AWS S3 Tables MCP Server
OfficialOfficial AWS Labs MCP server to manage and query S3 Tables (table buckets, namespaces, tables).
Add to your client
Copy the config for your MCP client and paste it into its config file.
uvx awslabs.s3-tables-mcp-server@latestPaste into ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"aws-s3-tables-mcp-server": {
"command": "uvx",
"args": [
"awslabs.s3-tables-mcp-server@latest"
],
"env": {
"AWS_REGION": "us-east-1",
"AWS_PROFILE": "<your-aws-profile>"
}
}
}
}Requires `uv` (the Python package runner). Install it from https://docs.astral.sh/uv/ if `uvx` is not found.
Step-by-step guides: Add to Claude Desktop · Add to Cursor · Add to Windsurf
Before you start
- Python 3.10+ and the uv package manager (the server runs via uvx)
- An AWS account with S3 Tables enabled in your region
- AWS credentials configured locally (via `aws configure`, an AWS_PROFILE, or environment variables) with IAM permissions for S3 Tables actions (s3tables:*) and, for SQL queries, the relevant analytics/Lake Formation access
- Docker is supported as an alternative to uvx for containerized deployment
About AWS S3 Tables MCP Server
The AWS S3 Tables MCP Server is an official AWS Labs Model Context Protocol server that lets AI assistants manage and query Amazon S3 Tables — the fully-managed Apache Iceberg table storage built on S3. Through it, an agent can organize and inspect the full S3 Tables hierarchy (table buckets, namespaces, and tables) and run analytical SQL over the data.
Beyond discovery and management, the server can execute read-only SQL queries against your tables and automatically generate Iceberg tables from CSV files, making it useful for both data exploration and lightweight ingestion. It also exposes maintenance settings and resource policies for governance.
By default the server runs in read-only mode. Any tool that creates or modifies resources (creating buckets/namespaces/tables, appending data, CSV import) is gated behind an explicit --allow-write flag, so it is safe to attach to an agent without risking accidental writes.
Tools & capabilities (12)
list_table_bucketsList the S3 table buckets in your account/region.
create_table_bucketCreate a new S3 table bucket (write).
list_namespacesList namespaces within a table bucket.
create_namespaceCreate a namespace inside a table bucket (write).
list_tablesList tables within a namespace.
create_tableCreate a new Iceberg table (write).
rename_tableRename an existing table (write).
get_table_metadataRetrieve a table's metadata and schema.
get_maintenance_settingsRead maintenance/compaction settings for a bucket or table.
get_resource_policiesRead the resource policies attached to S3 Tables resources.
run_sql_queryExecute a read-only SQL query against your S3 Tables data.
create_table_from_csvGenerate a new table by importing a CSV file (write).
When to use it
- Use it when you want an agent to explore your S3 Tables layout — listing buckets, namespaces, and tables — without writing any code.
- Use it when you need to run ad-hoc analytical SQL over Iceberg data in S3 Tables from a chat interface.
- Use it when you want to bootstrap a table directly from a CSV file instead of hand-writing a schema.
- Use it when you need to inspect table metadata, maintenance settings, or resource policies for governance and auditing.
- Use it when you want a read-only, safe-by-default connection to production S3 Tables and only selectively enable writes.
Quick setup
- 1Install the uv package manager (or have Docker available).
- 2Configure AWS credentials and pick a region (set AWS_PROFILE and AWS_REGION).
- 3Add the server to your MCP client config using command `uvx` with args `awslabs.s3-tables-mcp-server@latest`.
- 4Optionally append the `--allow-write` flag to enable resource-creating tools; otherwise it stays read-only.
- 5Restart the MCP client and confirm the S3 Tables tools appear, then try `list_table_buckets`.
Security notes
It uses your local AWS credentials/profile, so it inherits whatever IAM permissions that profile holds; use a least-privilege profile. Write actions require the explicit --allow-write flag, which can create or modify AWS resources and incur cost.
AWS S3 Tables MCP Server FAQ
How does authentication work?
It uses your standard AWS credential chain — an AWS_PROFILE, environment variables, or `aws configure` output. There is no separate API key; permissions come from the IAM identity those credentials resolve to.
Is it safe to run against production data?
Yes by default. The server starts in read-only mode and only exposes write tools (create bucket/namespace/table, CSV import, data append) when you explicitly pass `--allow-write`.
What does the SQL query tool support?
`run_sql_query` executes read-only queries over your S3 Tables (Iceberg) data. It is intended for analytics and exploration, not for mutating table contents.
Do I need Python installed?
You need Python 3.10+, but the recommended path is to run it through `uvx`, which manages the environment for you. A Docker image is also available if you prefer containers.
Which AWS regions are supported?
Any region where Amazon S3 Tables is available. Set the target via the AWS_REGION environment variable (the examples default to us-east-1).
Alternatives to AWS S3 Tables MCP Server
Compare all alternatives →
Official MCP reference server for secure local filesystem read/write within allowed directories.
Official MCP server for reading, searching, and manipulating a local Git repository's files and history.
Powerful local filesystem + terminal MCP server: search, diff-edit files, and run shell commands.
Compare AWS S3 Tables MCP Server with: