mcpSource-backedReview first Safety ✓ Privacy ✓

AWS S3 Tables MCP Server

Official AWS Labs MCP server for AWS S3 Tables that lets AI assistants create and query S3-based tables, run read-only SQL for analysis, generate tables from CSV files in S3, and explore table metadata — read-only by default.

by AWS Labs·added 2026-06-21·

Claude Code Codex Cursor Claude Desktop

HarnessClaude CodeCodexCursorClaude Desktop

Install

Source

uvx awslabs.s3-tables-mcp-server@latest

Readiness

TrustReview first
Sourcesource-backed
Safety notesPresent
ReviewedYes

Documentation Source repository Registry JSON · LLM text

Review first — review before installing

Open the source and read safety notes before installing.

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Canonical URL: https://heyclau.de/entry/mcp/aws-s3-tables-mcp-server
Source URLs: https://github.com/awslabs/mcp/blob/main/src/s3-tables-mcp-server/README.md, https://github.com/awslabs/mcp, https://awslabs.github.io/mcp/
Brand: AWS Labs
Brand domain: aws.amazon.com
Brand asset source: brandfetch
Safety notes: The server is read-only by default. Adding the `--allow-write` flag (with the matching IAM permissions) enables create and append operations on S3 Tables; there is no delete or general update. Enable write only deliberately., AWS advises that you are responsible for your agents: if you enable write, back up your data first and validate LLM-generated instructions before execution, since misconfigured permissions can cause data loss., This server acts on real S3 Tables data with your AWS credentials; scope the profile least-privilege and run it only on a trusted host.
Privacy notes: Table schemas, metadata, query results, and bucket/namespace identifiers can be returned through tool calls and exposed to the model., Keep account identifiers, credentials, and any sensitive table data out of public prompts, issues, and screenshots.
Author: AWS Labs
Submitted by: jaso0n0818
Claim status: unclaimed
Last verified: 2026-06-21

Safety notes

The server is read-only by default. Adding the `--allow-write` flag (with the matching IAM permissions) enables create and append operations on S3 Tables; there is no delete or general update. Enable write only deliberately.
AWS advises that you are responsible for your agents: if you enable write, back up your data first and validate LLM-generated instructions before execution, since misconfigured permissions can cause data loss.
This server acts on real S3 Tables data with your AWS credentials; scope the profile least-privilege and run it only on a trusted host.

Privacy notes

Table schemas, metadata, query results, and bucket/namespace identifiers can be returned through tool calls and exposed to the model.
Keep account identifiers, credentials, and any sensitive table data out of public prompts, issues, and screenshots.

Prerequisites

An AWS account with S3 Tables and permissions for the table buckets you intend to read (and, if enabled, write).
Python 3.10 or newer and `uv` / `uvx` installed (Astral) to run the package.
AWS credentials configured locally (for example via `aws configure` or `AWS_PROFILE`) scoped least-privilege to the intended S3 Tables resources.
An MCP client that supports stdio servers; the server runs locally on the same host as the client.

Schema details

Install type: cli
Troubleshooting: No

Source repository stats

Scope: Source repo

Collection metadata

Estimated setup: 10 minutes
Difficulty: intermediate

Tool listing metadata

Website: https://awslabs.github.io/mcp/
Pricing: open-source
Disclosure: editorial
Application category: DeveloperApplication
Operating system: Cross-platform

Full copyable content

{
  "awslabs.s3-tables-mcp-server": {
    "command": "uvx",
    "args": ["awslabs.s3-tables-mcp-server@latest"],
    "env": {
      "AWS_PROFILE": "${AWS_PROFILE}",
      "AWS_REGION": "us-east-1",
      "FASTMCP_LOG_LEVEL": "ERROR"
    }
  }
}

About this resource

Overview

AWS S3 Tables MCP Server is an official AWS Labs Model Context Protocol server that lets AI assistants interact with S3-based table storage. It simplifies managing S3 Tables by providing tools to create and query tables, run read-only SQL for analysis, generate tables directly from CSV files uploaded to S3, and explore metadata through the S3 Metadata Table.

It runs locally over stdio via uvx from the published awslabs.s3-tables-mcp-server Python package and uses your local AWS credentials. By default it operates in read-only mode; write access is an opt-in flag.

Features

Table bucket and namespace management — create and list table buckets and namespaces to organize tabular data (no delete/update).
Table management — create, rename, and list tables within namespaces.
Read-only SQL — run read-only SQL queries directly against S3 Tables for analysis and reporting; writes are append-only inserts.
CSV to table — automatically create S3 Tables from CSV files in S3.
Metadata and policy discovery — view table metadata, maintenance settings, and resource policies (read-only).

Use Cases

Run analytical SQL queries over S3-stored tabular datasets.
Explore table schemas, metadata, and bucket/namespace structure.
Onboard a CSV file in S3 as a queryable S3 Table (write mode).
Append new rows to an existing S3 Table for incremental ingestion (write mode).

Installation

Claude Code

Install Python 3.10+ and uv.
Configure a least-privilege AWS profile for your S3 Tables resources.
Add the server with the read-only stdio configuration above. To enable create/append, run the server with --allow-write and the matching IAM permissions — only when you intend those operations.
Verify it is connected with claude mcp list.

Claude Desktop / Cursor / Kiro / VS Code

Add the configSnippet above to your client's MCP configuration and set AWS_PROFILE/AWS_REGION. The first run downloads the package via uvx.

Source And Trust

This entry is based on the official AWS Labs awslabs/mcp repository and the published PyPI package (Apache-2.0). The server is read-only by default and can create/append S3 Tables data when write is enabled, so keep write opt-in, use least-privilege credentials, back up data before enabling writes, and verify the configuration against the linked source before using it in automated workflows.

#aws #s3-tables #data #analytics #aws-labs

Source citations

Source methodology →

Add this badge to your README

Show that AWS S3 Tables MCP Server is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/mcp/aws-s3-tables-mcp-server.svg)](https://heyclau.de/entry/mcp/aws-s3-tables-mcp-server)

How it compares

AWS S3 Tables MCP Server side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	AWS S3 Tables MCP Server Official AWS Labs MCP server for AWS S3 Tables that lets AI assistants create and query S3-based tables, run read-only SQL for analysis, generate tables from CSV files in S3, and explore table metadata — read-only by default. Open dossier	AWS CloudTrail MCP Server Official AWS Labs MCP server for AWS CloudTrail that lets AI assistants query account activity for security investigations, compliance auditing, and operational troubleshooting via Event History and CloudTrail Lake SQL. Open dossier	AWS DynamoDB MCP Server Official AWS Labs developer-experience MCP server for Amazon DynamoDB that provides expert data-modeling guidance, model validation against DynamoDB Local, source-database analysis, schema conversion, and CDK generation. Open dossier	Amazon ECS MCP Server Official AWS Labs MCP server for Amazon ECS that helps AI assistants containerize applications, deploy them to ECS, troubleshoot deployments, and explore ECS and ECR resources across the container application lifecycle. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Brand	AWS Labs	AWS Labs	AWS Labs	AWS Labs
Category	mcp	mcp	mcp	mcp
Source	source-backed	source-backed	source-backed	source-backed
Author	AWS Labs	AWS Labs	AWS Labs	AWS Labs
Added	2026-06-21	2026-06-21	2026-06-21	2026-06-21
Platforms	Claude CodeCodexCursorClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop	Claude CodeClaude Desktop
Source repo	—	—	—	—
Safety notes	✓The server is read-only by default. Adding the `--allow-write` flag (with the matching IAM permissions) enables create and append operations on S3 Tables; there is no delete or general update. Enable write only deliberately. AWS advises that you are responsible for your agents: if you enable write, back up your data first and validate LLM-generated instructions before execution, since misconfigured permissions can cause data loss. This server acts on real S3 Tables data with your AWS credentials; scope the profile least-privilege and run it only on a trusted host.	✓The provided tools are read-only — they look up CloudTrail events and run Lake queries, and do not modify infrastructure. Grant only the CloudTrail read permissions listed in the documentation (least privilege). This server reads audit data with your AWS credentials; scope the profile to the intended account and run it only on a trusted host. CloudTrail Lake SQL queries against large event data stores can incur AWS query/scan costs; review query scope before running broad analyses.	✓The core tools provide data-modeling guidance and are advisory; review all generated models, schemas, and CDK output before deploying anything to AWS. Model validation sets up a local DynamoDB instance and creates test tables; the source-database analyzer connects to a database you point it at (RDS Data API or a direct connection). Generated CDK apps and `dynamodb_data_model.json` files are written to your workspace; inspect them before running or committing.	✓The configuration above is read-only. Setting `ALLOW_WRITE=true` lets the server create and modify infrastructure (ECR repos, CloudFormation stacks, ECS services) and `ALLOW_SENSITIVE_DATA=true` exposes logs; enable these only deliberately. AWS documents this server as primarily for development, testing, and non-critical environments; keep write/sensitive-data disabled for production accounts and prefer non-production targets while evaluating it. This server acts on real infrastructure with your AWS credentials; scope the profile to the intended account, region, and resources, and run it only on a trusted host.
Privacy notes	✓Table schemas, metadata, query results, and bucket/namespace identifiers can be returned through tool calls and exposed to the model. Keep account identifiers, credentials, and any sensitive table data out of public prompts, issues, and screenshots.	✓CloudTrail events expose account activity: usernames, access key IDs, source IPs, ARNs, and API call details can be returned to the model. Keep account identifiers, credentials, and returned event contents out of public prompts, issues, and screenshots, since audit data is sensitive.	✓Access patterns, entity definitions, and any source-database schema you share are processed to produce the model and validation artifacts. The source-database analyzer can read schema structure and access-pattern data from the database you connect; keep database credentials out of public prompts, issues, and screenshots.	✓Cluster, service, task, task-definition, and ECR metadata plus account/region identifiers can be returned through tool calls and exposed to the model. With sensitive-data access enabled, logs and deployment details may be returned; keep account identifiers, credentials, and log contents out of public prompts, issues, and screenshots.
Prerequisites	An AWS account with S3 Tables and permissions for the table buckets you intend to read (and, if enabled, write). Python 3.10 or newer and `uv` / `uvx` installed (Astral) to run the package. AWS credentials configured locally (for example via `aws configure` or `AWS_PROFILE`) scoped least-privilege to the intended S3 Tables resources. An MCP client that supports stdio servers; the server runs locally on the same host as the client.	An AWS account with CloudTrail enabled (Event History is on by default; CloudTrail Lake is needed for SQL queries). Python 3.10 or newer and `uv` / `uvx` installed (Astral) to run the package. AWS credentials configured locally (for example via `aws configure` or `AWS_PROFILE`) with CloudTrail read permissions (`cloudtrail:LookupEvents`, `cloudtrail:StartQuery`, `cloudtrail:GetQueryResults`, and related). An MCP client that supports stdio servers; the server runs locally on the same host as the client.	Python 3.10 or newer and `uv` / `uvx` installed (Astral) to run the package. An MCP client that supports stdio servers (Claude Code, Claude Desktop, Cursor, Kiro, or VS Code). Docker or a local DynamoDB Local setup if you want to use the model-validation tool, which creates tables and runs your access patterns. Connection details/credentials for any source database (MySQL, PostgreSQL, SQL Server, Oracle) only if you use the source-database analyzer.	An AWS account with Amazon ECS/ECR and permissions to view (and, if enabled, deploy) the target resources. Docker or Finch for containerization and local image builds. Python 3.10 or newer and `uv` / `uvx` installed (Astral) to run the package. AWS credentials configured locally (for example via `aws configure` or `AWS_PROFILE`) scoped to the intended account, region, and resources.
Install	`uvx awslabs.s3-tables-mcp-server@latest`	`uvx awslabs.cloudtrail-mcp-server@latest`	`uvx awslabs.dynamodb-mcp-server@latest`	`uvx --from awslabs-ecs-mcp-server ecs-mcp-server`
Config	`{ "mcpServers": { "awslabs.s3-tables-mcp-server": { "command": "uvx", "args": ["awslabs.s3-tables-mcp-server@latest"], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "us-east-1", "FASTMCP_LOG_LEVEL": "ERROR" }, "type": "stdio" } } }`	`{ "mcpServers": { "awslabs.cloudtrail-mcp-server": { "command": "uvx", "args": ["awslabs.cloudtrail-mcp-server@latest"], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "FASTMCP_LOG_LEVEL": "ERROR" }, "type": "stdio" } } }`	`{ "mcpServers": { "awslabs.dynamodb-mcp-server": { "command": "uvx", "args": ["awslabs.dynamodb-mcp-server@latest"], "env": { "FASTMCP_LOG_LEVEL": "ERROR" }, "type": "stdio" } } }`	`{ "mcpServers": { "awslabs.ecs-mcp-server": { "command": "uvx", "args": ["--from", "awslabs-ecs-mcp-server", "ecs-mcp-server"], "env": { "AWS_PROFILE": "${AWS_PROFILE}", "AWS_REGION": "us-east-1", "FASTMCP_LOG_LEVEL": "ERROR", "ALLOW_WRITE": "false", "ALLOW_SENSITIVE_DATA": "false" }, "type": "stdio" } } }`
Citations	Source repositorygithub.com 2026-06-22T23:55:05-07:00 Documentationgithub.com Websiteawslabs.github.io Submitted by jaso0n08182026-06-21 Source methodology →	Source repositorygithub.com 2026-06-22T23:55:05-07:00 Documentationgithub.com Submitted by jaso0n08182026-06-21 Source methodology →	Source repositorygithub.com 2026-06-22T23:55:05-07:00 Documentationgithub.com Submitted by jaso0n08182026-06-21 Source methodology →	Source repositorygithub.com 2026-06-22T23:55:05-07:00 Documentationgithub.com Submitted by jaso0n08182026-06-21 Source methodology →
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed