UNPKG

@aashari/mcp-server-aws-sso

Version:

Node.js/TypeScript MCP server for AWS Single Sign-On (SSO). Enables AI systems (LLMs) with tools to initiate SSO login (device auth flow), list accounts/roles, and securely execute AWS CLI commands using temporary credentials. Streamlines AI interaction w

github.com/aashari/mcp-server-aws-sso

aashari/mcp-server-aws-sso

73 lines (72 loc) 2.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
import { ControllerResponse } from '../types/common.types.js'; import { LoginToolArgsType } from '../tools/aws.sso.types.js'; /** * Start the AWS SSO login process * * Initiates the device authorization flow, displays verification instructions, * and starts background polling for authentication completion. * * @async * @param {Object} [params] - Optional parameters for login * @param {boolean} [params.launchBrowser=true] - Whether to automatically launch a browser with the verification URI * @returns {Promise<ControllerResponse>} Response with login instructions and background polling started * @throws {Error} If login initialization fails * @example * // Start login with automatic browser launch and background polling * const result = await startLogin(); * * // Start login without browser launch but with background polling * const result = await startLogin({ launchBrowser: false }); */ declare function startLogin(params?: LoginToolArgsType): Promise<ControllerResponse>; /** * Get AWS credentials for a specific role * * Retrieves temporary AWS credentials for a specific account and role * that can be used for AWS API calls. Uses cached credentials if available. * * @async * @param {Object} params - Credential parameters * @param {string} params.accessToken - AWS SSO access token * @param {string} params.accountId - AWS account ID * @param {string} params.roleName - IAM role name to get credentials for * @returns {Promise<ControllerResponse>} Response with credential status and formatted output * @throws {Error} If credential retrieval fails or authentication is invalid * @example * // Get credentials for role AdminAccess in account 123456789012 * const result = await getCredentials({ * accessToken: "token-value", * accountId: "123456789012", * roleName: "AdminAccess" * }); */ declare function getCredentials(params: { accessToken: string; accountId: string; roleName: string; }): Promise<ControllerResponse>; /** * Check if user is authenticated to AWS SSO * * @returns Promise<{ isAuthenticated: boolean, errorMessage?: string }> */ declare function checkSsoAuthStatus(): Promise<{ isAuthenticated: boolean; errorMessage?: string; }>; /** * Get the current AWS SSO authentication status * * Checks if the user is currently authenticated to AWS SSO * and returns the status information * * @returns {Promise<ControllerResponse>} Response with authentication status */ declare function getAuthStatus(): Promise<ControllerResponse>; declare const _default: { startLogin: typeof startLogin; getCredentials: typeof getCredentials; checkSsoAuthStatus: typeof checkSsoAuthStatus; getAuthStatus: typeof getAuthStatus; }; export default _default;