
Cloud Audit
@gebalamariusz
Cloud Audit について
Open-source AWS security scanner with Attack Chains, Breach Cost Estimation, and MCP Server. 47 checks across 15 AWS services. Every finding includes copy-paste remediation (CLI + Terraform) and a dollar-risk estimate with verified source. First free standalone AWS security MCP s
基本情報
設定
以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。
{
"mcpServers": {
"cloud-audit": {
"command": "uvx",
"args": [
"--from",
"cloud-audit",
"cloud-audit-mcp"
]
}
}
}ツール
6Run an AWS security scan and return a summary. Scans your AWS account for security misconfigurations, detects attack chains, and estimates breach cost risk. Args: profile: AWS CLI profile name (default: "default") regions: Comma-separated AWS regions to scan (default: profile region) min_severity: Minimum finding severity: critical, high, medium, low
Get findings from the last scan, optionally filtered. Each finding includes check ID, severity, resource, description, and estimated breach cost. Args: severity: Filter by severity (critical, high, medium, low) service: Filter by AWS service prefix (e.g. "iam", "s3", "ec2", "vpc") limit: Maximum number of findings to return (default: 20)
Get all detected attack chains from the last scan. Attack chains are correlated findings that form exploitable attack paths. Each chain includes a narrative, priority fix, and breach cost estimate.
Get remediation details (CLI command + Terraform code) for a specific check. Returns copy-paste ready AWS CLI command and Terraform HCL snippet to fix the finding. Args: check_id: The check ID (e.g. "aws-iam-001", "aws-s3-001", "aws-vpc-002")
Get the current health score and risk exposure summary. Returns the 0-100 health score, finding counts by severity, attack chain count, and total estimated risk exposure in USD.
List all available security checks (no AWS credentials needed). Returns check IDs with their categories and services.
概要
What is Cloud Audit?
Cloud Audit is an open-source CLI scanner that correlates AWS security findings into attack chains and provides copy-paste remediation in AWS CLI and Terraform. It is built for security engineers and cloud teams who need actionable, context-rich output rather than a flat list of issues.
How to use Cloud Audit?
Install with pip install cloud-audit and run cloud-audit scan (uses default AWS credentials). For a demo without an account, run cloud-audit demo. The MCP server is started with claude mcp add cloud-audit -- uvx --from cloud-audit cloud-audit-mcp.
Key features of Cloud Audit
- Attack chain detection (20 rules) correlating findings into exploitable paths
- Copy-paste remediation with AWS CLI commands and Terraform HCL
- Scan diff to track drift between scans
- Built-in compliance engines for CIS AWS v3.0 and SOC
「開発者ツール」の他のコンテンツ
DevDocs by CyberAGI 🚀
cyberagiincCompletely free, private, UI based Tech Documentation MCP server. Designed for coders and software developers in mind. Easily integrate into Cursor, Windsurf, Cline, Roo Code, Claude Desktop App
MCP Framework
QuantGeekDevThe Typescript MCP Framework
OpenSumi
opensumiA framework helps you quickly build AI Native IDE products. MCP Client, supports Model Context Protocol (MCP) tools via MCP server.

Sentry
modelcontextprotocolModel Context Protocol Servers
Grafana MCP server
grafanaMCP server for Grafana
コメント