Just-in-time access for MCP servers on AWS

Why does my team still rely on long‑lived AWS credentials for MCP servers?

Implementing just-in-time access for MCP servers on AWS eliminates the need for permanent credentials. Most organizations that run MCP (Model‑Control‑Plane) servers on AWS provision a service account once, grant it broad IAM permissions, and embed the access key in deployment scripts. The same credential is then reused by every developer, CI job, and automation bot. When a new engineer joins, the key is shared, and when someone leaves, the secret often remains in version control or on disk. Because the credential never changes, any compromise instantly gives an attacker unrestricted access to every MCP endpoint. Auditors see a single static key in the inventory and have no visibility into who actually issued a request or what data was returned.

What does just-in-time access change, and what does it still leave unprotected?

Introducing a just‑in‑time (JIT) model means the system issues a short‑lived token only when a specific request is made. The token is scoped to the exact operation – for example, a read of a particular model version – and it expires after a few minutes. This reduces the blast radius of a leaked secret and enforces the principle of least privilege.

However, JIT alone does not close the gap at the network edge. The request still travels directly from the client to the MCP server, bypassing any central point where the organization can inspect the payload, enforce additional policies, or record the interaction. Without a gateway, there is no guaranteed audit trail, no inline masking of sensitive fields, and no ability to pause a risky command for human approval. In other words, JIT creates a temporary credential but leaves the data path completely open.

hoop.dev places the enforcement point in the data path

hoop.dev acts as a Layer 7 identity‑aware proxy that sits between every client and the MCP service running in AWS. When a user or automation agent authenticates via OIDC, hoop.dev validates the token, extracts group membership, and then evaluates the request against a policy that requires just‑in‑time approval. If the policy matches, hoop.dev either grants a temporary credential to the MCP server or routes the request to an approval workflow. The gateway records the entire session, masks any fields marked as sensitive, and can block commands that violate policy before they reach the server.

How the JIT flow works through hoop.dev

1. The client presents an OIDC token to hoop.dev. 2. hoop.dev checks the token against the organization’s policy that mandates JIT for MCP endpoints. 3. If approval is required, hoop.dev triggers the workflow and, once approved, generates a short‑lived credential that is forwarded only to the MCP server. 4. All traffic passes through hoop.dev, which inspects each request and response. Sensitive response fields are masked in real time, and every command is logged for replay.

Continue reading? Get the full guide.

Just-in-Time Access + AWS IAM Policies: Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

Because hoop.dev is the only component that can see the traffic, the enforcement outcomes – JIT approval, session recording, inline masking, and command blocking – exist solely because hoop.dev sits in the data path.

Benefits of the gateway approach

Every access to an MCP server is tied to an identity and a just‑in‑time token, eliminating the need for long‑lived secrets.
hoop.dev records an immutable log of who did what, when, and what data was returned, giving auditors a complete view.
Sensitive fields such as API keys or model parameters are automatically redacted before they reach downstream logs or monitoring tools.
Risky operations can be paused for manual review, preventing accidental data exfiltration or destructive changes.
Because the gateway runs as a container or Kubernetes pod near the MCP service, latency is minimal while still providing full protocol awareness.

Getting started with hoop.dev for MCP servers on AWS

Begin by reviewing the getting‑started guide to deploy the gateway in your AWS environment. The guide walks you through installing the network‑resident agent, configuring OIDC authentication, and registering an MCP endpoint as a connection. Detailed policy examples and a walkthrough of the just‑in‑time approval workflow are available in the feature documentation. When you are ready to explore the source code, contribute, or fork the project, visit the official repository: Explore the hoop.dev source repository on GitHub.

FAQ

Is hoop.dev compatible with existing AWS IAM roles?

Yes. hoop.dev can be configured to use an IAM role that has read‑only access to the MCP service. The gateway then issues short‑lived credentials derived from that role for each approved request.

How does hoop.dev handle failures in the approval workflow?

If an approval request cannot be completed – for example, because the approver is unavailable – hoop.dev denies the request and logs the denial, ensuring no unauthenticated access slips through.

Can hoop.dev mask data without affecting the original MCP response?

hoop.dev performs inline masking on the response stream before it reaches the client. The original data remains unchanged on the MCP server, preserving integrity while protecting downstream consumers.