# Amazon S3 Bucket MCP MCP

> Amazon S3 Bucket MCP gives your AI agent secure, limited access to a single cloud storage bucket. It lets agents read, write, and manage objects without needing full account permissions. This confinement means data processing stays locked down in one designated workspace.

## Overview
- **Category:** industry-titans
- **Price:** Free
- **Tags:** object-storage, aws, data-management, file-storage, security-scoping, cloud-data

## Description

This connector keeps your agent focused on exactly what it needs. Instead of giving an autonomous client the keys to your whole AWS account, this MCP scopes all operations to just one pre-selected S3 bucket. Your agent can read object contents, list every file inside, upload new JSON records, or even clean up old files—all without ever touching another part of your cloud storage. It’s about confinement and control. If you're working with sensitive data, this is critical. You connect it through Vinkius to give any compatible client a dedicated workspace, ensuring that the agent only performs actions within those specific boundaries. This setup keeps your audit trail clean and dramatically reduces the attack surface.

## Tools

### delete_object
Deletes a specific object from within the connected bucket.

### get_bucket_acl
Retrieves the Access Control List (ACL) for the entire bucket.

### get_bucket_policy
Fetches the defined access policy attached to the bucket.

### get_object_data
Retrieves and reads the raw content of an object inside the bucket.

### get_object_metadata
Reads non-content information about an object, such as its size or creation date.

### list_objects
Lists all files in the bucket, optionally filtering by specific prefixes or delimiters.

### put_object
Uploads new data, whether it's a string or JSON, and saves it as an object in the bucket.

## Prompt Examples

**Prompt:** 
```
List all files in this bucket.
```

**Response:** 
```
I've listed the contents of your bucket. You have 12 objects, including 3 CSV files in the 'reports/' prefix and 5 JSON logs under 'events/2026/'. The largest file is 'reports/annual-summary.csv' at 18 MB. Would you like me to retrieve the content of a specific file?
```

**Prompt:** 
```
Upload this JSON config to 'settings/app-config.json'.
```

**Response:** 
```
Done! I've uploaded the JSON configuration to 'settings/app-config.json' in your bucket. The object is now available at that key. Would you like me to verify the upload by retrieving the metadata?
```

**Prompt:** 
```
Check the access policy on this bucket.
```

**Response:** 
```
I've retrieved the bucket policy. The current configuration allows read access from a specific IAM role and denies all public access. The bucket also has server-side encryption (AES-256) enforced on all PUT operations. Your setup looks secure. Would you like me to also check the ACL?
```

## Capabilities

### Manage object lifecycle
Your agent can upload new files or delete old ones to keep the bucket organized.

### Inspect data contents
You can retrieve an object's actual text or JSON content, or just check its technical details like size and type, without downloading the whole file first.

### Audit security policies
The agent checks the bucket’s access policy and internal rules to prove compliance before any write operation happens.

## Use Cases

### Processing uploaded user reports
A data team needs the agent to process a batch of monthly CSV reports. The agent first uses 'list_objects' to find all files under the 'reports/' prefix, then runs 'get_object_metadata' on each one, and finally calls 'get_object_data' to ingest the clean text content for analysis.

### Automated configuration updates
A platform engineer wants the agent to update a critical settings file. The workflow uses 'put_object' to upload the new JSON config, followed by checking the bucket policy using 'get_bucket_policy' before confirming the change.

### Incident response forensics
A security analyst needs to check if an attacker accessed a sensitive directory. They use 'list_objects' for file names, then run 'get_object_acl' and 'get_bucket_policy' on the bucket to prove read access was restricted.

### Cleaning up temporary assets
A background job needs to purge old files. It first runs 'list_objects' for files older than 90 days, and then uses 'delete_object' on the identified keys to keep storage costs low.

## Benefits

- Security: By confining access to a single bucket, you eliminate the risk of cross-bucket data exposure or accidental deletions across your entire cloud environment.
- Auditability: The clear boundaries mean every action is logged against one known resource. Use 'get_bucket_policy' and 'get_object_acl' to prove compliance easily.
- Efficiency: You can use 'list_objects' first, then decide exactly which files need full content via 'get_object_data', avoiding unnecessary downloads or API calls.
- Data Integrity: If you write new data using 'put_object', you can immediately follow up by checking the object's metadata with 'get_object_metadata' to confirm the upload was successful.
- Clean-up: Need to run a weekly job? Use 'delete_object' after listing files via 'list_objects' to maintain storage hygiene without manual intervention.

## How It Works

The bottom line is you get controlled, precise actions on one specific storage location, nothing more.

1. Subscribe to this MCP on Vinkius, providing your AWS Access Key, Secret Key, Region, and the target Bucket Name.
2. Your AI client connects and confirms its scope: all operations are limited exclusively to that single bucket.
3. The agent executes a command—say, listing files or uploading data—and the result is returned directly, proving confined access.

## Frequently Asked Questions

**How is this different from the full Amazon S3 server?**
The full Amazon S3 server gives the agent access to all buckets in your AWS account — it can list, create, and delete buckets. This server scopes the agent to a single, pre-configured bucket. The agent can only read, write, and manage objects within that bucket. This follows the principle of least privilege, which is critical for secure agent deployments.

**How do I get my AWS Access Key and Secret Key?**
Log in to the AWS Management Console, navigate to IAM (Identity and Access Management), and create a user with programmatic access. For this integration, we recommend a policy scoped to a single bucket (e.g., `s3:GetObject`, `s3:PutObject`, `s3:DeleteObject`, `s3:ListBucket` limited to your target bucket ARN).

**Can I upload large files using this integration?**
The `put_object` tool handles standard REST uploads and is best suited for small to medium-sized files or JSON data. For very large files, standard AWS tools utilizing Multipart Uploads are recommended.

**Can my agent access multiple buckets?**
Each instance of this server is scoped to exactly one bucket. If your agent needs access to multiple buckets, you can subscribe to this server multiple times — each with a different bucket configuration. This maintains strict isolation between data boundaries.

**How do I use the `get_bucket_policy` tool to verify compliance for our data?**
This tool fetches the full access policy attached to the bucket. Your agent can inspect this output directly, letting you confirm read/write rules and check if public access is correctly denied for compliance audits.

**Can the `list_objects` tool filter by prefix or delimiter to narrow down my file search?**
Yes. The listing function supports filters using prefixes and delimiters. This lets your agent scope the request, so you only list objects within a specific folder structure instead of retrieving every item in the bucket.

**If I use `delete_object`, what happens if the object key is invalid or permissions fail?**
The integration reports clear error handling. If the object doesn't exist or if the agent lacks permission to delete it, you get a specific failure message detailing exactly why the operation failed.

**What kind of details does `get_object_metadata` provide without needing to download the content?**
It gives crucial file information like its size, content type, last modified date, and storage class. This lets your agent inspect the object's properties instantly without having to read the actual data inside.