From 1755d5d913f1954a6f7d462de818854c501fe356 Mon Sep 17 00:00:00 2001 From: Jonathan Tung Date: Tue, 2 Dec 2025 23:04:13 +0000 Subject: [PATCH 1/4] Add MCP registry metadata to EKS MCP --- src/eks-mcp-server/README.md | 56 +++++++++++++++++++++++++++++++ src/eks-mcp-server/server.json | 60 ++++++++++++++++++++++++++++++++++ 2 files changed, 116 insertions(+) create mode 100644 src/eks-mcp-server/server.json diff --git a/src/eks-mcp-server/README.md b/src/eks-mcp-server/README.md index eabab6e7af..589e607f74 100644 --- a/src/eks-mcp-server/README.md +++ b/src/eks-mcp-server/README.md @@ -4,6 +4,10 @@ The Amazon EKS MCP server provides AI code assistants with resource management t Integrating the EKS MCP server into AI code assistants enhances development workflow across all phases, from simplifying initial cluster setup with automated prerequisite creation and application of best practices. Further, it streamlines application deployment with high-level workflows and automated code generation. Finally, it accelerates troubleshooting through intelligent debugging tools and knowledge base access. All of this simplifies complex operations through natural language interactions in AI code assistants. +**AWS now offers a fully managed, hosted version of the EKS MCP Server** that eliminates local installation and maintenance. The hosted service provides automatic updates, centralized IAM-based security, and comprehensive audit logging through AWS CloudTrail. See [Option 1 (Recommended)](#option-1-recommended-hosted-mcp-server) below for setup instructions. + +> **Note**: The hosted Amazon EKS MCP Server is in preview and subject to change. + ## Key features * Enables users of AI code assistants to create new EKS clusters, complete with prerequisites such as dedicated VPCs, networking, and EKS Auto Mode node pools, by translating requests into the appropriate AWS CloudFormation actions. @@ -21,6 +25,58 @@ Integrating the EKS MCP server into AI code assistants enhances development work ## Setup +### Option 1 (Recommended): Hosted MCP Server + +Use the AWS-managed EKS MCP Server for simplified setup and automatic updates. The hosted service eliminates local installation requirements and provides enterprise-grade security through AWS IAM integration. + +#### Prerequisites + +- [Python 3.10+](https://www.python.org/downloads/release/python-3100/) and [uv package manager](https://docs.astral.sh/uv/getting-started/installation/) +- [AWS CLI configured](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html) with valid credentials +- IAM permissions for EKS MCP (see below) + +#### Configuration + +The hosted EKS MCP Server uses the [MCP Proxy for AWS](https://github.com/aws/mcp-proxy-for-aws) to provide secure, authenticated access. Add the following to your MCP client configuration file: + +**For Mac/Linux:** +```json +{ + "mcpServers": { + "eks-mcp": { + "disabled": false, + "type": "stdio", + "command": "uvx", + "args": [ + "mcp-proxy-for-aws@latest", + "https://eks-mcp.us-east-1.api.aws/mcp", + "--service", + "eks-mcp", + "--profile", + "default", + "--region", + "us-east-1" + ] + } + } +} +``` + +Replace `us-east-1` with your desired AWS region and `default` with your AWS CLI profile name. Add `--read-only` flag to restrict to read-only operations. + +#### IAM Permissions + +Your IAM role or user must have the following managed policies attached: + +- **For read-only operations**: `AmazonEKSMCPReadOnlyAccess` +- **For write operations**: Create a custom policy following the [write policy guide](https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html#_step_2_optional_create_a_write_policy) + +For complete setup instructions and additional configuration options, see the [Amazon EKS MCP Server documentation](https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html). + +### Option 2: Local MCP Server (Legacy) + +> **Note**: This is the legacy local installation method that will no longer receive updates. We recommend using [Option 1 (Hosted MCP Server)](#option-1-recommended-hosted-mcp-server) instead. + Add these IAM policies to the IAM role or user that you use to manage your EKS cluster resources. ### Read-Only Operations Policy diff --git a/src/eks-mcp-server/server.json b/src/eks-mcp-server/server.json new file mode 100644 index 0000000000..79a7fe17b5 --- /dev/null +++ b/src/eks-mcp-server/server.json @@ -0,0 +1,60 @@ +{ + "$schema": "https://static.modelcontextprotocol.io/schemas/2025-10-17/server.schema.json", + "name": "io.github.awslabs/eks-mcp-server", + "title": "Amazon EKS MCP Server", + "description": "AI-powered Amazon EKS cluster management and troubleshooting", + "version": "1.0.0", + "repository": { + "url": "https://github.com/awslabs/mcp", + "source": "github", + "subfolder": "src/eks-mcp-server" + }, + "websiteUrl": "https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html", + "packages": [ + { + "registryType": "pypi", + "registryBaseUrl": "https://pypi.org", + "identifier": "mcp-proxy-for-aws", + "version": "1.1.1", + "runtimeHint": "uvx", + "transport": { + "type": "stdio" + }, + "packageArguments": [ + { + "type": "positional", + "value": "https://eks-mcp.{region}.api.aws/mcp", + "variables": { + "region": { + "description": "AWS region for EKS MCP service", + "default": "us-east-1", + "isRequired": true + } + } + }, + { + "type": "named", + "name": "--service", + "value": "eks-mcp" + }, + { + "type": "named", + "name": "--profile", + "description": "AWS CLI profile to use for credentials", + "default": "default" + }, + { + "type": "named", + "name": "--region", + "value": "{region}", + "variables": { + "region": { + "description": "AWS region", + "default": "us-east-1" + } + } + } + ] + } + ] +} From 091396bbd0395cf3194418aab427ba0a7d3d87cf Mon Sep 17 00:00:00 2001 From: Jonathan Tung Date: Tue, 2 Dec 2025 23:26:38 +0000 Subject: [PATCH 2/4] feat(eks-mcp-server): add hosted MCP server documentation and registry metadata --- src/eks-mcp-server/server.json | 112 ++++++++++++++++----------------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/src/eks-mcp-server/server.json b/src/eks-mcp-server/server.json index 79a7fe17b5..0f0d189e5d 100644 --- a/src/eks-mcp-server/server.json +++ b/src/eks-mcp-server/server.json @@ -1,60 +1,60 @@ { - "$schema": "https://static.modelcontextprotocol.io/schemas/2025-10-17/server.schema.json", - "name": "io.github.awslabs/eks-mcp-server", - "title": "Amazon EKS MCP Server", - "description": "AI-powered Amazon EKS cluster management and troubleshooting", - "version": "1.0.0", - "repository": { - "url": "https://github.com/awslabs/mcp", - "source": "github", - "subfolder": "src/eks-mcp-server" - }, - "websiteUrl": "https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html", - "packages": [ - { - "registryType": "pypi", - "registryBaseUrl": "https://pypi.org", - "identifier": "mcp-proxy-for-aws", - "version": "1.1.1", - "runtimeHint": "uvx", - "transport": { - "type": "stdio" - }, - "packageArguments": [ + "$schema": "https://static.modelcontextprotocol.io/schemas/2025-10-17/server.schema.json", + "description": "AI-powered Amazon EKS cluster management and troubleshooting", + "name": "io.github.awslabs/eks-mcp-server", + "packages": [ { - "type": "positional", - "value": "https://eks-mcp.{region}.api.aws/mcp", - "variables": { - "region": { - "description": "AWS region for EKS MCP service", - "default": "us-east-1", - "isRequired": true - } - } - }, - { - "type": "named", - "name": "--service", - "value": "eks-mcp" - }, - { - "type": "named", - "name": "--profile", - "description": "AWS CLI profile to use for credentials", - "default": "default" - }, - { - "type": "named", - "name": "--region", - "value": "{region}", - "variables": { - "region": { - "description": "AWS region", - "default": "us-east-1" - } - } + "identifier": "mcp-proxy-for-aws", + "packageArguments": [ + { + "type": "positional", + "value": "https://eks-mcp.{region}.api.aws/mcp", + "variables": { + "region": { + "default": "us-east-1", + "description": "AWS region for EKS MCP service", + "isRequired": true + } + } + }, + { + "name": "--service", + "type": "named", + "value": "eks-mcp" + }, + { + "default": "default", + "description": "AWS CLI profile to use for credentials", + "name": "--profile", + "type": "named" + }, + { + "name": "--region", + "type": "named", + "value": "{region}", + "variables": { + "region": { + "default": "us-east-1", + "description": "AWS region" + } + } + } + ], + "registryBaseUrl": "https://pypi.org", + "registryType": "pypi", + "runtimeHint": "uvx", + "transport": { + "type": "stdio" + }, + "version": "1.1.1" } - ] - } - ] + ], + "repository": { + "source": "github", + "subfolder": "src/eks-mcp-server", + "url": "https://github.com/awslabs/mcp" + }, + "title": "Amazon EKS MCP Server", + "version": "1.0.0", + "websiteUrl": "https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html" } From 7584b5461d0fcb48d31f4530124973d60f0d149d Mon Sep 17 00:00:00 2001 From: Jonathan Tung Date: Wed, 3 Dec 2025 16:23:57 +0000 Subject: [PATCH 3/4] Add optional deps to package name script --- scripts/verify_package_name.py | 18 +++-- src/eks-mcp-server/pyproject.toml | 3 + src/eks-mcp-server/server.json | 112 +++++++++++++++--------------- 3 files changed, 72 insertions(+), 61 deletions(-) diff --git a/scripts/verify_package_name.py b/scripts/verify_package_name.py index 79c1c29bc7..f20a663e44 100755 --- a/scripts/verify_package_name.py +++ b/scripts/verify_package_name.py @@ -59,17 +59,24 @@ def extract_package_name(pyproject_path: Path) -> str: def extract_dependencies(pyproject_path: Path) -> List[str]: - """Extract dependency names from pyproject.toml file.""" + """Extract dependency names from pyproject.toml file, including optional dependencies.""" try: with open(pyproject_path, 'rb') as f: data = tomllib.load(f) - dependencies = data.get('project', {}).get('dependencies', []) + + # Combine regular dependencies and optional dependencies + all_deps = data.get('project', {}).get('dependencies', []) + optional_deps = data.get('project', {}).get('optional-dependencies', {}) + for group_deps in optional_deps.values(): + all_deps.extend(group_deps) + # Extract just the package names (remove version constraints) dep_names = [] - for dep in dependencies: + for dep in all_deps: # Remove version constraints (>=, ==, etc.) and extract just the package name dep_name = re.split(r'[>==1.1.1"] + [project.urls] homepage = "https://awslabs.github.io/mcp/" docs = "https://awslabs.github.io/mcp/servers/eks-mcp-server/" diff --git a/src/eks-mcp-server/server.json b/src/eks-mcp-server/server.json index 0f0d189e5d..3971f484b7 100644 --- a/src/eks-mcp-server/server.json +++ b/src/eks-mcp-server/server.json @@ -1,60 +1,60 @@ { - "$schema": "https://static.modelcontextprotocol.io/schemas/2025-10-17/server.schema.json", - "description": "AI-powered Amazon EKS cluster management and troubleshooting", - "name": "io.github.awslabs/eks-mcp-server", - "packages": [ + "$schema": "https://static.modelcontextprotocol.io/schemas/2025-10-17/server.schema.json", + "description": "AI-powered Amazon EKS cluster management and troubleshooting", + "name": "io.github.awslabs/eks-mcp-server", + "packages": [ + { + "identifier": "mcp-proxy-for-aws", + "packageArguments": [ { - "identifier": "mcp-proxy-for-aws", - "packageArguments": [ - { - "type": "positional", - "value": "https://eks-mcp.{region}.api.aws/mcp", - "variables": { - "region": { - "default": "us-east-1", - "description": "AWS region for EKS MCP service", - "isRequired": true - } - } - }, - { - "name": "--service", - "type": "named", - "value": "eks-mcp" - }, - { - "default": "default", - "description": "AWS CLI profile to use for credentials", - "name": "--profile", - "type": "named" - }, - { - "name": "--region", - "type": "named", - "value": "{region}", - "variables": { - "region": { - "default": "us-east-1", - "description": "AWS region" - } - } - } - ], - "registryBaseUrl": "https://pypi.org", - "registryType": "pypi", - "runtimeHint": "uvx", - "transport": { - "type": "stdio" - }, - "version": "1.1.1" + "type": "positional", + "value": "https://eks-mcp.{region}.api.aws/mcp", + "variables": { + "region": { + "default": "us-east-1", + "description": "AWS region for EKS MCP service", + "isRequired": true + } + } + }, + { + "name": "--service", + "type": "named", + "value": "eks-mcp" + }, + { + "default": "default", + "description": "AWS CLI profile to use for credentials", + "name": "--profile", + "type": "named" + }, + { + "name": "--region", + "type": "named", + "value": "{region}", + "variables": { + "region": { + "default": "us-east-1", + "description": "AWS region" + } + } } - ], - "repository": { - "source": "github", - "subfolder": "src/eks-mcp-server", - "url": "https://github.com/awslabs/mcp" - }, - "title": "Amazon EKS MCP Server", - "version": "1.0.0", - "websiteUrl": "https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html" + ], + "registryBaseUrl": "https://pypi.org", + "registryType": "pypi", + "runtimeHint": "uvx", + "transport": { + "type": "stdio" + }, + "version": "1.1.1" + } + ], + "repository": { + "source": "github", + "subfolder": "src/eks-mcp-server", + "url": "https://github.com/awslabs/mcp" + }, + "title": "Amazon EKS MCP Server", + "version": "1.0.0", + "websiteUrl": "https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html" } From a7a6c2660e81a3173b2994dbcbdb1fd1d27a0d5c Mon Sep 17 00:00:00 2001 From: Jonathan Tung Date: Wed, 3 Dec 2025 18:41:34 +0000 Subject: [PATCH 4/4] Remove service parameter and update README --- src/eks-mcp-server/README.md | 4 +--- src/eks-mcp-server/server.json | 5 ----- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/src/eks-mcp-server/README.md b/src/eks-mcp-server/README.md index 589e607f74..0cbae9d2d7 100644 --- a/src/eks-mcp-server/README.md +++ b/src/eks-mcp-server/README.md @@ -50,8 +50,6 @@ The hosted EKS MCP Server uses the [MCP Proxy for AWS](https://github.com/aws/mc "args": [ "mcp-proxy-for-aws@latest", "https://eks-mcp.us-east-1.api.aws/mcp", - "--service", - "eks-mcp", "--profile", "default", "--region", @@ -68,7 +66,7 @@ Replace `us-east-1` with your desired AWS region and `default` with your AWS CLI Your IAM role or user must have the following managed policies attached: -- **For read-only operations**: `AmazonEKSMCPReadOnlyAccess` +- **For read-only operations**: [AmazonEKSMCPReadOnlyAccess](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonEKSMCPReadOnlyAccess.html) - **For write operations**: Create a custom policy following the [write policy guide](https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html#_step_2_optional_create_a_write_policy) For complete setup instructions and additional configuration options, see the [Amazon EKS MCP Server documentation](https://docs.aws.amazon.com/eks/latest/userguide/eks-mcp-getting-started.html). diff --git a/src/eks-mcp-server/server.json b/src/eks-mcp-server/server.json index 3971f484b7..280847b3ee 100644 --- a/src/eks-mcp-server/server.json +++ b/src/eks-mcp-server/server.json @@ -17,11 +17,6 @@ } } }, - { - "name": "--service", - "type": "named", - "value": "eks-mcp" - }, { "default": "default", "description": "AWS CLI profile to use for credentials",