MCP.so
登录

Aws Security Mcp

@groovyBugify

关于 Aws Security Mcp

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

基本信息

分类

云与基础设施

许可证

Apache-2.0

运行时

python

传输方式

stdio

发布者

groovyBugify

提交者

Saransh Rana

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "aws-security": {
      "command": "/path/to/aws-security-mcp/run_aws_security.sh"
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Aws Security Mcp?

Aws Security Mcp is a Model Context Protocol server that enables AI assistants to perform comprehensive AWS security analysis through natural language queries. It bridges AI assistants like Claude with AWS security services, providing real-time infrastructure analysis across multiple accounts without requiring deep AWS CLI knowledge.

How to use Aws Security Mcp?

Clone the repository, set up a Python 3.11+ environment with uv, install dependencies, configure AWS credentials and config.yaml, then run the server locally or deploy it as an ECS service. Configure your MCP client (e.g., Claude Desktop) by installing mcp-proxy and adding the server’s SSE endpoint to the client’s configuration.

Key features of Aws Security Mcp

  • Automatic cross-account discovery via AWS Organizations
  • Natural language queries for AWS resources
  • Integrated findings from GuardDuty, SecurityHub, and Access Analyzer
  • Infrastructure mapping, threat modelling, and blast radius analysis
  • Athena-powered log analytics for CloudTrail, VPC Flow Logs, and more

Use cases of Aws Security Mcp

  • List running EC2 instances and check Lambda function secrets
  • Analyze GuardDuty findings and IAM roles with administrative privileges
  • Generate network maps and blast radius analysis for IP addresses
  • Query resources tagged by team across all accounts in an organization
  • Review compliance status using SecurityHub and Athena log analysis

FAQ from Aws Security Mcp

What prerequisites are required to run Aws Security Mcp?

Python 3.11 or higher, uv package manager, an AWS account with IAM permissions, and a compatible MCP client (e.g., Claude Desktop). The AWS IAM user/role must have the SecurityAudit policy attached.

How do I configure cross-account access?

Create an IAM role named aws-security-mcp-cross-account-access in each target account with a trust policy allowing your master account to assume it. Attach the SecurityAudit managed policy to the role.

Which security services does the server integrate with?

GuardDuty, SecurityHub, IAM Access Analyzer, and Athena for log analysis. It also analyzes EC2, S3, Lambda, CloudFront, Route53, WAF, and other security-relevant services.

Can I use this server without Athena integration?

Yes. Athena permissions are optional and only needed for advanced log analysis features. Core functionality (resource discovery, security findings, IAM analysis) works without it.

Which MCP clients are supported?

Claude Desktop, Cline, and any MCP-compatible client. Use of a plan supporting token sizes greater than 100,000 is recommended.

评论

云与基础设施 分类下的更多 MCP 服务器