AWS Labs Redshift MCP Server

0.0.20 · active · verified Thu Apr 16

The AWS Labs Redshift Model Context Protocol (MCP) server enables AI assistants to securely discover, explore, and query Amazon Redshift clusters and serverless workgroups. It provides a standardized interface for metadata exploration and safe, read-only SQL query execution, facilitating natural language interaction with Redshift data. The current version is 0.0.20 and it is actively maintained as part of the broader AWS Labs MCP ecosystem.

Common errors

```
Unhandled error type Could not load credentials from any providers
```
cause The Redshift MCP server could not find valid AWS credentials or a configured region to connect to AWS services (e.g., Redshift Data API, Secrets Manager).

fix Ensure your AWS credentials are properly configured via environment variables (`AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_SESSION_TOKEN`), an `AWS_PROFILE`, or AWS CLI configuration. Also, set `AWS_REGION` or `AWS_DEFAULT_REGION` environment variables.
```
You don't have permission to perform this action.
```
cause The AWS IAM role or user credentials used by the MCP server lack the necessary permissions to perform Redshift discovery or data API actions. This can also be due to insufficient database-level permissions within Redshift.

fix Review the required IAM permissions (e.g., `redshift:DescribeClusters`, `redshift-serverless:ListWorkgroups`, `redshift-data:ExecuteStatement`) and Redshift database permissions (`USAGE` on schemas, `SELECT` on tables/views) and update your policies accordingly.
```
redshift-mcp-server: Transaction Aborted Error
```
cause A previous SQL query failed, leaving the Redshift session in an aborted transaction state, preventing subsequent queries from executing successfully.

fix This often occurs after an invalid SQL query. Verify the query for syntax or logical errors. The typical workaround is to reset the MCP client connection to initiate a new Redshift session.

Warnings

gotcha The Redshift MCP server primarily supports READ ONLY SQL query execution. Write operations (INSERT, UPDATE, DELETE) are not directly supported through the standard tools for safety and protection.
Fix: Plan for read-only analytical workloads. For write operations, use traditional Redshift connection methods or other AWS services.
gotcha By default, all users interacting with the MCP server share a single Redshift identity. This makes it challenging to enforce fine-grained, per-user group-based access controls within Redshift, as everyone connects as the same database user.
Fix: Consider advanced configurations like `REDSHIFT_DB_USER_AUTO_DERIVE` or custom wrapper servers to map individual IAM identities to Redshift database users and groups, if supported by the client and server version.
gotcha If a SQL query executed through the Redshift MCP server fails (e.g., due to syntax errors or non-existent tables), the underlying Redshift session can enter a persistent 'Transaction Aborted Error' state. Subsequent queries will also fail until the MCP connection is reset.
Fix: Ensure SQL queries are valid and test them carefully. If an error occurs, restarting the MCP client or the session is often required to clear the aborted transaction state.

Install

pip install awslabs-redshift-mcp-server Install with pip
uv pip install awslabs-redshift-mcp-server Install with uv (recommended)

Imports

awslabs.redshift-mcp-server
```
command: uvx awslabs.redshift-mcp-server@latest
```
The Redshift MCP server is typically run as a command-line application by an MCP client (e.g., Amazon Q, Claude Desktop, Cursor IDE), not imported as a Python library for direct function calls. This 'import' reflects how clients configure its execution.

Quickstart

To quickly start using the Redshift MCP server, configure your MCP client (e.g., in `~/.aws/amazonq/mcp.json` for Amazon Q CLI) with the above JSON block. Ensure your AWS credentials are configured (e.g., via `AWS_PROFILE` or `AWS_ACCESS_KEY_ID`/`AWS_SECRET_ACCESS_KEY` environment variables, or AWS CLI configuration). You must also specify the Redshift cluster identifier, database name, and an AWS region.

{
  "mcpServers": {
    "awslabs.redshift-mcp-server": {
      "type": "stdio",
      "command": "uvx",
      "args": ["awslabs.redshift-mcp-server@latest"],
      "env": {
        "AWS_PROFILE": "my-redshift-profile",
        "AWS_DEFAULT_REGION": "us-east-1",
        "REDSHIFT_CLUSTER_IDENTIFIER": "my-redshift-cluster",
        "REDSHIFT_DATABASE": "dev",
        "FASTMCP_LOG_LEVEL": "INFO" 
      }
    }
  }
}

view raw JSON →