AWS MCP Server

Retrieve detailed security group information with comprehensive filtering for network security analysis. This tool provides complete security group data including ingress/egress rules, associated resources, and tags. Critical for security auditing, compliance checking, and network troubleshooting. **Required Parameters:** - profile_name (str): AWS profile name from ~/.aws/credentials - region (str): AWS region (e.g., 'us-east-1', 'eu-west-1') **Optional Parameters:** - group_ids (List[str]): Specific security group IDs to retrieve Example: ['sg-12345678', 'sg-87654321'] - group_names (List[str]): Security group names (VPC security groups use IDs, not names) Example: ['web-server-sg', 'database-sg'] - filters (Dict[str, Any]): Advanced filtering options **Basic Filters:** - 'group-name': ['web-server-sg', 'database-sg'] - Filter by name - 'group-id': ['sg-12345678'] - Filter by ID - 'description': ['Web server security group'] - Filter by description **Network Filters:** - 'vpc-id': ['vpc-12345678'] - Filter by VPC (most common) - 'owner-id': ['123456789012'] - Filter by AWS account ID **Rule-based Filters:** - 'ip-protocol': ['tcp', 'udp', 'icmp'] - Filter by protocol - 'from-port': [22, 80, 443] - Filter by port range start - 'to-port': [22, 80, 443] - Filter by port range end - 'cidr': ['10.0.0.0/16', '0.0.0.0/0'] - Filter by CIDR block **Tag Filters:** - 'tag:Name': ['web-tier', 'db-tier'] - Filter by Name tag - 'tag:Environment': ['production', 'staging'] - Filter by Environment tag - 'tag-key': ['Owner'] - Filter by tag key existence - max_results (int): Limit results (5-1000). Default: no limit - next_token (str): Pagination token from previous request **Common Use Cases:** 1. Audit VPC security groups: filters={'vpc-id': ['vpc-12345678']} 2. Find groups allowing SSH: filters={'from-port': [22], 'to-port': [22]} 3. Security compliance check: filters={'cidr': ['0.0.0.0/0']} (find public access) 4. Find groups by tag: filters={'tag:Environment': ['production']} 5. Owner-based filtering: filters={'owner-id': ['123456789012']} **Response includes:** Group ID, name, description, VPC ID, owner ID, ingress/egress rules (with ports, protocols, source/destination), tags, and associated resources. Essential for security auditing and network access control management.