderr, and provides human-readable command descriptions.

Wardn's source importer was called first for https://github.com/runjivu/use_aws_mcp with an empty subfolder, but it returned 404 (source metadata could not be loaded). The submission was therefore completed from direct source review of the GitHub repository, README, Cargo manifest, schema file, and Rust source files.

Install and launch

The README documents installation from Cargo:

cargo install use_aws_mcp

The documented MCP client launch uses the installed binary. The submitted Wardn transport wraps this as sh -c use_aws_mcp because Wardn package validation requires an explicit args array:

{
  "mcpServers": {
    "use_aws_mcp": {
      "name": "use_aws_mcp",
      "command": "use_aws_mcp",
      "timeout": 300,
      "env": {},
      "disabled": false
    }
  }
}

The server communicates over stdin/stdout using JSON-RPC. It can also be built from source with cargo build --release and run locally with ./target/release/use_aws_mcp.

Configuration

The server relies on the local AWS CLI and AWS credentials available to the spawned aws process. The README notes credentials can come from AWS CLI configuration, environment variables, or IAM roles. It specifically warns that some MCP clients do not inherit shell credential environment variables, and recommends requiring the client/tool call to use a specific AWS profile when needed.

Named environment variables found in the docs/source review are:

• AWS_PROFILE: optional AWS CLI profile inherited by the spawned aws process when the tool request does not provide profile_name.
• AWS_DEFAULT_PROFILE: optional credential/profile environment variable mentioned in the README caveat for shell-based clients.
• AWS_EXECUTION_ENV: the server sets or appends UseAws-MCP-Server Version/0.1.0 for AWS CLI user-agent metadata when invoking aws.
• RUST_LOG: documented in README examples for debug logging, although the current source initializes tracing with a default use_aws=info filter.

Tool

The server provides a single tool named use_aws.

Required tool arguments:

• service_name: AWS service name, such as s3, ec2, or lambda.
• operation_name: AWS CLI operation name, such as list-buckets or describe-instances.
• region: AWS region, such as us-west-2.

Optional tool arguments:

• parameters: object of AWS CLI parameters. Source code converts parameter names to kebab-case and prefixes them with -- before invoking aws.
• profile_name: AWS profile name; when provided, the server invokes AWS CLI with --profile.
• label: optional operation label used in the human-readable command description.

Capabilities

• Execute AWS CLI commands through an MCP tool.
• Generate readable command descriptions before returning results.
• Pass through the process environment to the AWS CLI invocation.
• Add AWS CLI user-agent metadata via AWS_EXECUTION_ENV.
• Convert structured parameters to AWS CLI flags.
• Return AWS CLI stdout and stderr in MCP tool results.
• Truncate large stdout/stderr output to avoid excessive responses.

Prerequisites

• Rust 1.70 or later and Cargo for installation/building.
• AWS CLI installed and available on PATH.
• AWS credentials configured through AWS CLI config, environment variables, IAM roles, or profile-based authentication such as aws sso login.

Limitations and security notes

This server executes AWS CLI commands with the permissions available to the configured AWS credentials, so users should apply least-privilege credentials and review requested operations. The README describes read-only detection for operations starting with get, describe, list, ls, search, or batch_get, and says other operations require acceptance. Source review found the requires_acceptance helper and demo output, but the MCP request handler directly invokes the tool and does not implement an interactive acceptance gate. Outputs are truncated to a maximum response size of 100KB.