redshift-mcp-server
by mrcyrilgoud
Overview
This server acts as a Model Context Protocol (MCP) gateway for Amazon Redshift, allowing clients to discover database schemas and tables, describe table structures, and execute read-only SQL queries.
Installation
npm startEnvironment Variables
- REDSHIFT_HOST
- REDSHIFT_PORT
- REDSHIFT_DATABASE
- REDSHIFT_USER
- REDSHIFT_PASSWORD
Security Notes
The server's `execute_query` tool allows arbitrary `SELECT`, `WITH`, or `EXPLAIN` SQL queries from user input. While intended for read-only access, this broad permission can be abused for denial-of-service, resource exhaustion, or sophisticated data exfiltration by crafting complex queries that align with allowed Redshift user permissions. The client-side `startsWith` check is insufficient to prevent all forms of malicious query construction. Additionally, the Redshift connection uses `ssl: { rejectUnauthorized: false }`, disabling SSL certificate validation and exposing the connection to potential Man-in-the-Middle (MITM) attacks. There are no hardcoded secrets or direct `eval` of user input, but the aforementioned issues are significant.
Similar Servers
enhanced-postgres-mcp-server
This server acts as a Model Context Protocol interface for PostgreSQL, enabling LLMs to query data, modify records, and manage database schema objects with read and write capabilities.
mysql_mcp_server
This server provides a Model Context Protocol (MCP) interface to a MySQL database, enabling AI models to execute SQL queries and retrieve database schema information.
mcp-postgres
Provides a read-only Model Context Protocol (MCP) server for AI tools (like Claude Code, Cursor) to query a PostgreSQL database directly.
redshift-mcp-server
This server acts as a Model Context Protocol (MCP) agent for AWS Redshift, enabling programmatic access to Redshift schemas, table metadata, and allowing execution of read-only SQL queries.