AWS MCP Policy

GET STARTED

Download this policy scaffold and add your rules. Intercept enforces them on every tool call before it reaches AWS.

terminal

# Download policy scaffold


curl -o aws.yaml https://raw.githubusercontent.com/policylayer/intercept/main/policies/aws.yaml

# Run with Intercept


intercept --policy aws.yaml -- npx -y @awslabs/mcp

Server documentation: https://github.com/awslabs/mcp

READ TOOLS

25

describe_log_groups List metadata about log groups

get_active_alarms Identify currently active alarms

get_alarm_history Retrieve historical state changes for alarms

get_bestpractices Get guidance on AWS development and deployment

get_cdk_best_practices Retrieve AWS CDK best practices

get_cloudwatch_logs Access CloudWatch logs for EKS

get_cloudwatch_metrics Retrieve CloudWatch metrics for EKS

get_eks_vpc_config Retrieve VPC configuration

get_k8s_events List Kubernetes events

get_logs_insight_query_results Retrieve query execution results

get_pod_logs Retrieve pod logs

get_regional_availability Check regional availability for services and features

get_resource Retrieve specific resource details

get_schema Return CloudFormation schema for resources

list_api_versions List available Kubernetes API versions

list_k8s_resources List Kubernetes resources by kind

list_knowledge_bases List available Bedrock knowledge bases

list_regions List all AWS regions with identifiers

list_resources Enumerate resources of specified types

query_sql Execute read-only SQL queries against S3 Tables

read_documentation Retrieve AWS docs converted to markdown

retrieve_agent_sop Search and retrieve AWS operational procedures

search_cdk_documentation Access CDK docs and constructs

search_cfn_documentation Query CloudFormation docs and patterns

search_documentation Search across AWS documentation and API references

WRITE TOOLS

3

create_resource Create AWS resources declaratively

create_table_from_csv Convert CSV files to S3 Tables

update_resource Update existing resources

DESTRUCTIVE TOOLS

2

delete_resource Delete AWS resources

tf_destroy Destroy infrastructure

EXECUTE TOOLS

3

call_aws Execute authenticated AWS API calls

execute_log_insights_query Run CloudWatch Logs Insights queries

invoke_lambda Execute Lambda functions as MCP tools

OTHER TOOLS

22

analyze_log_group Detect anomalies, patterns, and errors in logs

analyze_metric Analyze CloudWatch metric trends and statistical properties

analyze_stack_failures Diagnose failed CloudFormation stacks

azureterraformbestpractices Get Terraform best practices for Azure resources

bedrock_kb_retrieve Query knowledge bases for relevant information

cancel_logs_insight_query Cancel in-progress queries

check_cdk_nag_suppressions Validate CDK Nag suppressions

dynamodb_data_model_validation Validate models against actual DynamoDB

dynamodb_data_modeling Interactive data modeling with design patterns

explain_cdk_nag_rule Explain specific CDK Nag security rules

manage_eks_stacks Manage EKS CloudFormation stacks

manage_k8s_resource Read/create/update/delete Kubernetes resources

source_db_analyzer Extract schema from existing databases

suggest_aws_commands Get AWS CLI command descriptions and syntax help

tf_apply Apply Terraform changes

tf_init Initialize Terraform working directory

tf_output Retrieve output values

tf_plan Generate Terraform execution plan

tf_state_list List resources in state

tf_validate Validate Terraform configuration

validate_cfn_security Check compliance via cfn-guard

validate_cfn_template Validate CloudFormation syntax and schema

POLICY YAML

This scaffold lists every tool with empty rules. Add conditions — rate limits, argument validation, deny rules — then deploy with Intercept.

aws.yaml

version: "1"
description: "Policy for awslabs/mcp"
default: "allow"
tools:
    describe_log_groups:
        rules: []
    get_active_alarms:
        rules: []
    get_alarm_history:
        rules: []
    get_bestpractices:
        rules: []
    get_cdk_best_practices:
        rules: []
    get_cloudwatch_logs:
        rules: []
    get_cloudwatch_metrics:
        rules: []
    get_eks_vpc_config:
        rules: []
    get_k8s_events:
        rules: []
    get_logs_insight_query_results:
        rules: []
    get_pod_logs:
        rules: []
    get_regional_availability:
        rules: []
    get_resource:
        rules: []
    get_schema:
        rules: []
    list_api_versions:
        rules: []
    list_k8s_resources:
        rules: []
    list_knowledge_bases:
        rules: []
    list_regions:
        rules: []
    list_resources:
        rules: []
    query_sql:
        rules: []
    read_documentation:
        rules: []
    retrieve_agent_sop:
        rules: []
    search_cdk_documentation:
        rules: []
    search_cfn_documentation:
        rules: []
    search_documentation:
        rules: []
    create_resource:
        rules: []
    create_table_from_csv:
        rules: []
    update_resource:
        rules: []
    call_aws:
        rules: []
    execute_log_insights_query:
        rules: []
    invoke_lambda:
        rules: []
    delete_resource:
        rules: []
    tf_destroy:
        rules: []
    analyze_log_group:
        rules: []
    analyze_metric:
        rules: []
    analyze_stack_failures:
        rules: []
    azureterraformbestpractices:
        rules: []
    bedrock_kb_retrieve:
        rules: []
    cancel_logs_insight_query:
        rules: []
    check_cdk_nag_suppressions:
        rules: []
    dynamodb_data_model_validation:
        rules: []
    dynamodb_data_modeling:
        rules: []
    explain_cdk_nag_rule:
        rules: []
    manage_eks_stacks:
        rules: []
    manage_k8s_resource:
        rules: []
    source_db_analyzer:
        rules: []
    suggest_aws_commands:
        rules: []
    tf_apply:
        rules: []
    tf_init:
        rules: []
    tf_output:
        rules: []
    tf_plan:
        rules: []
    tf_state_list:
        rules: []
    tf_validate:
        rules: []
    validate_cfn_security:
        rules: []
    validate_cfn_template:
        rules: []

RELATED POLICIES

FREQUENTLY ASKED QUESTIONS

What tools does the AWS MCP server expose?

The AWS MCP Servers exposes 55 tools across 5 categories: Read, Write, Execute, Destructive, Other. Each tool can be individually controlled with Intercept policies.

How do I enforce policies on AWS?

Download the policy scaffold, add rules (rate limits, argument validation, deny rules), then run Intercept as a proxy in front of the AWS MCP server. Every tool call is evaluated against your YAML policy before execution.

Is the AWS policy free to use?

Yes. All Intercept policies are open source under the Apache 2.0 licence. Download, modify, and deploy without restrictions.

ENFORCE POLICIES ON AWS

Open source. One binary. Zero dependencies.

VIEW ON GITHUB Browse all policies →