Creates ECS infrastructure using CloudFormation. This tool sets up the necessary AWS infrastructure for deploying applications to ECS. It creates or uses an existing VPC, sets up security groups, IAM roles, and configures the ECS cluster, task definitions, and services. Deployment is asynchronou...
High parameter count (12 properties); Bulk/mass operation — affects multiple targets
Part of the Amazon ECS MCP Server MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.
AI agents use create_ecs_infrastructure to create or modify resources in Amazon ECS MCP Server. Write operations carry medium risk because an autonomous agent could trigger bulk unintended modifications. Rate limits prevent a single agent session from making hundreds of changes in rapid succession. Argument validation ensures the agent passes expected values.
Without a policy, an AI agent could call create_ecs_infrastructure repeatedly, creating or modifying resources faster than any human could review. Intercept's rate limiting ensures write operations happen at a controlled pace, and argument validation catches malformed or unexpected inputs before they reach Amazon ECS MCP Server.
Write tools can modify data. A rate limit prevents runaway bulk operations from AI agents.
tools:
create_ecs_infrastructure:
rules:
- action: allow
rate_limit:
max: 30
window: 60See the full Amazon ECS MCP Server policy for all 10 tools.
Agents calling write-class tools like create_ecs_infrastructure have been implicated in these attack patterns. Read the full case and prevention policy for each:
Other tools in the Write risk category across the catalogue. The same policy patterns (rate-limit, validate) apply to each.
Creates ECS infrastructure using CloudFormation. This tool sets up the necessary AWS infrastructure for deploying applications to ECS. It creates or uses an existing VPC, sets up security groups, IAM roles, and configures the ECS cluster, task definitions, and services. Deployment is asynchronous, poll the get_deployment_status tool every 30 seconds after successful invocation of this. USAGE INSTRUCTIONS: 1. Provide a name for your application 2. Provide the path to your web application directory 3. Decide whether to use force_deploy: - If False (default): Template files will be generated locally for your review - If True: Docker image will be built and pushed to ECR, and CloudFormation stacks will be deployed - ENSURE you get user permission to deploy and inform that this is only for non-production applications. 4. If force_deploy is True, you can optionally specify a deployment_step: - Step 1: Create CFN files and deploy ECR to CloudFormation - Step 2: Build and deploy Docker image to ECR - Step 3: Deploy ECS infrastructure to CloudFormation - If no step is specified, all steps will be executed in sequence 5. Optionally specify VPC and subnet IDs if you want to use existing resources 6. Configure CPU, memory, and scaling options as needed The created infrastructure includes: - Security groups - IAM roles and policies - ECS cluster - Task definition template - Service configuration - Application Load Balancer Parameters: app_name: Name of the application app_path: Path to the web application directory force_deploy: Whether to build and deploy the infrastructure or just generate templates deployment_step: Which deployment step to execute (1, 2, or 3) when force_deploy is True vpc_id: VPC ID for deployment subnet_ids: List of subnet IDs for deployment route_table_ids: List of route table IDs for S3 Gateway endpoint association cpu: CPU units for the task (e.g., 256, 512, 1024) memory: Memory (MB) for the task (e.g., 512, 1024, 2048) desired_count: Desired number of tasks container_port: Port the container listens on health_check_path: Path for ALB health checks Returns: Dictionary containing infrastructure details or template paths. It is categorised as a Write tool in the Amazon ECS MCP Server MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
Add a rule in your Intercept YAML policy under the tools section for create_ecs_infrastructure. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the Amazon ECS MCP Server MCP server.
create_ecs_infrastructure is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the create_ecs_infrastructure rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the Intercept policy for create_ecs_infrastructure. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
create_ecs_infrastructure is provided by the Amazon ECS MCP Server MCP server (awslabs.ecs-mcp-server). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.