AWS MCP in Claude Code

Quick answer: Install the AWS MCP server with npx -y mcp-server-aws, add the JSON block below to ~/.claude/settings.json, restart Claude Code, and run /mcp to confirm the connection. Setup runs about 5 minutes on a fresh machine, verified on mcp-server-aws as of April 15, 2026.

The AWS MCP server gives Claude Code a tool surface on the AWS APIs. After setup, the model can list EC2 instances, read S3 buckets, query CloudWatch metrics and logs, inspect IAM roles, and invoke Lambda functions. The server is published as mcp-server-aws and uses the standard AWS SDK credential chain (env vars, shared config, instance profile).

This guide covers what you get after the wiring is done, the exact config, verification steps, prompt patterns that tend to work well, and the 4 issues that trip people up most often in the first week.

What you get when it is connected

Once the AWS server is attached, Claude Code can call the server tools from inside any conversation. You do not invoke the tools by hand. When you ask Claude a question the model decides which tool to call and parses the response for you. For teams that live inside AWS day to day, this replaces dozens of context switches per week with a single line in chat.

Tools cover the most common AWS services: list_ec2_instances, describe_ec2_instance, list_s3_buckets, get_s3_object, list_lambda_functions, invoke_lambda, query_cloudwatch_logs, get_cloudwatch_metrics, list_iam_roles, list_iam_policies. For less common services, the server exposes a generic aws_cli tool that runs arbitrary commands - use sparingly and always with read-only verbs.

Prerequisites

An AWS account, IAM credentials (access key + secret or an SSO profile), and the region you want to target. The IAM principal needs read permissions on whatever services you expect Claude to query. Node 20 or later.

If you use a version manager like nvm or asdf for Node, confirm the version Claude Code inherits. Open a terminal, run node -v, and note the output. Claude Code uses the Node it sees on PATH at launch, so a shell profile that sets the right version is the reliable path.

Install via npx

Run the package once with npx to verify it starts cleanly:

npx -y mcp-server-aws

The first run downloads the package (a few MB) and starts the server on stdio. The server does not print much on success - it waits for MCP protocol messages on stdin. Press Ctrl-C to stop it. The actual runtime setup happens through Claude Code itself in the next step.

If the install fails with a network error, your npm registry may be blocked. Set npm config set registry https://registry.npmjs.org and retry. Behind a corporate proxy, also set HTTP_PROXY and HTTPS_PROXY in your shell.

Add the config block to ~/.claude/settings.json

Open ~/.claude/settings.json in your editor. If the file does not exist yet, create it with {} as the starting content. Add an mcpServers object with an entry for this server:

{
  "mcpServers": {
    "aws": {
      "command": "npx",
      "args": ["-y", "mcp-server-aws"],
      "env": {
        "AWS_ACCESS_KEY_ID": "AKIA_XXX",
        "AWS_SECRET_ACCESS_KEY": "YYY",
        "AWS_REGION": "us-east-1"
      }
    }
  }
}

Save the file. If you already have other MCP servers defined, merge the new entry into the existing mcpServers object rather than replacing it.

Restart Claude Code fully (quit and reopen, not just close the window). The server is spawned lazily on the first tool call in a session, not at launch, but the config is read once per Claude Code start.

Verify the connection

Open a new Claude Code session and type /mcp at the prompt. You should see the server listed with a green or connected indicator. If it shows as failed, click into it for the stderr output - the error message usually points at the problem directly (bad token, wrong path, missing Node).

Run a trivial first prompt to confirm round trips work. Good smoke tests:

• For read servers: ask for a list of whatever resource type it exposes.
• For write servers: ask for a describe on a known resource first, then try a safe write on a test resource.

If the first prompt works, the wiring is done. From here on you interact with the server purely through normal prompts in Claude Code.

Example prompts that work well

Here are prompts that tend to get good responses once the server is attached:

• List every running EC2 instance in us-east-1 and tell me the instance type and launch time for each.
• Read the S3 bucket company-logs and tell me the size and object count.
• Query CloudWatch logs for /aws/lambda/api-handler in the last hour and summarize any error lines.
• List every IAM role whose name starts with deployment and tell me which policies are attached.
• Invoke the Lambda function compute-report with the payload year 2026 and show me the response.
• Find every S3 bucket in my account that is publicly readable and list their names with the caveat that this is a security concern to fix.

Claude will chain tool calls on its own when the prompt implies several steps. For a summarize-then-write flow the model will often call read tools first, then a single write tool at the end. If a prompt keeps burning tool calls, narrow it: specify the resource ID, the time range, or the exact field you want rather than asking Claude to scan everything.

Environment variable security

Use AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_REGION, or point AWS_PROFILE at a named profile in ~/.aws/config that already has SSO or assume-role setup. SSO profiles expire - run aws sso login --profile name when Claude starts returning credential errors. For tighter scope, use IAM permission boundaries on the Claude principal.

A general rule across every MCP server: never paste secrets directly into settings.json that lives in a shared or git-tracked directory. Keep the actual secret values in your shell profile (~/.zshrc, ~/.bashrc, or a 1Password-cli helper), export them at shell start, and reference the variable names from the Claude config. That way the secret stays on your machine and the config file is safe to share with teammates.

On macOS, terminals launched from Spotlight or from the Dock both inherit the shell profile. If you launch Claude Code from a GUI shortcut that does not go through a shell, env vars may not propagate - launch from a terminal instead.

Troubleshooting

Tool calls return UnrecognizedClientException. The access key is wrong or inactive. Confirm the key is Active in the IAM console under the user's security credentials. Keys can be disabled without being deleted; reactivate or rotate.

Tool calls return AccessDenied. The IAM principal lacks the permission the operation needs. Attach a read-only AWS managed policy (like ReadOnlyAccess) to get started, then tighten permissions once you know what Claude actually uses.

SSO token expires mid-session. Run aws sso login --profile your-profile from a terminal, then ask Claude to retry. For longer-lived sessions, extend SSO token lifetime via IAM Identity Center settings.

Cross-region calls fail with region not supported. Some services (like S3 bucket list) are region-agnostic, others (like EC2) require the region in the env. Ask Claude to pass the region explicitly per call rather than relying on the default.

For any issue not listed here, the first step is /mcp inside Claude Code to see the current status and any recent stderr from the server. The second step is running the exact npx command from your terminal to see if the server starts cleanly outside Claude Code. Between those two checks, most problems become obvious within a minute.

Next steps

Once the AWS server is attached and verified, the useful next move is writing a short prompt template you keep in your notes. List the 3 or 4 prompts you run most often against this server, and paste them into Claude Code when needed. Over a few weeks you build a personal command library that gets real work done without typing much.

For team projects, commit a .mcp.json at the repo root with the same structure. Everyone on the team gets the server wired up automatically on first open, and individual secrets stay in shell profiles. That is the setup pattern that scales past a single developer.