What can you do with this server?

The AWS Security MCP server enables AI assistants to interact with AWS security services for comprehensive infrastructure inspection and analysis. * **Query AWS Infrastructure**: Use natural language to query resources across EC2, S3, IAM, Lambda, CloudFront, Load Balancers, Route53, WAF, and Shield * **Security Findings Analysis**: Retrieve and analyze findings from GuardDuty, SecurityHub, and IAM Access Analyzer * **Detailed Security Audits**: Perform audits on IAM roles, policies, permissions, EC2 instances, security groups, and networking components * **S3 Security Checks**: Scan buckets for public access and security issues * **Domain Security Analysis**: Check for subdomain takeover vulnerabilities and DNS configurations * **Sensitive Data Scanning**: Scan environment variables and configurations for sensitive information * **Security Reporting**: Generate threat modeling reports, security recommendations, network maps, and blast radius analyses * **Tag-Based Searches**: Search and analyze AWS resources by tags

Which integrations are available for this server?

Integration with [Brave](/mcp/servers/integrations/brave) Search for web searching capabilities, can be coupled with AWS Security MCP for enhanced functionality. Repository hosting for the AWS Security MCP project, accessible via git clone from the groovyBugify organization. Required runtime environment for AWS Security MCP, version 3.11+ needed to execute the server.

AWS Security MCP

License: MIT Python 3.11+

A Model Context Protocol (MCP) server that enables AI assistants to perform comprehensive AWS security analysis through natural language queries.

Overview

AWS Security MCP bridges AI assistants like Claude with AWS security services, enabling real-time infrastructure analysis through conversational queries. The system automatically discovers and analyzes resources across multiple AWS accounts, providing security insights without requiring deep AWS CLI knowledge.

Key Capabilities

Cross-Account Discovery: Automatic detection and access to AWS Organization accounts
Natural Language Interface: Query AWS resources using plain English
Security Analysis: Integrated findings from GuardDuty, SecurityHub, and Access Analyzer
Infrastructure Mapping: Network topology, threat modelling, security review and blast radius analysis
Log Analytics: Athena-powered analysis of CloudTrail, VPC Flow Logs, and security events

Related MCP server: GCP MCP

Prerequisites

Python: 3.11 or higher
Package Manager: uv
AWS Account: With appropriate IAM permissions
MCP Client: Claude Desktop, Cline, or compatible client

AWS Requirements

MCP Server's AWS credentials must have the following permissions:

Core MCP Permissions

{ "Version": "2012-10-17", "Statement": [ { "Sid": "CrossAccountAccess", "Effect": "Allow", "Action": [ "sts:AssumeRole" ], "Resource": "arn:aws:iam::*:role/aws-security-mcp-cross-account-access" }, { "Sid": "OrganizationDiscovery", "Effect": "Allow", "Action": [ "organizations:ListAccounts" ], "Resource": "*" } ] }

Athena Integration Permissions

For advanced log analysis capabilities, additional permissions are required:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "AthenaQueryExecution", "Effect": "Allow", "Action": [ "athena:BatchGetQueryExecution", "athena:GetQueryExecution", "athena:GetQueryResults", "athena:GetWorkGroup", "athena:GetTableMetadata", "athena:ListQueryExecutions", "athena:StartQueryExecution", "athena:GetQueryResultsStream", "athena:GetDataCatalog", "athena:ListDataCatalogs", "athena:ListDatabases", "athena:ListTableMetadata" ], "Resource": "*" }, { "Sid": "GlueCatalogAccess", "Effect": "Allow", "Action": [ "glue:GetDatabase", "glue:GetDatabases", "glue:GetTable", "glue:GetTables", "glue:GetPartition", "glue:GetPartitions", "glue:BatchGetPartition" ], "Resource": "*" }, { "Sid": "S3LogDataAccess", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::your-cloudtrail-bucket/*", "arn:aws:s3:::your-cloudtrail-bucket", "arn:aws:s3:::your-vpc-flow-logs-bucket/*", "arn:aws:s3:::your-vpc-flow-logs-bucket", "arn:aws:s3:::your-security-logs-bucket/*", "arn:aws:s3:::your-security-logs-bucket" ] }, { "Sid": "AthenaResultsAccess", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:ListBucket", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::your-athena-results-bucket/*", "arn:aws:s3:::your-athena-results-bucket" ] } ] }

Required AWS Managed Policies

SecurityAudit Policy (Required)

Attach the AWS managed SecurityAudit policy to your MCP Server's IAM user or IAM role:

Policy ARN: arn:aws:iam::aws:policy/SecurityAudit

This policy provides comprehensive read-only access to AWS security services and is essential for AWS Security MCP functionality. It includes permissions for:

IAM: Users, roles, policies, access analysis
EC2: Security groups, instances, VPC configurations
S3: Bucket policies, ACLs, public access settings
GuardDuty: Findings, detectors, threat intelligence
SecurityHub: Security standards, compliance findings
Access Analyzer: IAM access analysis and findings
Lambda: Function configurations and permissions
CloudFront: Distribution security settings
Route53: DNS configurations and health checks
WAF: Web ACL rules and configurations
All other security-related AWS services

Optional Managed Policies

AthenaFullAccess: arn:aws:iam::aws:policy/AmazonAthenaFullAccess (for simplified Athena log analysis)

Important Notes

It's best to use this MCP Server with Claude Desktop Pro/Max Plan or any other platform that allows you to deal with token size greater than 100,000
Replace bucket names in the S3 permissions with your actual CloudTrail, VPC Flow Logs, and Athena results bucket names
The SecurityAudit policy is mandatory for basic AWS Security MCP functionality
Athena integration permissions are optional and only required for advanced log analysis features
All permissions follow the principle of least privilege with read-only access where possible

Quick Start ~ local setup

Update config.yml

aws: region: "us-east-1" profile: {profileName} . . .

Configure your AWS Credentials via ~ local setup

aws sso
$ aws configure sso SSO Session Name - email@example.com URL - https://yourDomain.awsapps.com/start/# Region - us-east-1
env variabls
export AWS_ACCESS_KEY_ID= export export AWS_SECRET_ACCESS_KEY= export export AWS_SESSION_TOKEN=

Run the following commands
git clone https://github.com/groovyBugify/aws-security-mcp.git uv venv source .venv/bin/activate uv pip install -r requirements.txt
Configure MCP Client
# Install mcp-proxy uv tool install mcp-proxy # Check location of mcp-proxy which mcp-proxy # Add to Claude Desktop config { "mcpServers": { "aws-security": { "command": "/path/to/mcp-proxy", "args": ["http://localhost:8000/sse"] } } }

Quick Start ~ as AWS ECS Service

Login to AWS ECR

$ aws ecr get-login-password --region {region} | docker login --username AWS --password-stdin {accountID}.dkr.ecr.{region}.amazonaws.com

Create ECR Repo

$ aws ecr create-repository --repository-name aws-security-mcp --region {region}

Build Docker Image

$ cd aws-security-mcp/ $ docker buildx build --platform linux/amd64 -t aws-security-mcp . $ docker tag aws-security-mcp:latest {accountID}.dkr.ecr.{region}.amazonaws.com/aws-security-mcp:latest $ docker push {accountID}.dkr.ecr.{region}.amazonaws.com/aws-security-mcp:latest

Deploying as AWS ECS Service
- Create a Task Definition with "2048" CPU and "4096" Memory, this is optional, you can choose any values
- Configure the Task definition to do port mapping for port 8000
- Create ECS Task Role with the following permissions
  - SecurityAudit IAM Policy
  - Athena Access (Policy mentioned above)
  - STS Assume Role permissions to assume cross account roles
- Create ECS Task Execution Role with basic permissions
- Once the Task Definition is completed.
- Create an AWS ECS Service using the Task definition
  - You can configure Load Balancer as well
  - Make Sure to turn off the Stickness Session on Load Balancers
- Register the ALB's taget group and listeners for port 80/443 -> ECS Service(8000)
- Register the ALB for Route53 domain.
Configure MCP Client
# Install mcp-proxy uv tool install mcp-proxy # Check location of mcp-proxy which mcp-proxy # Add to Claude Desktop config { "mcpServers": { "aws-security": { "command": "/path/to/mcp-proxy", "args": ["http://{alb}/sse"] } } }

Configuration

YAML Configuration

Edit config.yaml in the project root according to your needs:

aws: region: "us-east-1" profile: null server: log_level: "info" startup_quiet: false tool_quiet: false cross_account: role_name: "aws-security-mcp-cross-account-access" auto_setup_on_startup: true max_concurrent_assumptions: 5

Environment Variable Override

Environment variables take precedence over YAML configuration:

export MCP_LOG_LEVEL=debug export MCP_STARTUP_QUIET=false export AWS_DEFAULT_REGION=eu-west-1

Usage Examples

Basic Infrastructure Queries

Query: "Can you share a list of running ec2 instances?" Query: "Share all the secrets stored on env variables of Lambda functions, and share a list of functions for remediating this issue." Query: "Check my 'prod-ecs-cluster' and share more details about the 'user-login' service, is it deployed?"

Security Analysis

Query: "Show all GuardDuty findings from the last 7 days, and priortise based on the risk of exposure." Query: "Analyze IAM roles with administrative privileges" Query: "Generate blast radius analysis for IP 172.16.1.10" Query: "Fetch more details about the ip - 172.22.141.11, and share a network map for this resource.

Cross-Account Operations

Query: "List all connected AWS accounts" Query: "Refresh my AWS session" Query: "Find resources tagged Team:Security across all accounts" Query: "Show compliance status across organization"

Architecture

Cross-Account Access

AWS Security MCP implements a hub-and-spoke model for multi-account access:

Discovery: Uses organizations:ListAccounts to identify target accounts
Role Assumption: Assumes aws-security-mcp-cross-account-access role in each account
Session Management: Maintains temporary credentials with automatic refresh
Fallback: Uses default credential chain for non-organization accounts

Required IAM Role Setup

Create this role in each target AWS account:

Role Name: aws-security-mcp-cross-account-access

Trust Policy:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::YOUR-MASTER-ACCOUNT-ID:root" }, "Action": "sts:AssumeRole" } ] }

Permissions: Attach AWS managed policy arn:aws:iam::aws:policy/SecurityAudit

Athena Integration

Overview

AWS Security MCP integrates with Amazon Athena to provide advanced log analysis capabilities. This feature requires pre-existing Athena tables containing your security-relevant logs.

Supported Log Types

While the MCP server can analyze any log source through Athena, the following sources are recommended to provide comprehensive security metadata to your MCP client. For optimal security coverage, we recommend implementing at least CloudTrail and VPC Flow Logs:

Recommended Log Sources:

AWS CloudTrail: API call auditing and user activity tracking
VPC Flow Logs: Network traffic pattern analysis
CloudFront Logs: CDN request and response analysis
ALB Access Logs: Application load balancer traffic insights
WAF Logs: Web application firewall events and blocks(Cloudflare/AWS WAF/Akamai)
AWS Shield Logs: DDoS protection and mitigation events

Flexibility for Custom Log Sources

The MCP server supports querying any log type stored in S3, giving you complete flexibility to analyze custom or additional log sources. To enable analysis of any log source, ensure:

S3 Storage: Your logs are stored in an S3 bucket
Athena Table: A properly configured Athena table exists for the log format
IAM Permissions: The MCP server has s3:GetObject and s3:ListBucket permissions for the target bucket

This architecture allows you to extend security analysis beyond standard AWS logs to include application logs, custom security events, or third-party security tool outputs.

Query Capabilities

Once tables are configured, you can perform advanced queries:

Query: "Show all failed login attempts from external IPs in the last 24 hours" Query: "Can you share what did 'saransh.rana@company.com' did in past 24 hours on my aws account? and share a timeline report?" Query: "Can you check for all the 'Access Denied/Error/Forbidden' on my PCI(123456789012) aws account and share the username and userIP of the principal, and do a reverse IP checkup if this IP is coming from my own AWS Org or external party." Query: "Correlate GuardDuty findings with CloudTrail and VPC Flow logs events"

Setup Prerequisites

S3 Buckets: CloudTrail and VPC Flow Logs must be stored in S3
Athena Workgroup: Configure appropriate workgroup with result location
Partitioning: Enable partition projection for performance
IAM Permissions: Grant Athena query permissions to the MCP execution role

Supported AWS Services

Currently Available

Service	Capabilities
IAM	Users, roles, policies, access keys, permission analysis
EC2	Instances, security groups, VPCs, subnets, network interfaces
S3	Buckets, permissions, public access analysis
GuardDuty	Findings, detectors, threat intelligence
SecurityHub	Findings, compliance standards, security scores
Lambda	Functions, permissions, configurations, triggers
CloudFront	Distributions, origins, behaviors, security policies
ELB/ALB/NLB	Load balancers, target groups, listeners, health checks
Route53	Hosted zones, DNS records, health checks
WAF	Web ACLs, rules, rate limiting
Shield	DDoS protection status and metrics
Access Analyzer	IAM access analysis and findings
ECS/ECR	Container services, repositories, image scanning
Organizations	Account structure, SCPs, organizational units
Athena	Log analysis, security event correlation

Planned Additions

Oauth Authentication
AWS Config compliance analysis
AWS Security Hub CSPM integration
External CSPM integration

Advanced Configuration

Production Deployment

For production environments, use the following configuration:

server: host: "0.0.0.0" log_level: "error" startup_quiet: true tool_quiet: true minimal_logging: true cross_account: max_concurrent_assumptions: 10 session_duration_seconds: 7200

Docker Deployment

FROM python:3.11-slim WORKDIR /app COPY . . RUN pip install -r requirements.txt EXPOSE 8000 CMD ["python", "aws_security_mcp/main.py", "sse"]

docker build -t aws-security-mcp . docker run -p 8000:8000 \ -e AWS_ACCESS_KEY_ID=your_key \ -e AWS_SECRET_ACCESS_KEY=your_secret \ aws-security-mcp

Load Balancer Configuration

Health Check: GET /health
SSE Endpoint: /sse
Timeout: 60 seconds minimum
Sticky Sessions: Not required

Troubleshooting

Common Issues

Tool Discovery Fails

# Check AWS credentials aws sts get-caller-identity # Verify cross-account role exists aws iam get-role --role-name aws-security-mcp-cross-account-access

Cross-Account Access Denied

# Test role assumption manually aws sts assume-role \ --role-arn arn:aws:iam::TARGET-ACCOUNT:role/aws-security-mcp-cross-account-access \ --role-session-name test-session

Performance Issues

# Reduce concurrent operations cross_account: max_concurrent_assumptions: 3 # Enable minimal logging server: minimal_logging: true

Debug Mode

Enable verbose logging for troubleshooting:

export MCP_LOG_LEVEL=debug export MCP_STARTUP_QUIET=false python3 aws_security_mcp/main.py sse

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support

Issues: GitHub Issues
Documentation: Project Wiki
Security Issues: Please report privately to the maintainers

AWS Security MCP

Overview

Key Capabilities

Prerequisites

AWS Requirements

Core MCP Permissions

Athena Integration Permissions

Required AWS Managed Policies

Important Notes

Quick Start ~ local setup

Quick Start ~ as AWS ECS Service

Configuration

YAML Configuration

Environment Variable Override

Usage Examples

Basic Infrastructure Queries

Security Analysis

Cross-Account Operations

Architecture

Cross-Account Access

Required IAM Role Setup

Athena Integration

Overview

Supported Log Types

Query Capabilities

Setup Prerequisites

Supported AWS Services

Currently Available

Planned Additions

Advanced Configuration

Production Deployment

Docker Deployment

Load Balancer Configuration

Troubleshooting

Common Issues

Debug Mode

License

Support

Resources

Appeared in Searches

New MCP Servers

Latest Blog Posts

MCP directory API