Skip to content

Storage Connections MCP Tools

When using the Vendia MCP server, you have access to the following MCP tools for interacting with your storage connections. Each tool serves a specific purpose in managing and working with your stored data.

Permission Requirements

Storage Connections use a two-layer permission system. For any operation to succeed, it must be allowed by both:

  1. IAM Permissions (AWS level) - The outer security boundary
  2. Access Policies (Vendia level) - Fine-grained control using glob patterns

See Access Policies for a comprehensive guide on how these layers work together.

Available Tools

list-storage-connections

Lists all configured storage connections and their status.

  • IAM Permissions: None required
  • Access Policy Actions: None required

list-storage-connection-contents

Browse folder structure and list files in your connected S3 buckets.

  • IAM Permissions: s3:ListBucket
  • Access Policy Actions: FILE_READ or FILE_ALL
  • Note: Only files and folders matching access policy patterns with read permissions will be listed

read-storage-connection-file

Read content from supported file types in your connected S3 buckets.

  • IAM Permissions: s3:GetObject
  • Access Policy Actions: FILE_READ or FILE_ALL
  • Note: The file path must match an access policy pattern that allows read operations

write-storage-connection-file

Create new files or overwrite existing files in your connected S3 buckets.

  • IAM Permissions: s3:PutObject
  • Access Policy Actions:
    • For new files: FILE_CREATE, FILE_WRITE, or FILE_ALL
    • For existing files: FILE_WRITE or FILE_ALL

delete-storage-connection-file

Delete files from your connected S3 buckets.

  • IAM Permissions: s3:DeleteObject
  • Access Policy Actions: FILE_DELETE or FILE_ALL
  • Note: The file path must match an access policy pattern that allows delete operations