Skip to content

AWS Labs Amazon Kendra Index MCP Server

An AWS Labs Model Context Protocol (MCP) server for Amazon Kendra. This MCP server allows you to use Kendra Indices as additional context for RAG.

Features:

  • Enhance your existing MCP-enabled ChatBot with additional RAG indices
  • Enhance the responses from coding assitants such as Cline, Cursor, Windsurf, Amazon Q Developer, etc.

Pre-Requisites:

  1. Sign-Up for an AWS account
  2. Create an Amazon Kendra Index with your RAG documentation
  3. Install uv from Astral or the GitHub README
  4. Install Python using uv python install 3.10

Tools:

KendraQueryTool

  • The KendraQueryTool takes the query specified by the user and queries a Kendra index to gain additional context for the response. This queries either the default index, or an index specified in the users prompt.
  • Required Parameters: query (str)
  • Optional Parameters: indexId (str), region (str)
  • Example:
    • Can you help me understand how to implement a progress event in the CreateHandler using Java? Use the KendraQueryTool to gain additional context.
    • Can you use the test-kendra-index to help answer the following questions...

KendraListIndexesTool

  • The KendraListIndexesTool lists the Kendra Indexes in your account. By default it will list all the indices in the regions provided as environment variables to the mcp config file. Otherwise the region can bev specified in the prompt.
  • Optional Parameters: region (str)
  • Example:
    • Can you list the Kendra Indexes in my account in the us-west-2 region

Setup

IAM Configuration

  1. Provision a user in your AWS account IAM
  2. Attach a policy that contains at a minimum the kendra:Query and kendra:ListIndices permissions. Alternatively the AWS Managed AmazonKendraFullAccess policy can be attached. Always follow the principal or least privilege when granting users permissions. See the documentation for more information on IAM permissions for Amazon Kendra.
  3. Use aws configure on your environment to configure the credentials (access ID and access key)

Installation

Configure the MCP server in your MCP client configuration (e.g., for Amazon Q Developer CLI, edit ~/.aws/amazonq/mcp.json):

{
      "mcpServers": {
            "awslabs.amazon-kendra-index-mcp-server": {
                  "command": "uvx",
                  "args": ["awslabs.amazon-kendra-index-mcp-server"],
                  "env": {
                    "FASTMCP_LOG_LEVEL": "ERROR",
                    "KENDRA_INDEX_ID": "[Your Kendra Index Id]",
                    "AWS_PROFILE": "[Your AWS Profile Name]",
                    "AWS_REGION": "[Region where your Kendra Index resides]"
                  },
                  "disabled": false,
                  "autoApprove": []
                }
      }
}
or docker after a successful docker build -t awslabs/amazon-kendra-index-mcp-server.:

# fictitious `.env` file with AWS temporary credentials
AWS_ACCESS_KEY_ID=<from the profile you set up>
AWS_SECRET_ACCESS_KEY=<from the profile you set up>
AWS_SESSION_TOKEN=<from the profile you set up>

  {
    "mcpServers": {
      "awslabs.amazon-kendra-index-mcp-server": {
        "command": "docker",
        "args": [
          "run",
          "--rm",
          "--interactive",
          "--env-file",
          "/full/path/to/file/above/.env",
          "awslabs/amazon-kendra-index-mcp-server:latest"
        ],
        "env": {},
        "disabled": false,
        "autoApprove": []
      }
    }
  }
NOTE: Your credentials will need to be kept refreshed from your host

Best Practices

  • Follow the principle of least privilege when setting up IAM permissions
  • Use separate AWS profiles for different environments (dev, test, prod)
  • Monitor broker metrics and logs for performance and issues
  • Implement proper error handling in your client applications

Security Considerations

When using this MCP server, consider:

  • This MCP server needs permissions to query and list Amazon Kendra Indexes
  • This MCP server cannot create, modify, or delete resources in your account

Troubleshooting

  • If you encounter permission errors, verify your IAM user has the correct policies attached
  • For connection issues, check network configurations and security groups
  • If resource modification fails with a tag validation error, it means the resource was not created by the MCP server
  • For general Amazon Kendra issues, consult the Amazon Kendra developer guide

Version

Current MCP server version: 0.0.0