list_service_operations

OPERATION DISCOVERY TOOL - For operation inventory only. Use audit_services() as PRIMARY tool for operation auditing. **IMPORTANT: For operation auditing and performance analysis, use audit_services() as the PRIMARY tool instead.** **CRITICAL LIMITATION: This tool only discovers operations that have been ACTIVELY INVOKED in the specified time window.** - **Maximum time window: 24 hours** (Application Signals limitation for operation discovery) - **No results = No operation invocations** in the time window (operations exist but weren't called) - **Empty results do NOT mean operations don't exist** - they may just be inactive - **For comprehensive operation analysis regardless of recent activity, use audit_services() instead** **RECOMMENDED WORKFLOW FOR OPERATION AUDITING:** 1. **Use audit_services() FIRST** for comprehensive operation discovery AND performance analysis 2. **Only use this tool** if you need a simple operation inventory of RECENTLY ACTIVE operations 3. **audit_services() is more comprehensive** - it discovers operations AND provides performance insights even for inactive operations **What this tool provides:** - Basic operation inventory (names and available metric types) for RECENTLY INVOKED operations only - Operation count and categorization (GET, POST, etc.) for active operations - Time range for discovery (max 24 hours) **What this tool does NOT provide:** - Operations that exist but weren't invoked in the time window - Operation performance analysis - Latency, error rate, or fault analysis - Root cause analysis - Actionable recommendations **For comprehensive operation auditing, use audit_services() instead:** ``` audit_services( service_targets='[{"Type":"service","Data":{"Service":{"Type":"Service","Name":"your-service"}}}]', auditors='all', ) ``` **OPERATION DISCOVERY USE CASES (when audit_services is not sufficient):** 1. **Active operation inventory**: When you only need recently invoked operation names without performance data 2. **Traffic pattern analysis**: To see which operations are currently being used 3. **Quick active operation count**: To understand current operation activity of a service **RECOMMENDED WORKFLOW:** 1. **Use audit_services() FIRST** for comprehensive operation discovery and analysis 2. **Only use this tool** for basic inventory of recently active operations if audit_services() provides too much detail This tool provides basic operation discovery for ACTIVE operations only, but audit_services() is the primary tool for comprehensive operation auditing, performance analysis, and operation insights regardless of recent activity.. It is categorised as a Read tool in the CloudWatch Application Signals MCP Server MCP Server, which means it retrieves data without modifying state.

Add a rule in your Intercept YAML policy under the tools section for list_service_operations. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the CloudWatch Application Signals MCP Server MCP server.

list_service_operations is a Read tool with low risk. Read-only tools are generally safe to allow by default.

Yes. Add a rate_limit block to the list_service_operations rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

Set action: deny in the Intercept policy for list_service_operations. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

list_service_operations is provided by the CloudWatch Application Signals MCP Server MCP server (awslabs.cloudwatch-applicationsignals-mcp-server). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.