How to add AWS API MCP Server to Windsurf
Official AWS Labs server that lets agents call any AWS API via the AWS CLI surface. Paste the config into ~/.codeium/windsurf/mcp_config.json and restart Windsurf.
Last updated June 15, 2026 · 9.3k★ · stdio · apikey · official
Windsurf config for AWS API MCP Server
uvx awslabs.aws-api-mcp-server@latest{
"mcpServers": {
"aws-api-mcp-server": {
"command": "uvx",
"args": [
"awslabs.aws-api-mcp-server@latest"
],
"env": {
"AWS_REGION": "us-east-1",
"AWS_PROFILE": "<your-aws-profile>"
}
}
}
}Requires `uv` (the Python package runner). Install it from https://docs.astral.sh/uv/ if `uvx` is not found.
Setup steps
- 1Open Windsurf → Cascade → the hammer/MCP icon → Configure (or edit ~/.codeium/windsurf/mcp_config.json).
- 2Paste the AWS API MCP Server config below.
- 3Fill in placeholder secrets, then save.
- 4Click Refresh in the MCP panel.
- 5AWS API MCP Server's tools become available to Cascade.
Before you start
- Python 3.10 or newer (the uv/uvx toolchain is recommended for running it)
- The AWS CLI behavior is provided by the package itself; no separate CLI install is strictly required, but a working AWS account is
- AWS credentials configured via an AWS profile (set AWS_API_MCP_PROFILE_NAME) or standard AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY / AWS_SESSION_TOKEN environment variables; the IAM principal's permissions determine what the agent can do
- Optionally Docker, if you run the published ECR image instead of uvx/pip
What AWS API MCP Server can do in Windsurf
call_awsExecute a validated AWS CLI command and return the result.
suggest_aws_commandsSuggest appropriate AWS CLI commands from a natural-language description.
get_execution_planExperimental: produce step-by-step agent-script guidance for complex multi-step AWS tasks (requires EXPERIMENTAL_AGENT_SCRIPTS=true).
Security
Executes real AWS API calls with your local credentials, so it can create, modify, or delete billable infrastructure; scope the IAM profile tightly and prefer read-only roles when exploring. Set AWS_REGION explicitly to avoid acting in an unintended region.
AWS API MCP Server + Windsurf FAQ
Where is the Windsurf config file?
Windsurf reads MCP servers from ~/.codeium/windsurf/mcp_config.json. Paste the AWS API MCP Server config there under the "mcpServers" key and restart the client.
Is AWS API MCP Server safe to use with Windsurf?
Executes real AWS API calls with your local credentials, so it can create, modify, or delete billable infrastructure; scope the IAM profile tightly and prefer read-only roles when exploring. Set AWS_REGION explicitly to avoid acting in an unintended region.
How do I authenticate it?
Provide AWS credentials the same way the AWS CLI does — either a named profile via AWS_API_MCP_PROFILE_NAME, or AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY (plus AWS_SESSION_TOKEN for temporary creds). If none are set explicitly it falls back to the standard boto3 credential chain.
Can I prevent it from changing my infrastructure?
Yes. Set READ_OPERATIONS_ONLY=true to restrict it to read-only calls, and/or use REQUIRE_MUTATION_CONSENT to gate write operations. The strongest control, though, is scoping the IAM permissions of the credentials you give it.
Which AWS services does it support?
Effectively all of them. Because it drives the AWS CLI surface rather than hardcoding services, coverage matches whatever your AWS CLI/botocore version supports.