aws-security-mcp

aws-security-mcp

42
security

AWS Security MCP is a Model Context Protocol server designed for AI assistants to inspect and analyze AWS infrastructure for security issues. It supports querying various AWS services for security findings and provides features like threat modeling and network visualization. This tool helps automate and enhance the security management of AWS environments.

AWS Security MCP

AWS Security MCP is a Model Context Protocol server that allows AI assistants to autonomously inspect and analyze AWS infrastructure for security issues.

Features

  • Natural language queries for AWS infrastructure.
  • Query security findings from GuardDuty, SecurityHub, IAM Access Analyzer.
  • List and inspect AWS resources for security misconfigurations.
  • Analyze IAM roles, policies, permissions for security issues.
  • Examine EC2 instances, security groups, networking components.
  • Scan for sensitive information.
  • Generate threat modeling reports and context-based security recommendations.
  • Network map visualization.
  • Blast radius analysis.
  • Seamless search between tagged resources.

AWS Services Coverage

Currently Supported

  • IAM, EC2, S3, GuardDuty, SecurityHub, Lambda, Cloudfront, LoadBalancer, Route53, WAF, Shield, IAM Access Analyser, ECS/ECR, Organizations.

Work In Progress

  • CloudTrail, KMS, Config.

Installation

  • Prerequisites include Python 3.11+, AWS account, MCP Client.
  • Setup involves cloning the repository, installing uv, and configuring AWS credentials.