MCP Server
Audex ships as an MCP server so Claude Code can request scoped, short-lived credentials natively for AWS, GCP, Azure, or Vault — without Bash wrapping.
Add to your project’s .mcp.json:
{ "mcpServers": { "audex": { "command": "/path/to/audex", "args": ["mcp"] } }}Set provider-specific environment variables before starting Claude Code:
For AWS:
export AUDEX_ROLE_ARN="arn:aws:iam::123456789012:role/AudexAgentRole"For GCP:
gcloud auth application-default loginexport AUDEX_GCP_SERVICE_ACCOUNT="audex-agent@my-project.iam.gserviceaccount.com"For Azure:
az loginexport AZURE_SUBSCRIPTION_ID="12345678-1234-1234-1234-123456789012"When Claude Code starts, it connects to the Audex MCP server automatically. Claude then sees three native tools.
audex_run
Section titled “audex_run”Run a command with scoped, short-lived credentials for AWS, GCP, Azure, or Vault.
| Parameter | Type | Required | Description |
|---|---|---|---|
allow | string | Yes | Comma-separated IAM/permission actions (format depends on provider) |
command | string[] | Yes | Command and arguments to execute |
provider | string | No | Cloud provider: “aws”, “gcp”, “azure”, “vault” (default: “aws”) |
ttl | string | No | Time-to-live (default: “15m”) |
budget | number | No | Budget limit in USD (AWS only) |
role_arn | string | No | IAM role ARN (AWS) or service account email (GCP) |
profile | string | No | Named policy profile (e.g., “s3-readonly”) |
resource | string | No | Resource ARN restriction |
Examples:
// AWS: read S3audex_run({ provider: "aws", allow: "s3:GetObject,s3:ListBucket", command: ["aws", "s3", "ls"]})
// GCP: read Cloud Storageaudex_run({ provider: "gcp", allow: "storage.objects.get,storage.objects.list", command: ["gsutil", "ls"]})
// Azure: list storage accountsaudex_run({ provider: "azure", allow: "Microsoft.Storage/storageAccounts/read", command: ["az", "storage", "account", "list"]})
// Using a profileaudex_run({ provider: "aws", profile: "s3-readonly", command: ["aws", "s3", "ls"]})audex_sessions
Section titled “audex_sessions”List credential sessions with their status and metadata.
| Parameter | Type | Required | Description |
|---|---|---|---|
status | string | No | Filter by status |
limit | number | No | Max results (default: 20) |
audex_audit
Section titled “audex_audit”View the audit trail of session events.
| Parameter | Type | Required | Description |
|---|---|---|---|
session_id | string | No | Filter by session ID |
limit | number | No | Max entries (default: 50) |
How It Works
Section titled “How It Works”The MCP server runs as a long-lived process communicating over stdin/stdout using JSON-RPC (the Model Context Protocol). It is built in Rust using the rmcp crate (the official MCP SDK). No Anthropic API key is required.
When Claude calls audex_run:
- Audex creates a session and issues STS credentials (same as
tryaudex runCLI) - The command runs as a subprocess with credentials injected
- stdout and stderr are captured (not inherited, since stdin/stdout is the MCP channel)
- Results are returned to Claude as structured text
- Session is logged to the audit trail
Differences from CLI
Section titled “Differences from CLI”| Behavior | CLI (tryaudex run) | MCP (audex_run) |
|---|---|---|
| stdio | Inherited (you see output live) | Captured (returned to Claude) |
| Interaction | User runs it manually | Claude calls it as a tool |
| Output | Printed to terminal | Returned as MCP tool result |
| Session tracking | Same | Same |
| Audit logging | Same | Same |
Testing the MCP Server
Section titled “Testing the MCP Server”You can test the server manually by sending JSON-RPC messages:
echo '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"test","version":"1.0"}}}' | tryaudex mcpThe server should respond with its capabilities and tool definitions.