AWS Infrastructure as Code MCP Server

by AWS Labs

AWS Labs server for Infrastructure as Code lifecycle. Validates CloudFormation templates with cfn-lint, checks compliance via cfn-guard against AWS Guard Rules and Control Tower controls, troubleshoots failed deployments with pattern-matched analysis, searches CloudFormation and CDK documentation.

★ 8,894·7 tools·Released DEC 2024·Apache-2.0

uvx awslabs.aws-iac-mcp-server@latest

“This server is the safety net for agent-generated infrastructure code. It runs cfn-lint against CloudFormation templates, cfn-guard against AWS Guard Rules and Control Tower proactive controls, and pattern matches deployment failures against 30+ known cases with CloudTrail deep links for the postmortem. The CDK side searches AWS-approved code samples and the official CDK best practices; this is the difference between an agent that drafts CDK that compiles and one that drafts CDK that compiles and is also correct. The honest weakness is that pure validation pairs with the deployment, with runtime verification staying mandatory: cfn-lint catches schema errors, cfn-guard catches policy violations, and a logic error in a custom resource still surfaces at deploy time. Use this server before deployment, then use CloudFormation deploy events and CloudTrail to verify the actual outcome.”
Reviewed by M. Nouriel · APR 2026

// Connect

INSTALL THIS SERVER

{
  "mcpServers": {
    "awslabs.aws-iac-mcp-server": {
      "command": "uvx",
      "args": [
        "awslabs.aws-iac-mcp-server@latest"
      ],
      "env": {
        "AWS_PROFILE": "your-aws-profile",
        "AWS_REGION": "us-east-1",
        "FASTMCP_LOG_LEVEL": "ERROR"
      }
    }
  }
}

PrereqmacOS path: ~/Library/Application Support/Claude/claude_desktop_config.json. Requires uvx (install via `uv tool install awslabs.mcp`) and AWS CLI credentials.

{
  "mcpServers": {
    "awslabs.aws-iac-mcp-server": {
      "command": "uvx",
      "args": [
        "awslabs.aws-iac-mcp-server@latest"
      ],
      "env": {
        "AWS_PROFILE": "your-aws-profile",
        "AWS_REGION": "us-east-1",
        "FASTMCP_LOG_LEVEL": "ERROR"
      }
    }
  }
}

{
  "mcpServers": {
    "awslabs.aws-iac-mcp-server": {
      "command": "uvx",
      "args": [
        "awslabs.aws-iac-mcp-server@latest"
      ],
      "env": {
        "AWS_PROFILE": "your-aws-profile",
        "AWS_REGION": "us-east-1",
        "FASTMCP_LOG_LEVEL": "ERROR"
      }
    }
  }
}

{
  "mcpServers": {
    "awslabs.aws-iac-mcp-server": {
      "command": "uvx",
      "args": [
        "awslabs.aws-iac-mcp-server@latest"
      ],
      "env": {
        "AWS_PROFILE": "your-aws-profile",
        "AWS_REGION": "us-east-1",
        "FASTMCP_LOG_LEVEL": "ERROR"
      }
    }
  }
}

{
  "mcpServers": {
    "awslabs.aws-iac-mcp-server": {
      "command": "uvx",
      "args": [
        "awslabs.aws-iac-mcp-server@latest"
      ],
      "env": {
        "AWS_PROFILE": "your-aws-profile",
        "AWS_REGION": "us-east-1",
        "FASTMCP_LOG_LEVEL": "ERROR"
      }
    }
  }
}

// Tools

7 TOOLS AVAILABLE

validate_cloudformation_template

Validate CloudFormation template syntax, schema, and resource properties using cfn-lint

Read

check_cloudformation_template_compliance

Validate CloudFormation templates against security and compliance rules using cfn-guard

Read

analyze_cloudformation_failure

Pattern-match deployment failures with CloudTrail deep links

Read

search_cloudformation_documentation

Search CloudFormation documentation for resource types and syntax

Read

search_cdk_documentation

Search AWS CDK documentation, API references, and best practices

Read

find_cdk_code_sample

Find CDK code samples and community constructs for common patterns

Read

// Editorial Review

OUR ASSESSMENT

Strengths

cfn-lint integration provides syntax and schema validation with line-numbered fix suggestions.
cfn-guard checks against AWS Guard Rules Registry and Control Tower proactive controls, catching security posture issues before deployment.
Failure analysis pattern-matches against 30+ known CloudFormation deployment failures with CloudTrail deep links.
CDK documentation search returns AWS-approved code samples; reduces hallucination risk versus asking the LLM directly.

Weaknesses

Validation is structural and policy-based; logic errors in custom resources still require runtime verification.
Coverage is CDK and CloudFormation; Terraform users need a separate tool.
The CDK best-practices search is bounded to AWS-approved patterns; community patterns and emerging idioms appear later than they do in the broader CDK ecosystem.

Security Notes

The server reads templates and queries documentation; deployment of resources stays out of scope. This makes its security model simpler than the deploying servers in awslabs/mcp. Credentials follow the standard boto3 chain when calling AWS APIs for documentation lookups. Templates submitted for validation stay on the local server.

Best For

Teams using CDK or CloudFormation who want pre-deployment validation and post-failure analysis baked into their agent workflow.

// Technical

TECHNICAL DETAILS

Language

python

Transport

stdio

Clients

Claude DesktopClaude CodeCursorVS CodeWindsurf

License

Apache-2.0

GitHub

awslabs/mcp · ★ 8,894

npm

awslabs.aws-iac-mcp-server

Last Release

1.2.0APR 22, 2026

First Released

DEC 4, 2024

// Adoption

ADOPTION METRICS

// GitHub Stars

8,894

// Reading thisShares the awslabs/mcp 8.9k star base. The IaC server is the validation layer that other AWS servers rely on for pre-deployment checks.

// Popularity Rank

#12

Globally · #3 in Dev Tools

// Reading thisTop dev-tools MCP for IaC workflows. The combination of cfn-lint, cfn-guard, and CDK documentation search has no equivalent in the directory.

// How we found this server

SOURCES & VERIFICATION

We don't take any single directory's word for it. Before scoring, we cross-reference 4 public MCP sources, install the server ourselves against the clients we cover, and record when we last re-verified.

Discovered

Manual submission

First indexed APR 28, 2026

Cross-referenced

4 directories

PulseMCP, Official MCP Registry, Awesome MCP Servers, Smithery

Verified against

Claude Desktop, Cursor, VS Code

Installed and tested across clients

Last re-checked

APR 28, 2026

Weekly re-verification

// How other directories see it

The same server, 4 different lenses. We reconcile these signals into our editorial score, which is why our number sometimes diverges from a directory-aggregate star count.

Source	Their rating	Their star count	Their downloads	Last synced
AutomationSwitch This page	4editorial	8,894	—	APR 28, 2026
PulseMCP	— unrated	unavailable	unavailable	APR 28, 2026
Official MCP Registry	— unrated	unavailable	unavailable	APR 28, 2026
Awesome MCP Servers	— unrated	unavailable	unavailable	APR 28, 2026
Smithery	— unrated	unavailable	unavailable	APR 28, 2026

// Counts are directory-reported; we don't adjust them. Discrepancies usually come from different snapshot times or star-caching.

// Alternatives

OTHER DEV TOOLS MCP SERVERS

Official5

GitHub

Official GitHub MCP server. 29,469 stars, MIT, 33 commits on main in the last 30 days. Repo, issue, PR, action, and code search tools backed by the GitHub REST + GraphQL APIs.

24 tools★ 29,469

Official4.7

Playwright

Microsoft

Official Microsoft Playwright MCP server. Browser automation tools (navigate, click, fill, screenshot, evaluate JS, network capture) backed by Playwright. 31,942 stars, 35 commits/30d, Apache-2.0.

11 tools★ 31,942

Official4.7

MCP Registry

Model Context Protocol

The community-driven registry service for MCP servers, maintained by the Model Context Protocol project. Discover, list, and validate MCP servers from inside agents. 6,781 GitHub stars and 65 commits on main in the last 30 days.

5 tools★ 6,781

Official4.6

MCP Inspector

Model Context Protocol

The official MCP debugging and testing tool maintained by the Model Context Protocol project. Visual inspector for MCP servers: invoke tools, inspect transports, validate protocol behaviour during development. 9,647 GitHub stars and 32 commits on main in the last 30 days.

6 tools★ 9,647

Official4.6

XcodeBuild MCP

Sentry (getsentry org)

MCP server and CLI for agent use of Xcode build tools. Build, test, run, and inspect iOS, macOS, watchOS, and visionOS projects from inside agents. 5,429 GitHub stars and 95 commits on main in the last 30 days. Maintained by Sentry.

7 tools★ 5,429

Community4.6

GitLab MCP

zereight

GitLab MCP with 60+ tools covering merge requests, repositories, issues, branches, commits, files, discussions, draft notes, approvals, pipelines, and OAuth multi-user support. 54 commits on main in the last 30 days.

9 tools★ 1,449

// Get in touch

DISCUSS YOUR
MCP REQUIREMENTS.

Evaluating a server, scoping an internal deployment, or working out whether MCP is the right fit at all. Start the conversation and we will point you at the right piece of the ecosystem.

Discuss Your MCP Requirements →

AWS Infrastructure as Code MCP Server

INSTALL THIS SERVER

7 TOOLS AVAILABLE

OUR ASSESSMENT

TECHNICAL DETAILS

ADOPTION METRICS

SOURCES & VERIFICATION

OTHER DEV TOOLS MCP SERVERS

GitHub

Playwright

MCP Registry

MCP Inspector

XcodeBuild MCP

GitLab MCP

DISCUSS YOURMCP REQUIREMENTS.

DISCUSS YOUR
MCP REQUIREMENTS.