1. The Developer Context Problem
A typical engineering task involves at least four tools before a line of code is written. You look up the Jira ticket for acceptance criteria, find the relevant Confluence architecture doc, check if a related PR already exists on GitHub, and verify the current state of the staging environment in AWS. That is four context switches, four authentication flows, four search interfaces — and you haven't typed a single character of code yet.
MCP doesn't replace these tools. It gives your AI assistant a way to reach into them so you can stay in one place. The goal is not to eliminate tools — it is to eliminate the switching.
We'll walk through setting up four MCP servers — GitHub, Jira, Confluence, and AWS — and connecting them to Claude Desktop (or any MCP-compatible host). Each section includes the config, the tools exposed, practical usage examples, and security considerations. No cloud service required — all servers run locally on your machine.
2. Architecture Overview
3. GitHub MCP Server Setup
Install and configure
The official GitHub MCP server is maintained by GitHub and available on npm. It uses a Personal Access Token (PAT) for authentication and exposes tools for reading and writing to your repositories.
# Install the GitHub MCP server
npm install -g @modelcontextprotocol/server-github
# Add to Claude Desktop config (~/.config/claude/claude_desktop_config.json)
{
"mcpServers": {
"github": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-github"],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_your_token_here"
}
}
}
}Token scopes needed
Create a GitHub PAT at Settings → Developer Settings → Personal Access Tokens (Fine-grained). Required scopes: Contents: Read, Issues: Read/Write, Pull requests: Read/Write, Metadata: Read. For org repos, add the org in the "Resource Owner" field.
"What PRs are open on the main branch of org/api-service?"
"Show me the diff for PR #247 and summarise what changed."
"Search for all files that import legacy-auth across all repos."
"Create a GitHub issue: 'Fix null pointer in PaymentController' with label bug."
"Who reviewed the last 5 commits to main and what was their feedback?"
4. Jira MCP Server Setup
For Jira Cloud, generate an API token at https://id.atlassian.com/manage-profile/security/api-tokens. The community-maintained mcp-atlassian package supports both Jira and Confluence with a single server process.
# Install mcp-atlassian (covers both Jira and Confluence)
pip install mcp-atlassian
# Config in claude_desktop_config.json
{
"mcpServers": {
"atlassian": {
"command": "uvx",
"args": ["mcp-atlassian"],
"env": {
"JIRA_URL": "https://your-org.atlassian.net",
"JIRA_USERNAME": "you@your-org.com",
"JIRA_API_TOKEN": "your_jira_api_token",
"CONFLUENCE_URL": "https://your-org.atlassian.net/wiki",
"CONFLUENCE_USERNAME": "you@your-org.com",
"CONFLUENCE_API_TOKEN": "your_confluence_api_token"
}
}
}
}"What tickets are in the current sprint for the Backend team?"
"Find all P1 bugs reported in the last two weeks."
"What's the status of PROJ-2847 and who is it assigned to?"
"Create a sub-task under PROJ-2910 titled 'Add unit tests for payment refund flow'."
"Show me all tickets blocked on PROJ-2800."
5. Confluence MCP Setup
If you used the mcp-atlassian package above, Confluence is already included. You can now ask Claude to search, read, and create Confluence pages.
"Find the architecture decision record for the payment service rewrite."
"What does the onboarding runbook say about deploying to production?"
"Create a draft Confluence page titled 'API v3 Migration Plan' under the Engineering space."
"Summarise all pages tagged incident-postmortem from Q1 2026."
"Update the 'Known Issues' section of PROJ-DEP-44 to note the fix deployed in v2.4.1."
6. AWS MCP Server Setup
AWS provides official MCP servers for most AWS services. Install the ones your team uses most. Authentication uses standard AWS credential chain (IAM roles, AWS SSO, or access keys in env vars).
# Install AWS MCP servers (choose the services you need)
npm install -g @aws/cdk-mcp-server
npm install -g @aws/aws-documentation-mcp-server
# For broader resource access, use the community awslabs MCP servers
# https://github.com/awslabs/mcp
# Example config using AWS SSO (recommended over static keys)
{
"mcpServers": {
"aws-docs": {
"command": "npx",
"args": ["-y", "@aws/aws-documentation-mcp-server"],
"env": {
"AWS_PROFILE": "your-sso-profile",
"AWS_REGION": "us-east-1"
}
}
}
}Never use root credentials or admin IAM users for MCP servers. Create a dedicated IAM user or role with only the permissions the MCP server needs. For read-only operations (listing resources, querying logs), a policy granting only Describe*, List*, and Get* actions is sufficient. Add cloudwatch:GetMetricData separately for CloudWatch access.
"What EC2 instances are running in us-east-1 and what are their states?"
"Show me the last 50 error logs from the api-gateway-prod CloudWatch log group."
"Which S3 buckets have public access enabled?"
"What Lambda functions have not been invoked in the last 30 days?"
"List all RDS instances and their current connection counts."
7. Combining All Four in a Unified Workflow
The real value emerges when you chain across all four systems. Here are multi-tool workflows that would previously require 15+ minutes of context switching:
Morning standup prep (3 seconds)
User: "Summarise what I worked on yesterday based on my GitHub commits,
Jira ticket updates, and any Confluence pages I edited."
→ GitHub: list my commits from yesterday
→ Jira: list issues I transitioned or commented on yesterday
→ Confluence: list pages I modified yesterday
→ Claude: synthesise into a clean standup summaryPR review with context
User: "Review PR #312. Check if it addresses the acceptance criteria
in PROJ-2847 and whether there's a relevant Confluence doc
for this feature area."
→ GitHub: get PR #312 diff + description
→ Jira: get PROJ-2847 acceptance criteria
→ Confluence: search for docs on this feature
→ Claude: cross-reference and write a structured reviewIncident investigation
User: "We're seeing 500 errors in the payment service since 14:00.
Check CloudWatch logs, find the relevant GitHub commits
from today, and see if there's an open Jira incident ticket."
→ AWS CloudWatch: query error logs since 14:00
→ GitHub: list commits to payment-service since 14:00
→ Jira: search for open P1 incidents for payment-service
→ Claude: correlate and produce incident summary8. Security and Governance
Running four MCP servers that touch production systems requires deliberate security choices.
| Control | Recommendation |
|---|---|
| Credentials | Use OS keychain or .env files outside version control; never hardcode tokens |
| Scope | Minimum required — read-only by default; enable write operations explicitly per task |
| Audit logging | All tool calls are logged in Claude Desktop's conversation history — review regularly |
| Prompt injection | Be cautious with issues/comments from untrusted sources — they can contain injections |
| Token rotation | Rotate API tokens quarterly; use short-lived tokens (GitHub fine-grained PATs expire) |
JSON Validator
MCP config files are JSON. Validate your claude_desktop_config.json before reloading Claude to catch syntax errors before they crash the MCP connection.