AWS SSO MCP Server

$npx -y @aashari/mcp-server-aws-sso login
README.md

Connect AI assistants to AWS infrastructure through AWS IAM Identity Center

Connect AI to Your AWS Resources

Transform how you manage and access your AWS infrastructure by connecting Claude, Cursor AI, and other AI assistants directly to your AWS accounts through AWS IAM Identity Center (formerly AWS SSO). Get instant access to your cloud resources, execute commands, and manage EC2 instances using natural language.

What You Can Do

Ask AI about your AWS accounts: "Show me all my AWS accounts and available roles"
Execute AWS commands: "List all S3 buckets in my production account"
Manage EC2 instances: "Check the disk usage on server i-123456789"
Access multi-account setups: "Switch to the staging account and describe the VPCs"
Monitor resources: "Get the status of all running EC2 instances"
Run shell commands: "Execute 'df -h' on my web server via SSM"

Perfect For

  • DevOps Engineers managing multi-account AWS environments and infrastructure automation
  • Cloud Architects needing quick access to resource information across AWS accounts
  • Developers who want to check deployments and run AWS CLI commands through AI
  • SRE Teams monitoring and troubleshooting AWS resources using natural language
  • IT Administrators managing EC2 instances and executing remote commands securely
  • Anyone who wants to interact with AWS using conversational AI

Quick Start

Get up and running in 2 minutes:

1. Get Your AWS SSO Setup

Set up AWS IAM Identity Center:

  1. Enable AWS IAM Identity Center in your AWS account
  2. Configure your identity source (AWS directory, Active Directory, or external IdP)
  3. Set up permission sets and assign users to AWS accounts
  4. Note your AWS SSO Start URL (e.g., https://your-company.awsapps.com/start)

2. Try It Instantly

# Set your AWS SSO configuration
export AWS_SSO_START_URL="https://your-company.awsapps.com/start"
export AWS_REGION="us-east-1"

# Start the authentication flow
npx -y @aashari/mcp-server-aws-sso login

# List your accessible accounts and roles
npx -y @aashari/mcp-server-aws-sso ls-accounts

# Execute an AWS command
npx -y @aashari/mcp-server-aws-sso exec-command \
  --account-id 123456789012 \
  --role-name ReadOnly \
  --command "aws s3 ls"

Connect to AI Assistants

For Claude Desktop Users

Add this to your Claude configuration file (~/.claude/claude_desktop_config.json):

{
  "mcpServers": {
    "aws-sso": {
      "command": "npx",
      "args": ["-y", "@aashari/mcp-server-aws-sso"],
      "env": {
        "AWS_SSO_START_URL": "https://your-company.awsapps.com/start",
        "AWS_REGION": "us-east-1"
      }
    }
  }
}

Restart Claude Desktop, and you'll see "🔗 aws-sso" in the status bar.

For Other AI Assistants

Most AI assistants support MCP. Install the server globally:

npm install -g @aashari/mcp-server-aws-sso

Then configure your AI assistant to use the MCP server with STDIO transport.

Alternative: Configuration File

Create ~/.mcp/configs.json for system-wide configuration:

{
  "aws-sso": {
    "environments": {
      "AWS_SSO_START_URL": "https://your-company.awsapps.com/start",
      "AWS_REGION": "us-east-1",
      "DEBUG": "false"
    }
  }
}

Alternative config keys: The system also accepts "@aashari/mcp-server-aws-sso" or "mcp-server-aws-sso" instead of "aws-sso".

Real-World Examples

🔐 Authenticate and Explore

Ask your AI assistant:

  • "Log into AWS SSO and show me my authentication status"
  • "List all my AWS accounts and the roles I can assume"
  • "Check if I'm still authenticated to AWS"
  • "Show me which AWS accounts I have access to"

🛠️ Execute AWS Commands

Ask your AI assistant:

  • "List all S3 buckets in my production account using the ReadOnly role"
  • "Show me all running EC2 instances in the us-west-2 region"
  • "Describe the VPCs in my staging AWS account"
  • "Get the status of my RDS databases in account 123456789012"

🖥️ Manage EC2 Instances

Ask your AI assistant:

  • "Check the disk usage on EC2 instance i-1234567890abcdef0"
  • "Run 'uptime' on my web server via Systems Manager"
  • "Execute 'systemctl status nginx' on instance i-abc123 in production"
  • "Get memory usage from all my application servers"

🔍 Infrastructure Monitoring

Ask your AI assistant:

  • "List all Lambda functions in my development account"
  • "Show me the CloudFormation stacks in us-east-1"
  • "Check the health of my load balancers"
  • "Get the latest CloudWatch alarms that are in ALARM state"

🔄 Multi-Account Operations

Ask your AI assistant:

  • "Switch to account 987654321098 with AdminRole and list all security groups"
  • *"Com

Tools (3)

loginStart the AWS SSO authentication flow.
ls-accountsList your accessible AWS accounts and roles.
exec-commandExecute an AWS CLI command in a specific account and role.

Environment Variables

AWS_SSO_START_URLrequiredThe AWS SSO Start URL (e.g., https://your-company.awsapps.com/start)
AWS_REGIONrequiredThe AWS region for the SSO configuration
DEBUGEnable debug logging

Configuration

claude_desktop_config.json
{
  "mcpServers": {
    "aws-sso": {
      "command": "npx",
      "args": ["-y", "@aashari/mcp-server-aws-sso"],
      "env": {
        "AWS_SSO_START_URL": "https://your-company.awsapps.com/start",
        "AWS_REGION": "us-east-1"
      }
    }
  }
}

Try it

Show me all my AWS accounts and available roles
List all S3 buckets in my production account using the ReadOnly role
Check the disk usage on EC2 instance i-1234567890abcdef0
Execute 'systemctl status nginx' on instance i-abc123 in production via SSM
Get the status of all running EC2 instances in the us-west-2 region

Frequently Asked Questions

What are the key features of AWS SSO MCP Server?

Multi-account AWS management via IAM Identity Center. Natural language execution of AWS CLI commands. Remote shell command execution on EC2 via Systems Manager (SSM). Resource monitoring across different AWS accounts and regions. Secure authentication flow integration for AI assistants.

What can I use AWS SSO MCP Server for?

DevOps Engineers managing multi-account infrastructure automation. Cloud Architects querying resource information across AWS accounts. SRE Teams troubleshooting EC2 instances using natural language. Developers checking deployment status and running CLI commands through AI.

How do I install AWS SSO MCP Server?

Install AWS SSO MCP Server by running: npx -y @aashari/mcp-server-aws-sso login

What MCP clients work with AWS SSO MCP Server?

AWS SSO MCP Server works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Use AWS SSO MCP Server with Conare

Manage MCP servers visually, upload persistent context, and never start from zero with Claude Code & Codex.

Try Free

Related MCP Servers

SSH MCP Server
Securely execute shell commands on remote Linux and Windows systems via SSH
cloud310 stars
Google Photos MCP Server
Search, browse, and retrieve metadata and images from your Google Photos library.
cloud13 stars
ComplianceCow
Retrieve compliance insights, dashboard data, and auditable evidence.
cloud8 stars
Terry-Form MCP
Production-ready Terraform automation with comprehensive LSP integration
cloud6 stars
HashiCorp Vault MCP Server
Securely manage HashiCorp Vault secrets and ACL policies through MCP.
cloud6 stars
AWS MCP Server
Interact with core AWS services like S3, EC2, RDS, and CloudWatch through Claude.
cloud3 stars