Official (Vendor)Active· 6d★ 4.3by AWS
AWS Lambda Tool
AWS Labs' Lambda Tool MCP. Lets the agent invoke and inspect your Lambda functions as if they were native tools.
A
Safety & Trust
Delv Safety Grade: A
Score 83/100 · assessed 2026-04-18
Maintainer95
Permissions60
Supply chain85
Transparency90
Incidents100
AWS Lambda Tool is an official AWS Labs MCP server that exposes Lambda functions as Claude-native tools. The maintainer score is excellent given AWS's infrastructure and resources. Transparency is strong with open source code, clear documentation, and active AWS Labs backing. Supply chain is solid via PyPI distribution with uvx installation, though not as hardened as core AWS services. The permissions profile is the main concern: this grants arbitrary code execution through Lambda invocation, network access to AWS APIs, and credential access via AWS_PROFILE. While scoped to Lambda functions matching your prefix filter, it still allows the AI to invoke production serverless functions with real side effects. The tool requires careful configuration of FUNCTION_PREFIX to limit blast radius. Best suited for development and debugging workflows rather than production automation without additional guardrails.
Green flags
- Official AWS Labs project with institutional backing
- FUNCTION_PREFIX provides scope limitation mechanism
- Open source with clear documentation and examples
- Standard PyPI distribution via uvx
- Read-only inspection capabilities alongside invocation
Red flags
- Invokes real Lambda functions with potential production side effects
- Requires AWS credentials with Lambda:InvokeFunction permissions
- Arbitrary code execution via Lambda payload construction
- No built-in rate limiting or cost controls for invocations
Permissions requested
Outbound networkRead envAccess secretsShell executeExternal LLM call
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.
Install
uvx awslabs.lambda-tool-mcp-server@latest
Env vars needed:
AWS_REGIONAWS_PROFILEFUNCTION_PREFIXReview
AWS Lambda Tool turns your Lambda functions into Claude-native tools. Point it at your AWS account, and the agent can list, inspect, and invoke any function that matches your prefix or tag filter. No API Gateway, no curl commands, just natural language requests that map to function calls.
I'd reach for this when I'm debugging serverless workflows or when I want to expose internal services to Claude without writing a custom MCP server. The killer workflow is test-running Lambdas from chat. Say you've got a function that processes S3 events. Instead of crafting test JSON and clicking through the console, you ask Claude to invoke it with sample data. The agent reads the function schema, constructs the payload, calls it, and shows you the response. It's faster than Postman for one-off tests.
The prefix and tag filters are essential. Without them, Claude sees every Lambda in your account, which is noise. Set FUNCTION_PREFIX to something like 'prod-api-' or tag your functions with 'mcp-visible', and the agent only sees what matters. This scoping also prevents accidental invocations of critical functions.
Quirks: it assumes you've got AWS credentials sorted. If your profile or region is misconfigured, it fails silently until you check logs. The function inspection is read-only metadata, so Claude can't see your code, just the ARN, runtime, and environment variables. That's fine for most use cases, but don't expect it to debug your Python logic.
Who shouldn't bother: if you don't run Lambda functions, obviously skip it. If your Lambdas are stateful or have side effects you can't easily undo, think twice before letting an agent invoke them. This is a power tool. It's also overkill if you're just learning MCP, start with something simpler like the filesystem server.
The official vendor status matters here. AWS Labs maintains it, so it tracks boto3 updates and Lambda API changes. That's rare in the MCP ecosystem, where most servers are community projects that go stale. If you're already in the AWS world, this is the most natural way to bridge Claude and your serverless stack.
Verdict
Install this if you're running Lambda functions and want to test or orchestrate them from Claude without leaving chat. Skip it if you're not on AWS or if your functions are too critical to invoke casually. The best MCP server for AWS-native teams who want to move faster than the console allows.
Good at
- Turns Lambda functions into first-class Claude tools without writing custom MCP code.
- Prefix and tag filtering prevent the agent from seeing or invoking every function in your account.
- Maintained by AWS Labs, so it tracks API changes and boto3 updates reliably.
- Faster than the console or Postman for one-off Lambda tests and debugging.
- Works with any Claude host that supports MCP, not just desktop.
Watch out
- Assumes your AWS credentials are already configured. No hand-holding if your profile or region is wrong.
- Function inspection is metadata only. Claude can't see your code or debug logic errors.
- Dangerous if you point it at production Lambdas with side effects. No undo button.
- Hosts beyond Claude Desktop require manual config file edits, no GUI setup.
- Overkill if you're not already running serverless workloads on AWS.
Use cases
- Exposing internal microservices to Claude as tools
- Test-running a Lambda from chat
- Filtering by tag to scope what the agent sees
- Moving from Postman to natural language for ops
Getting started
1. Run `uvx awslabs.lambda-tool-mcp-server@latest` to install the server.
2. Add it to your Claude Desktop config under 'mcpServers' with env vars: AWS_REGION (e.g. 'us-east-1'), AWS_PROFILE (your local credential profile), and FUNCTION_PREFIX (a string to filter function names, or leave blank to see all).
3. Restart Claude Desktop, then ask 'List my Lambda functions' to verify the connection.
4. Test an invocation by asking Claude to call a specific function with sample input. Watch for IAM permission errors if your profile lacks lambda:InvokeFunction.
5. Use tags instead of prefix if you want finer control. Tag your Lambdas with 'mcp-visible' and set the filter accordingly.
Works with
Claude DesktopClaude CodeCursorVS Code
Similar MCPs
- ESXi MCPManages VMware ESXi and vCenter for VM lifecycle and real-time performance monitoring via REST and SSE.
- TerraformHashiCorp's official Terraform MCP. Connects agents to the Terraform Registry for module discovery and infrastructure-as-code automation.
- HerokuHeroku's official MCP. Manage apps, databases, dynos, and pipelines through the platform CLI from inside an agent.
- AWS LabsAWS Labs ships a growing family of MCPs for S3, Lambda, EKS, CDK, etc. Modular install — pick the services you actually use.