UNPKG

@aashari/mcp-server-aws-sso

Version:

Node.js/TypeScript MCP server for AWS Single Sign-On (SSO). Enables AI systems (LLMs) with tools to initiate SSO login (device auth flow), list accounts/roles, and securely execute AWS CLI commands using temporary credentials. Streamlines AI interaction w

github.com/aashari/mcp-server-aws-sso

aashari/mcp-server-aws-sso

66 lines (65 loc) 2.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import { ControllerResponse } from '../types/common.types.js'; /** * Start the AWS SSO login process and automatically poll for the token * * Initiates the device authorization flow, displays verification instructions, * and optionally waits for authentication completion. * * @async * @param {Object} [params] - Optional parameters for login * @param {boolean} [params.autoPoll=true] - Whether to automatically poll for token completion * @param {boolean} [params.launchBrowser=true] - Whether to automatically launch a browser with the verification URI * @returns {Promise<ControllerResponse>} Response with login result, including accounts if successful * @throws {Error} If login initialization fails or polling times out * @example * // Start login with automatic polling and browser launch * const result = await startLogin(); * * // Start login without automatic polling or browser launch * const result = await startLogin({ autoPoll: false, launchBrowser: false }); */ declare function startLogin(params?: { autoPoll?: boolean; launchBrowser?: boolean; }): Promise<ControllerResponse>; /** * Get AWS credentials for a specific role * * Retrieves temporary AWS credentials for a specific account and role * that can be used for AWS API calls. Uses cached credentials if available. * * @async * @param {Object} params - Credential parameters * @param {string} params.accessToken - AWS SSO access token * @param {string} params.accountId - AWS account ID * @param {string} params.roleName - IAM role name to get credentials for * @returns {Promise<ControllerResponse>} Response with credential status and formatted output * @throws {Error} If credential retrieval fails or authentication is invalid * @example * // Get credentials for role AdminAccess in account 123456789012 * const result = await getCredentials({ * accessToken: "token-value", * accountId: "123456789012", * roleName: "AdminAccess" * }); */ declare function getCredentials(params: { accessToken: string; accountId: string; roleName: string; }): Promise<ControllerResponse>; /** * Check if user is authenticated to AWS SSO * * @returns Promise<{ isAuthenticated: boolean, errorMessage?: string }> */ declare function checkSsoAuthStatus(): Promise<{ isAuthenticated: boolean; errorMessage?: string; }>; declare const _default: { startLogin: typeof startLogin; getCredentials: typeof getCredentials; checkSsoAuthStatus: typeof checkSsoAuthStatus; }; export default _default;