mcpSource-backedReview first Safety ✓ Privacy ✓
Amazon SNS / SQS MCP Server
Official AWS Labs MCP server for Amazon SNS and SQS that lets AI assistants list and manage SNS topics, subscriptions, and SQS queues and send/receive messages, with resource tagging so it only modifies what it created.
HarnessClaude CodeCodexCursorClaude Desktop
Review first — review before installing
Open the source and read safety notes before installing.
Citation facts
Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
- Canonical URL
- https://heyclau.de/entry/mcp/aws-sns-sqs-mcp-server
- Source URLs
- https://github.com/awslabs/mcp/blob/main/src/amazon-sns-sqs-mcp-server/README.md, https://github.com/awslabs/mcp, https://awslabs.github.io/mcp/
- Brand
- AWS Labs
- Brand domain
- aws.amazon.com
- Brand asset source
- brandfetch
- Safety notes
- Resource creation/deletion is gated by the `--allow-resource-creation` flag (default off); without it, create/delete tools are hidden. Enable it only deliberately, and grant `AmazonSNSFullAccess`/`AmazonSQSFullAccess` only when you intend mutations., The server tags resources it creates and will only modify resources carrying that tag, which prevents it from changing pre-existing topics/queues it did not create., This server acts on real messaging infrastructure with your AWS credentials; scope the profile to the intended account and region and run it only on a trusted host.
- Privacy notes
- Topic/queue names, ARNs, subscription details, and account/region metadata can be returned through tool calls and exposed to the model., Message send/receive tools can read and write message payloads; keep sensitive message contents, account identifiers, and credentials out of public prompts, issues, and screenshots.
- Author
- AWS Labs
- Submitted by
- jaso0n0818
- Claim status
- unclaimed
- Last verified
- 2026-06-21
Safety notes
- Resource creation/deletion is gated by the `--allow-resource-creation` flag (default off); without it, create/delete tools are hidden. Enable it only deliberately, and grant `AmazonSNSFullAccess`/`AmazonSQSFullAccess` only when you intend mutations.
- The server tags resources it creates and will only modify resources carrying that tag, which prevents it from changing pre-existing topics/queues it did not create.
- This server acts on real messaging infrastructure with your AWS credentials; scope the profile to the intended account and region and run it only on a trusted host.
Privacy notes
- Topic/queue names, ARNs, subscription details, and account/region metadata can be returned through tool calls and exposed to the model.
- Message send/receive tools can read and write message payloads; keep sensitive message contents, account identifiers, and credentials out of public prompts, issues, and screenshots.
Prerequisites
- An AWS account with Amazon SNS and SQS, and permissions for the topics/queues you intend to inspect or manage.
- Python 3.10 or newer and `uv` / `uvx` installed (Astral) to run the package.
- AWS credentials configured locally (for example via `aws configure` or `AWS_PROFILE`); AWS recommends a least-privilege role with `AmazonSNSReadOnlyAccess` and `AmazonSQSReadOnlyAccess`.
- An MCP client that supports stdio servers; the server runs locally on the same host as the client.
Schema details
- Install type
- cli
- Troubleshooting
- No
Source repository stats
- Scope
- Source repo
Collection metadata
- Estimated setup
- 10 minutes
- Difficulty
- intermediate
Tool listing metadata
- Pricing
- open-source
- Disclosure
- editorial
- Application category
- DeveloperApplication
- Operating system
- Cross-platform
Full copyable content
{
"awslabs.amazon-sns-sqs-mcp-server": {
"command": "uvx",
"args": ["awslabs.amazon-sns-sqs-mcp-server@latest"],
"env": {
"AWS_PROFILE": "${AWS_PROFILE}",
"AWS_REGION": "us-east-1",
"FASTMCP_LOG_LEVEL": "ERROR"
}
}
}About this resource
Overview
Amazon SNS / SQS MCP Server is an official AWS Labs Model Context Protocol server that acts as a bridge between MCP clients and Amazon SNS / SQS. It lets AI assistants list and manage SNS topics and subscriptions and SQS queues, and send and receive messages, while maintaining access controls through resource tagging.
It runs locally over stdio via uvx from the published
awslabs.amazon-sns-sqs-mcp-server Python package and uses your local AWS
credentials. Resource creation is an opt-in flag, and the server only modifies
resources it created (by tag).
Features
- SNS topics — create, list, and manage Amazon SNS topics.
- SNS subscriptions — create, list, and manage subscriptions.
- SQS queues — create, list, and manage Amazon SQS queues.
- Messaging — send and receive messages using SNS and SQS.
- Tag-scoped safety — only resources created by the server (and tagged) can be modified by it, protecting pre-existing resources.
Use Cases
- Inspect existing SNS topics, subscriptions, and SQS queues.
- Send a test message to a topic or queue and read responses.
- Stand up a topic/queue and subscription for a new workflow (creation mode).
- Wire up an event fan-out pattern with SNS and SQS.
Installation
Claude Code
- Install Python 3.10+ and
uv. - Configure an AWS profile (AWS recommends read-only SNS/SQS access for inspection; full access only if you enable resource creation).
- Add the server with the stdio configuration above. To enable resource
creation/deletion, run the server with
--allow-resource-creation— only when you intend those operations. - Verify it is connected with
claude mcp list.
Claude Desktop / Cursor / Kiro / VS Code
Add the configSnippet above to your client's MCP configuration and set
AWS_PROFILE/AWS_REGION. The first run downloads the package via uvx.
Source And Trust
This entry is based on the official AWS Labs awslabs/mcp repository and the
published PyPI package (Apache-2.0). The server can manage real SNS/SQS resources
with your AWS credentials, but resource creation is opt-in and tag-scoped, so use
least-privilege credentials, keep creation disabled unless needed, and verify the
configuration against the linked source before using it in automated workflows.
Source citations
Add this badge to your README
Show that Amazon SNS / SQS MCP Server is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/mcp/aws-sns-sqs-mcp-server)How it compares
Amazon SNS / SQS MCP Server side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
| Field | Official AWS Labs MCP server for Amazon SNS and SQS that lets AI assistants list and manage SNS topics, subscriptions, and SQS queues and send/receive messages, with resource tagging so it only modifies what it created. Open dossier | Official AWS Labs MCP server for Amazon ECS that helps AI assistants containerize applications, deploy them to ECS, troubleshoot deployments, and explore ECS and ECR resources across the container application lifecycle. Open dossier | Official AWS Labs MCP server for Amazon EKS that gives AI code assistants real-time cluster state visibility and Kubernetes/EKS resource management, from cluster setup through deployment, troubleshooting, and optimization. Open dossier | Official AWS Labs MCP server for Amazon Location Service that gives AI assistants place search, geocoding, reverse geocoding, nearby and open-now search, and route calculation with waypoint optimization. Open dossier |
|---|---|---|---|---|
| Trust | ||||
| Install risk | Review first | Review first | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | AWS Labs | AWS Labs | AWS Labs | AWS Labs |
| Category | mcp | mcp | mcp | mcp |
| Source | source-backed | source-backed | source-backed | source-backed |
| Author | AWS Labs | AWS Labs | AWS Labs | AWS Labs |
| Added | 2026-06-21 | 2026-06-21 | 2026-06-21 | 2026-06-21 |
| Platforms | Claude CodeCodexCursorClaude Desktop | Claude CodeClaude Desktop | Claude CodeClaude Desktop | Claude CodeClaude Desktop |
| Source repo | — | — | — | — |
| Safety notes | ✓Resource creation/deletion is gated by the `--allow-resource-creation` flag (default off); without it, create/delete tools are hidden. Enable it only deliberately, and grant `AmazonSNSFullAccess`/`AmazonSQSFullAccess` only when you intend mutations. The server tags resources it creates and will only modify resources carrying that tag, which prevents it from changing pre-existing topics/queues it did not create. This server acts on real messaging infrastructure with your AWS credentials; scope the profile to the intended account and region and run it only on a trusted host. | ✓The configuration above is read-only. Setting `ALLOW_WRITE=true` lets the server create and modify infrastructure (ECR repos, CloudFormation stacks, ECS services) and `ALLOW_SENSITIVE_DATA=true` exposes logs; enable these only deliberately. AWS documents this server as primarily for development, testing, and non-critical environments; keep write/sensitive-data disabled for production accounts and prefer non-production targets while evaluating it. This server acts on real infrastructure with your AWS credentials; scope the profile to the intended account, region, and resources, and run it only on a trusted host. | ✓The configuration above is read-only. Adding the `--allow-write` flag lets the server create, update, patch, and delete EKS/Kubernetes resources (including creating clusters via CloudFormation) and `--allow-sensitive-data-access` exposes logs and events; enable these only deliberately. This server acts on real infrastructure with your AWS credentials; scope the profile to the intended account, region, and clusters, and prefer non-production targets while evaluating it. Run it only on a trusted host, and review any generated manifests or CloudFormation actions before applying them. | ✓This server calls Amazon Location Service place and route APIs with your AWS credentials; scope the profile to Location Service access and the intended account and region. The tools are query-oriented (search, geocode, route) rather than resource-mutating, but Amazon Location Service API calls may incur AWS usage costs. Run it only on a trusted host, since it uses the local machine's AWS credentials to reach your account. |
| Privacy notes | ✓Topic/queue names, ARNs, subscription details, and account/region metadata can be returned through tool calls and exposed to the model. Message send/receive tools can read and write message payloads; keep sensitive message contents, account identifiers, and credentials out of public prompts, issues, and screenshots. | ✓Cluster, service, task, task-definition, and ECR metadata plus account/region identifiers can be returned through tool calls and exposed to the model. With sensitive-data access enabled, logs and deployment details may be returned; keep account identifiers, credentials, and log contents out of public prompts, issues, and screenshots. | ✓Cluster state, resource manifests, ARNs, and account/region metadata can be returned through tool calls and exposed to the model. With sensitive-data access enabled, pod logs and Kubernetes events may be returned; keep account identifiers, credentials, and log contents out of public prompts, issues, and screenshots. | ✓Place queries, coordinates, addresses, and waypoints you ask about are sent to Amazon Location Service using your configured credentials. Returned place details, addresses, and route geometry are exposed to the model; keep account identifiers and credentials out of public prompts, issues, and screenshots. |
| Prerequisites |
|
|
|
|
| Install | | | | |
| Config | | | | |
| Citations | ||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
Related resources
Same project
Related guides
Source-backed guides for putting this to work.
Signals
Loading live community signals…
More like this, weekly
A short, calm digest of reviewed Claude resources. Unsubscribe any time.