AWS SNS SQS MCP Server

AWS SNS SQS MCP Server

The AWS SNS SQS MCP Server is a bridge that allows generative AI models to securely create, manage, and interact with Amazon SNS topics and SQS queues through the standardized Model Context Protocol (MCP). This server enables context-aware AI applications to read, write, and organize messaging resources on AWS with strict security controls by exposing SNS and SQS operations as MCP Tools.


View Protocol

What is AWS SNS SQS MCP Server?

AWS SNS SQS MCP Server is a lightweight application that exposes Amazon Simple Notification Service (SNS) and Simple Queue Service (SQS) operations as standardized MCP Tools, making it possible for large language models (LLMs) and intelligent agents to securely and programmatically manage AWS messaging resources. It ensures strict access controls via resource tagging, so the MCP Server can only modify resources it created, preventing accidental or unauthorized changes to existing infrastructure.

How to Configure

  1. Prerequisites

    • Install uv and Python (3.10)
    • Prepare your AWS account with an IAM role, following the principle of least privilege (e.g., AmazonSNSFullAccess/AmazonSQSFullAccess for full functionality, or read-only roles for limited operations).
    • Set up an AWS CLI profile for this role on your host machine.

  2. Installation

    • Use uv or Docker to install and run awslabs.amazon-sns-sqs-mcp-server on your machine.
    • Configure your MCP client (e.g., CLI or API) to include this server. Example config: 
      {
  "mcpServers": {
    "awslabs.amazon-sns-sqs-mcp-server": {
      "command": "uvx",
      "args": ["awslabs.amazon-sns-sqs-mcp-server@latest"],
      "env": {
        "AWS_PROFILE": "your-aws-profile",
        "AWS_REGION": "us-east-1"
      }
    }
  }
}
    • If using Docker, set up a .env file with AWS credentials and use it as an environment file in the Docker run command.

  3. Server Options

    • By default, resource creation is disabled. Pass --allow-resource-creation as a command line flag to enable tools that create SNS topics or SQS queues.
    • All resources created by this server are tagged, and only tagged resources can be modified or deleted by the server for your security.

How to Use

  1. Start the MCP server with your configured environment and access credentials:
    • Using uv: 
      uv run awslabs.amazon-sns-sqs-mcp-server --allow-resource-creation
    • Using Docker, make sure to supply your .env file for AWS credentials.
  2. Connect your MCP client and list available tools via the tools/list endpoint.
  3. Invoke tools like create_topic, create_queue, publish, or send_message using the tools/call endpoint and pass appropriate parameters.
  4. Manage resource security: Only resources created by the MCP server (i.e., tagged) can be updated or deleted through it.
  5. Disable creation in production: If you want to prevent accidental changes, run the server with resource creation disabled.

Key Features

  • Secure, programmatic creation and management of Amazon SNS topics and SQS queues for LLM-driven applications.
  • Resource-level access control: only resources created and tagged by this server can be modified, minimizing risk.
  • Tools can be dynamically discovered and invoked through MCP (tools/list, tools/call).
  • Flexible deployment using Python (uv) or Docker.
  • Fine-grained permissions via IAM roles, profile, and region settings.
  • Enable/disable resource creation at runtime for different environments and needs.
  • Best practices for configuration, error handling, and security built-in.

Use Cases

  • Automating the orchestration of AWS messaging resources within intelligent agent workflows or developer assistants.
  • Building LLM-powered developer tools that need to publish notifications, manage jobs, or synchronize distributed tasks across AWS.
  • Enabling conversational UIs to create, subscribe, publish, or monitor AWS topics and queues, with clear security boundaries.
  • Safely delegating message management operations to AI agents, without risking accidental changes to unrelated infrastructure.

FAQ

Q1. Why can't I modify or delete my existing SNS/SQS resources?
Only resources created by the MCP server (i.e., tagged with its version tag) can be modified or deleted by this server, ensuring it cannot accidentally interfere with pre-existing infrastructure.

Q2. How do I enable or disable creation of topics or queues?
By default, resource creation is disabled. Run the server with the --allow-resource-creation flag to permit creation tools; omit or set --disallow-resource-creation to hide these tools and prevent accidental resource creation.

Q3. What should I do if I get permission errors?
Ensure your IAM role or user has the required permissions (AmazonSNSFullAccess, AmazonSQSFullAccess, or the ReadOnly equivalents), and that your AWS profile is set correctly in the server environment.

Q4. Can I use this server in production environments safely?
Yes, it's recommended to use dedicated IAM profiles and restrict resource creation using configuration flags. Only tagged resources will be affected by the server, and you should follow AWS least privilege best practices.

Q5. What is the advantage of using MCP for SNS/SQS operations?
MCP allows secure, standardized, and interoperable access to messaging resources across different clients, LLMs, and infrastructures, allowing agent and application code portability.