feat: added mcp admin level configuration with GetProfile (#2639)

* first pass

* add notification when /mcp & /tools

* clear all tool related filed in agent

* store mcp_enabled in chatsession & conversationstate

* delete duplicate api call

* set mcp_enabled value after load

* remove clear mcp configs method

* clippy

* remain@builtin/ and *, add a ut for clear mcp config

Author: evanliu048

crates/chat-cli/src/api_client/error.rs

@@ -1,5 +1,6 @@
 use amzn_codewhisperer_client::operation::create_subscription_token::CreateSubscriptionTokenError;
 use amzn_codewhisperer_client::operation::generate_completions::GenerateCompletionsError;
+use amzn_codewhisperer_client::operation::get_profile::GetProfileError;
 use amzn_codewhisperer_client::operation::list_available_customizations::ListAvailableCustomizationsError;
 use amzn_codewhisperer_client::operation::list_available_models::ListAvailableModelsError;
 use amzn_codewhisperer_client::operation::list_available_profiles::ListAvailableProfilesError;
@@ -100,6 +101,9 @@ pub enum ApiClientError {
 
     #[error("No default model found in the ListAvailableModels API response")]
     DefaultModelNotFound,
+
+    #[error(transparent)]
+    GetProfileError(#[from] SdkError<GetProfileError, HttpResponse>),
 }
 
 impl ApiClientError {
@@ -125,6 +129,7 @@ impl ApiClientError {
             Self::Credentials(_e) => None,
             Self::ListAvailableModelsError(e) => sdk_status_code(e),
             Self::DefaultModelNotFound => None,
+            Self::GetProfileError(e) => sdk_status_code(e),
         }
     }
 }
@@ -152,6 +157,7 @@ impl ReasonCode for ApiClientError {
             Self::Credentials(_) => "CredentialsError".to_string(),
             Self::ListAvailableModelsError(e) => sdk_error_code(e),
             Self::DefaultModelNotFound => "DefaultModelNotFound".to_string(),
+            Self::GetProfileError(e) => sdk_error_code(e),
         }
     }
 }
@@ -199,6 +205,10 @@ mod tests {
                 ListAvailableCustomizationsError::unhandled("<unhandled>"),
                 response(),
             )),
+            ApiClientError::GetProfileError(SdkError::service_error(
+                GetProfileError::unhandled("<unhandled>"),
+                response(),
+            )),
             ApiClientError::ListAvailableModelsError(SdkError::service_error(
                 ListAvailableModelsError::unhandled("<unhandled>"),
                 response(),

crates/chat-cli/src/api_client/mod.rs

@@ -16,6 +16,7 @@ use amzn_codewhisperer_client::operation::create_subscription_token::CreateSubsc
 use amzn_codewhisperer_client::types::Origin::Cli;
 use amzn_codewhisperer_client::types::{
     Model,
+    OptInFeatureToggle,
     OptOutPreference,
     SubscriptionStatus,
     TelemetryEvent,
@@ -334,6 +335,21 @@ impl ApiClient {
         Ok(res)
     }
 
+    pub async fn is_mcp_enabled(&self) -> Result<bool, ApiClientError> {
+        let request = self
+            .client
+            .get_profile()
+            .set_profile_arn(self.profile.as_ref().map(|p| p.arn.clone()));
+
+        let response = request.send().await?;
+        let mcp_enabled = response
+            .profile()
+            .opt_in_features()
+            .and_then(|features| features.mcp_configuration())
+            .is_none_or(|config| matches!(config.toggle(), OptInFeatureToggle::On));
+        Ok(mcp_enabled)
+    }
+
     pub async fn create_subscription_token(&self) -> Result<CreateSubscriptionTokenOutput, ApiClientError> {
         if cfg!(test) {
             return Ok(CreateSubscriptionTokenOutput::builder()

crates/chat-cli/src/cli/agent/mod.rs

@@ -286,23 +286,52 @@ impl Agent {
         os: &Os,
         agent_path: impl AsRef<Path>,
         legacy_mcp_config: &mut Option<McpServerConfig>,
+        mcp_enabled: bool,
     ) -> Result<Agent, AgentConfigError> {
         let content = os.fs.read(&agent_path).await?;
         let mut agent = serde_json::from_slice::<Agent>(&content).map_err(|e| AgentConfigError::InvalidJson {
             error: e,
             path: agent_path.as_ref().to_path_buf(),
         })?;
 
-        if agent.use_legacy_mcp_json && legacy_mcp_config.is_none() {
-            let config = load_legacy_mcp_config(os).await.unwrap_or_default();
-            if let Some(config) = config {
-                legacy_mcp_config.replace(config);
+        if mcp_enabled {
+            if agent.use_legacy_mcp_json && legacy_mcp_config.is_none() {
+                let config = load_legacy_mcp_config(os).await.unwrap_or_default();
+                if let Some(config) = config {
+                    legacy_mcp_config.replace(config);
+                }
             }
+            agent.thaw(agent_path.as_ref(), legacy_mcp_config.as_ref())?;
+        } else {
+            agent.clear_mcp_configs();
+            // Thaw the agent with empty MCP config to finalize normalization.
+            agent.thaw(agent_path.as_ref(), None)?;
         }
-
-        agent.thaw(agent_path.as_ref(), legacy_mcp_config.as_ref())?;
         Ok(agent)
     }
+
+    /// Clear all MCP configurations while preserving built-in tools
+    pub fn clear_mcp_configs(&mut self) {
+        self.mcp_servers = McpServerConfig::default();
+        self.use_legacy_mcp_json = false;
+
+        // Transform tools: "*" → "@builtin", remove MCP refs
+        self.tools = self
+            .tools
+            .iter()
+            .filter_map(|tool| match tool.as_str() {
+                "*" => Some("@builtin".to_string()),
+                t if !is_mcp_tool_ref(t) => Some(t.to_string()),
+                _ => None,
+            })
+            .collect();
+
+        // Remove MCP references from other fields
+        self.allowed_tools.retain(|tool| !is_mcp_tool_ref(tool));
+        self.tool_aliases.retain(|orig, _| !is_mcp_tool_ref(&orig.to_string()));
+        self.tools_settings
+            .retain(|target, _| !is_mcp_tool_ref(&target.to_string()));
+    }
 }
 
 /// Result of evaluating tool permissions, indicating whether a tool should be allowed,
@@ -382,7 +411,19 @@ impl Agents {
         agent_name: Option<&str>,
         skip_migration: bool,
         output: &mut impl Write,
+        mcp_enabled: bool,
     ) -> (Self, AgentsLoadMetadata) {
+        if !mcp_enabled {
+            let _ = execute!(
+                output,
+                style::SetForegroundColor(Color::Yellow),
+                style::Print("\n"),
+                style::Print("⚠️  WARNING: "),
+                style::SetForegroundColor(Color::Reset),
+                style::Print("MCP functionality has been disabled by your administrator.\n\n"),
+            );
+        }
+
         // Tracking metadata about the performed load operation.
         let mut load_metadata = AgentsLoadMetadata::default();
 
@@ -429,7 +470,7 @@ impl Agents {
             };
 
             let mut agents = Vec::<Agent>::new();
-            let results = load_agents_from_entries(files, os, &mut global_mcp_config).await;
+            let results = load_agents_from_entries(files, os, &mut global_mcp_config, mcp_enabled).await;
             for result in results {
                 match result {
                     Ok(agent) => agents.push(agent),
@@ -467,7 +508,7 @@ impl Agents {
             };
 
             let mut agents = Vec::<Agent>::new();
-            let results = load_agents_from_entries(files, os, &mut global_mcp_config).await;
+            let results = load_agents_from_entries(files, os, &mut global_mcp_config, mcp_enabled).await;
             for result in results {
                 match result {
                     Ok(agent) => agents.push(agent),
@@ -607,27 +648,30 @@ impl Agents {
 
             all_agents.push({
                 let mut agent = Agent::default();
-                'load_legacy_mcp_json: {
-                    if global_mcp_config.is_none() {
-                        let Ok(global_mcp_path) = directories::chat_legacy_global_mcp_config(os) else {
-                            tracing::error!("Error obtaining legacy mcp json path. Skipping");
-                            break 'load_legacy_mcp_json;
-                        };
-                        let legacy_mcp_config = match McpServerConfig::load_from_file(os, global_mcp_path).await {
-                            Ok(config) => config,
-                            Err(e) => {
-                                tracing::error!("Error loading global mcp json path: {e}. Skipping");
+                if mcp_enabled {
+                    'load_legacy_mcp_json: {
+                        if global_mcp_config.is_none() {
+                            let Ok(global_mcp_path) = directories::chat_legacy_global_mcp_config(os) else {
+                                tracing::error!("Error obtaining legacy mcp json path. Skipping");
                                 break 'load_legacy_mcp_json;
-                            },
-                        };
-                        global_mcp_config.replace(legacy_mcp_config);
+                            };
+                            let legacy_mcp_config = match McpServerConfig::load_from_file(os, global_mcp_path).await {
+                                Ok(config) => config,
+                                Err(e) => {
+                                    tracing::error!("Error loading global mcp json path: {e}. Skipping");
+                                    break 'load_legacy_mcp_json;
+                                },
+                            };
+                            global_mcp_config.replace(legacy_mcp_config);
+                        }
                     }
-                }
 
-                if let Some(config) = &global_mcp_config {
-                    agent.mcp_servers = config.clone();
+                    if let Some(config) = &global_mcp_config {
+                        agent.mcp_servers = config.clone();
+                    }
+                } else {
+                    agent.mcp_servers = McpServerConfig::default();
                 }
-
                 agent
             });
 
@@ -763,6 +807,7 @@ async fn load_agents_from_entries(
     mut files: ReadDir,
     os: &Os,
     global_mcp_config: &mut Option<McpServerConfig>,
+    mcp_enabled: bool,
 ) -> Vec<Result<Agent, AgentConfigError>> {
     let mut res = Vec::<Result<Agent, AgentConfigError>>::new();
 
@@ -773,7 +818,7 @@ async fn load_agents_from_entries(
             .and_then(OsStr::to_str)
             .is_some_and(|s| s == "json")
         {
-            res.push(Agent::load(os, file_path, global_mcp_config).await);
+            res.push(Agent::load(os, file_path, global_mcp_config, mcp_enabled).await);
         }
     }
 
@@ -820,6 +865,13 @@ fn default_schema() -> String {
     "https://raw.githubusercontent.com/aws/amazon-q-developer-cli/refs/heads/main/schemas/agent-v1.json".into()
 }
 
+// Check if a tool reference is MCP-specific (not @builtin and starts with @)
+pub fn is_mcp_tool_ref(s: &str) -> bool {
+    // @builtin is not MCP, it's a reference to all built-in tools
+    // Any other @ prefix is MCP (e.g., "@git", "@git/git_status")
+    !s.starts_with("@builtin") && s.starts_with('@')
+}
+
 #[cfg(test)]
 fn validate_agent_name(name: &str) -> eyre::Result<()> {
     // Check if name is empty
@@ -840,8 +892,9 @@ fn validate_agent_name(name: &str) -> eyre::Result<()> {
 
 #[cfg(test)]
 mod tests {
-    use super::*;
+    use serde_json::json;
 
+    use super::*;
     const INPUT: &str = r#"
             {
               "name": "some_agent",
@@ -956,6 +1009,69 @@ mod tests {
         assert!(validate_agent_name("invalid space").is_err());
     }
 
+    #[test]
+    fn test_clear_mcp_configs_with_builtin_variants() {
+        let mut agent: Agent = serde_json::from_value(json!({
+            "name": "test",
+            "tools": [
+                "@builtin",
+                "@builtin/fs_read",
+                "@builtin/execute_bash",
+                "@git",
+                "@git/status",
+                "fs_write"
+            ],
+            "allowedTools": [
+                "@builtin/fs_read",
+                "@git/status",
+                "fs_write"
+            ],
+            "toolAliases": {
+                "@builtin/fs_read": "read",
+                "@git/status": "git_st"
+            },
+            "toolsSettings": {
+                "@builtin/fs_write": { "allowedPaths": ["~/**"] },
+                "@git/commit": { "sign": true }
+            }
+        }))
+        .unwrap();
+
+        agent.clear_mcp_configs();
+
+        // All @builtin variants should be preserved while MCP tools should be removed
+        assert!(agent.tools.contains(&"@builtin".to_string()));
+        assert!(agent.tools.contains(&"@builtin/fs_read".to_string()));
+        assert!(agent.tools.contains(&"@builtin/execute_bash".to_string()));
+        assert!(agent.tools.contains(&"fs_write".to_string()));
+        assert!(!agent.tools.contains(&"@git".to_string()));
+        assert!(!agent.tools.contains(&"@git/status".to_string()));
+
+        assert!(agent.allowed_tools.contains("@builtin/fs_read"));
+        assert!(agent.allowed_tools.contains("fs_write"));
+        assert!(!agent.allowed_tools.contains("@git/status"));
+
+        // Check tool aliases - need to iterate since we can't construct OriginalToolName directly
+        let has_builtin_alias = agent
+            .tool_aliases
+            .iter()
+            .any(|(k, v)| k.to_string() == "@builtin/fs_read" && v == "read");
+        assert!(has_builtin_alias, "@builtin/fs_read alias should be preserved");
+
+        let has_git_alias = agent.tool_aliases.iter().any(|(k, _)| k.to_string() == "@git/status");
+        assert!(!has_git_alias, "@git/status alias should be removed");
+
+        // Check tool settings - need to iterate since we can't construct ToolSettingTarget directly
+        let has_builtin_setting = agent
+            .tools_settings
+            .iter()
+            .any(|(k, _)| k.to_string() == "@builtin/fs_write");
+        assert!(has_builtin_setting, "@builtin/fs_write settings should be preserved");
+
+        let has_git_setting = agent.tools_settings.iter().any(|(k, _)| k.to_string() == "@git/commit");
+        assert!(!has_git_setting, "@git/commit settings should be removed");
+    }
+
     #[test]
     fn test_display_label_no_active_agent() {
         let agents = Agents::default();

crates/chat-cli/src/cli/agent/root_command_args.rs

@@ -74,9 +74,16 @@ pub struct AgentArgs {
 impl AgentArgs {
     pub async fn execute(self, os: &mut Os) -> Result<ExitCode> {
         let mut stderr = std::io::stderr();
+        let mcp_enabled = match os.client.is_mcp_enabled().await {
+            Ok(enabled) => enabled,
+            Err(err) => {
+                tracing::warn!(?err, "Failed to check MCP configuration, defaulting to enabled");
+                true
+            },
+        };
         match self.cmd {
             Some(AgentSubcommands::List) | None => {
-                let agents = Agents::load(os, None, true, &mut stderr).await.0;
+                let agents = Agents::load(os, None, true, &mut stderr, mcp_enabled).await.0;
                 let agent_with_path =
                     agents
                         .agents
@@ -101,7 +108,7 @@ impl AgentArgs {
                 writeln!(stderr, "{}", output_str)?;
             },
             Some(AgentSubcommands::Create { name, directory, from }) => {
-                let mut agents = Agents::load(os, None, true, &mut stderr).await.0;
+                let mut agents = Agents::load(os, None, true, &mut stderr, mcp_enabled).await.0;
                 let path_with_file_name = create_agent(os, &mut agents, name.clone(), directory, from).await?;
                 let editor_cmd = std::env::var("EDITOR").unwrap_or_else(|_| "vi".to_string());
                 let mut cmd = std::process::Command::new(editor_cmd);
@@ -133,7 +140,7 @@ impl AgentArgs {
             },
             Some(AgentSubcommands::Validate { path }) => {
                 let mut global_mcp_config = None::<McpServerConfig>;
-                let agent = Agent::load(os, path.as_str(), &mut global_mcp_config).await;
+                let agent = Agent::load(os, path.as_str(), &mut global_mcp_config, mcp_enabled).await;
 
                 'validate: {
                     match agent {
@@ -251,7 +258,7 @@ impl AgentArgs {
                 }
             },
             Some(AgentSubcommands::SetDefault { name }) => {
-                let mut agents = Agents::load(os, None, true, &mut stderr).await.0;
+                let mut agents = Agents::load(os, None, true, &mut stderr, mcp_enabled).await.0;
                 match agents.switch(&name) {
                     Ok(agent) => {
                         os.database