Ask about your AWS environment over MCP
Get answers that know what runs, what it is for, what broke and how it recovers. The MCP reads AWS state, infrastructure code, architecture designs and captured intent, then routes approved changes through the control path your environment already trusts.
Stop digging through consoles to answer a simple question
Whether a backup ran, what is driving this month's bill, which deployment went out, whether an account is compliant, the answer is in AWS somewhere, across consoles and accounts. The Infrastructure Lens MCP puts that operational data behind a Model Context Protocol server, so your team asks their AI assistant and gets an answer from the live environment, read-only.
It goes beyond raw data. This is the MCP interface to Infrastructure Lens, the engine that connects AWS state with infrastructure code, architecture designs, captured intent, support history, recovery paths and operational playbooks.
When action is needed, the MCP does not bypass your controls. It prepares or recommends the change, then hands it to the approved path: base2 tools, your internal tools, CloudFormation, pull requests or deployment pipelines.
From a question to an answer, safely
Connect your AI client
Add the MCP to Cursor or Claude Desktop. It discovers the login automatically through the MCP authorization spec.
Log in as yourself
You sign in through your own account with OAuth 2.1 and PKCE. No shared keys and no tokens to manage by hand.
Ask in plain language
Ask about alerts, backups, costs, deployments, resources, compliance, infrastructure code or architecture intent, in the tools your team already works in.
Reads AWS, routes approved actions
The server is read-only against your AWS accounts and context sources. When something should change, it prepares the recommendation and hands it to the approved control path: pull request, pipeline, CloudFormation, base2 tools or one of your own tools.
Answers from live operations
Responses come from your real operational data through your APIs rather than a stale export someone ran last week.
Hosted on AWS
The server runs on AWS, on Fargate behind API Gateway, proxying read-only to your operations APIs.
Ask about your operations in plain language
A dashboard answers the question someone built it for. Your AI assistant answers the question you actually have. The server exposes AWS state, infrastructure code, architecture context and operational data so the agent can answer in plain language.
- Alerts, backups, costs and deployments
- Infrastructure code, architecture context and captured intent
- Resources, Inspector findings and support tickets
- Compliance, stacks, executions and SCPs
- What things are for, recovery paths and playbooks
- Answered in Cursor or Claude Desktop, where your team works
Read-only, signed in as you, actions through approved paths
Giving an AI agent access to AWS is only safe if it cannot act behind your back and you know who asked. Each person signs in as themselves over OAuth, and the server only ever reads from AWS. When something should change, the recommendation is routed through the control path your team already approves.
- OAuth 2.1 with PKCE, each person logs in as themselves
- Read-only against AWS, no standing keys, no direct writes
- Recommendations routed through pull requests, CloudFormation, pipelines, base2 tools or your internal tools
- Auto-discovery through the MCP authorization spec
It knows what your infrastructure is for
Any tool can list what is running. This is Infrastructure Lens asked over MCP, so the agent also knows the infrastructure code, architecture designs, captured intent, what each resource is for and what depends on it. When your team asks "can we remove this" or "why is it built this way", the answer comes from your context, not a guess.
- Infrastructure code and architecture designs, not just live AWS configuration
- The purpose behind each resource and the intent captured with it
- Dependencies, ownership and what breaks if this changes
- Infrastructure Lens, the context and intent engine, asked in plain language
The questions you would otherwise raise a ticket for
Most questions to a managed provider are not incidents. They are is this alert real, what just changed, is this account compliant. Your team asks the agent and gets the answer from your live operations, so they self-serve in the moment instead of raising a ticket and waiting on a reply.
- Alerts and incidents, what is firing and where it stands
- What just deployed or changed across your accounts
- Whether an account is compliant, right now
- Answered in plain language, no ticket and no waiting
Support, recovery and your playbooks
When something breaks at 2am, the answer you need is not generic AWS advice, it is how this environment recovers. The agent reaches your support issues and history, and answers recovery questions from the playbooks and runbooks your environment is actually operated with.
- Support issues and their history, what happened and what fixed it
- Recovery paths, how this service fails over and restores
- Your playbooks and runbooks, answered step by step
- The same procedures our engineers run, readable by your agent
Built by base2Services
The MCP we are building so AI agents can work with AWS operations the safe way, read-only against AWS, signed in as a person and answering from live data.
base2Services is an AWS Advanced Consulting Partner specialising in platform engineering and managed AWS operations. Infrastructure Lens is the engine our engineers run your AWS operations with, and this MCP is its interface. If you would rather not run it yourself, the team that built it can stand it up in front of your operations.
What the MCP reaches
Cloud Monitoring
Ask what is firing and where your coverage gaps are, then let the MCP answer from the monitoring data first.
Learn more →Start/Stop
Ask what you can save and which non-production environments are safe to stop. The MCP recommends the action, then routes it through Start/Stop, CloudFormation or your approved workflow.
Learn more →