The AWS Security MCP server enables AI assistants to interact with AWS security services for comprehensive infrastructure inspection and analysis.
Query AWS Infrastructure: Use natural language to query resources across EC2, S3, IAM, Lambda, CloudFront, Load Balancers, Route53, WAF, and Shield
Security Findings Analysis: Retrieve and analyze findings from GuardDuty, SecurityHub, and IAM Access Analyzer
Detailed Security Audits: Perform audits on IAM roles, policies, permissions, EC2 instances, security groups, and networking components
S3 Security Checks: Scan buckets for public access and security issues
Domain Security Analysis: Check for subdomain takeover vulnerabilities and DNS configurations
Sensitive Data Scanning: Scan environment variables and configurations for sensitive information
Security Reporting: Generate threat modeling reports, security recommendations, network maps, and blast radius analyses
Tag-Based Searches: Search and analyze AWS resources by tags
Integration with Brave Search for web searching capabilities, can be coupled with AWS Security MCP for enhanced functionality.
Repository hosting for the AWS Security MCP project, accessible via git clone from the groovyBugify organization.
Required runtime environment for AWS Security MCP, version 3.11+ needed to execute the server.
AWS Security MCP
A Model Context Protocol (MCP) server that enables AI assistants to perform comprehensive AWS security analysis through natural language queries.
Overview
AWS Security MCP bridges AI assistants like Claude with AWS security services, enabling real-time infrastructure analysis through conversational queries. The system automatically discovers and analyzes resources across multiple AWS accounts, providing security insights without requiring deep AWS CLI knowledge.
Key Capabilities
- Cross-Account Discovery: Automatic detection and access to AWS Organization accounts
- Natural Language Interface: Query AWS resources using plain English
- Security Analysis: Integrated findings from GuardDuty, SecurityHub, and Access Analyzer
- Infrastructure Mapping: Network topology, threat modelling, security review and blast radius analysis
- Log Analytics: Athena-powered analysis of CloudTrail, VPC Flow Logs, and security events
Prerequisites
- Python: 3.11 or higher
- Package Manager: uv
- AWS Account: With appropriate IAM permissions
- MCP Client: Claude Desktop, Cline, or compatible client
AWS Requirements
MCP Server's AWS credentials must have the following permissions:
Core MCP Permissions
Athena Integration Permissions
For advanced log analysis capabilities, additional permissions are required:
Required AWS Managed Policies
SecurityAudit Policy (Required)
Attach the AWS managed SecurityAudit policy to your MCP Server's IAM user or IAM role:
This policy provides comprehensive read-only access to AWS security services and is essential for AWS Security MCP functionality. It includes permissions for:
- IAM: Users, roles, policies, access analysis
- EC2: Security groups, instances, VPC configurations
- S3: Bucket policies, ACLs, public access settings
- GuardDuty: Findings, detectors, threat intelligence
- SecurityHub: Security standards, compliance findings
- Access Analyzer: IAM access analysis and findings
- Lambda: Function configurations and permissions
- CloudFront: Distribution security settings
- Route53: DNS configurations and health checks
- WAF: Web ACL rules and configurations
- All other security-related AWS services
Optional Managed Policies
- AthenaFullAccess:
arn:aws:iam::aws:policy/AmazonAthenaFullAccess
(for simplified Athena log analysis)
Important Notes
- It's best to use this MCP Server with Claude Desktop Pro/Max Plan or any other platform that allows you to deal with token size greater than 100,000
- Replace bucket names in the S3 permissions with your actual CloudTrail, VPC Flow Logs, and Athena results bucket names
- The SecurityAudit policy is mandatory for basic AWS Security MCP functionality
- Athena integration permissions are optional and only required for advanced log analysis features
- All permissions follow the principle of least privilege with read-only access where possible
Quick Start ~ local setup
- Update config.yml
- Configure your AWS Credentials via ~ local setup
- aws sso
- env variabls
- Run the following commands
- Configure MCP Client
Quick Start ~ as AWS ECS Service
- Login to AWS ECR
- Create ECR Repo
- Build Docker Image
- Deploying as AWS ECS Service
- Create a Task Definition with "2048" CPU and "4096" Memory, this is optional, you can choose any values
- Configure the Task definition to do port mapping for port 8000
- Create ECS Task Role with the following permissions
- SecurityAudit IAM Policy
- Athena Access (Policy mentioned above)
- STS Assume Role permissions to assume cross account roles
- Create ECS Task Execution Role with basic permissions
- Once the Task Definition is completed.
- Create an AWS ECS Service using the Task definition
- You can configure Load Balancer as well
- Make Sure to turn off the Stickness Session on Load Balancers
- Register the ALB's taget group and listeners for port 80/443 -> ECS Service(8000)
- Register the ALB for Route53 domain.
- Configure MCP Client
Configuration
YAML Configuration
Edit config.yaml
in the project root according to your needs:
Environment Variable Override
Environment variables take precedence over YAML configuration:
Usage Examples
Basic Infrastructure Queries
Security Analysis
Cross-Account Operations
Architecture
Cross-Account Access
AWS Security MCP implements a hub-and-spoke model for multi-account access:
- Discovery: Uses
organizations:ListAccounts
to identify target accounts - Role Assumption: Assumes
aws-security-mcp-cross-account-access
role in each account - Session Management: Maintains temporary credentials with automatic refresh
- Fallback: Uses default credential chain for non-organization accounts
Required IAM Role Setup
Create this role in each target AWS account:
Role Name: aws-security-mcp-cross-account-access
Trust Policy:
Permissions: Attach AWS managed policy arn:aws:iam::aws:policy/SecurityAudit
Athena Integration
Overview
AWS Security MCP integrates with Amazon Athena to provide advanced log analysis capabilities. This feature requires pre-existing Athena tables containing your security-relevant logs.
Supported Log Types
While the MCP server can analyze any log source through Athena, the following sources are recommended to provide comprehensive security metadata to your MCP client. For optimal security coverage, we recommend implementing at least CloudTrail and VPC Flow Logs:
Recommended Log Sources:
- AWS CloudTrail: API call auditing and user activity tracking
- VPC Flow Logs: Network traffic pattern analysis
- CloudFront Logs: CDN request and response analysis
- ALB Access Logs: Application load balancer traffic insights
- WAF Logs: Web application firewall events and blocks(Cloudflare/AWS WAF/Akamai)
- AWS Shield Logs: DDoS protection and mitigation events
Flexibility for Custom Log Sources
The MCP server supports querying any log type stored in S3, giving you complete flexibility to analyze custom or additional log sources. To enable analysis of any log source, ensure:
- S3 Storage: Your logs are stored in an S3 bucket
- Athena Table: A properly configured Athena table exists for the log format
- IAM Permissions: The MCP server has
s3:GetObject
ands3:ListBucket
permissions for the target bucket
This architecture allows you to extend security analysis beyond standard AWS logs to include application logs, custom security events, or third-party security tool outputs.
Query Capabilities
Once tables are configured, you can perform advanced queries:
Setup Prerequisites
- S3 Buckets: CloudTrail and VPC Flow Logs must be stored in S3
- Athena Workgroup: Configure appropriate workgroup with result location
- Partitioning: Enable partition projection for performance
- IAM Permissions: Grant Athena query permissions to the MCP execution role
Supported AWS Services
Currently Available
Service | Capabilities |
---|---|
IAM | Users, roles, policies, access keys, permission analysis |
EC2 | Instances, security groups, VPCs, subnets, network interfaces |
S3 | Buckets, permissions, public access analysis |
GuardDuty | Findings, detectors, threat intelligence |
SecurityHub | Findings, compliance standards, security scores |
Lambda | Functions, permissions, configurations, triggers |
CloudFront | Distributions, origins, behaviors, security policies |
ELB/ALB/NLB | Load balancers, target groups, listeners, health checks |
Route53 | Hosted zones, DNS records, health checks |
WAF | Web ACLs, rules, rate limiting |
Shield | DDoS protection status and metrics |
Access Analyzer | IAM access analysis and findings |
ECS/ECR | Container services, repositories, image scanning |
Organizations | Account structure, SCPs, organizational units |
Athena | Log analysis, security event correlation |
Planned Additions
- Oauth Authentication
- AWS Config compliance analysis
- AWS Security Hub CSPM integration
- External CSPM integration
Advanced Configuration
Production Deployment
For production environments, use the following configuration:
Docker Deployment
Load Balancer Configuration
- Health Check:
GET /health
- SSE Endpoint:
/sse
- Timeout: 60 seconds minimum
- Sticky Sessions: Not required
Troubleshooting
Common Issues
Tool Discovery Fails
Cross-Account Access Denied
Performance Issues
Debug Mode
Enable verbose logging for troubleshooting:
License
This project is licensed under the MIT License - see the LICENSE file for details.
Support
- Issues: GitHub Issues
- Documentation: Project Wiki
- Security Issues: Please report privately to the maintainers
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.
- Features
- AWS Services Coverage
- Installation
- MCP Client Setup
- Running AWS Security MCP on steroids
- Troubleshooting
- License
Related Resources
Related MCP Servers
- AsecurityFlicenseAqualityA Model Context Protocol (MCP) server that enables AI assistants like Claude to interact with your AWS environment. This allows for natural language querying and management of your AWS resources during conversations. Think of better Amazon Q alternative.Last updated -3285
- AsecurityAlicenseAqualityA Model Context Protocol server that enables AI assistants like Claude to interact with Google Cloud Platform environments through natural language, allowing users to query and manage GCP resources during conversations.Last updated -9263158MIT License
- AsecurityAlicenseAqualityA Model Context Protocol server that enables AI assistants like Claude to interact directly with Home Assistant, allowing them to query device states, control smart home entities, and perform automation tasks.Last updated -12171MIT License
- AsecurityFlicenseAqualityA Model Context Protocol server allowing Claude AI to interact with AWS resources through natural language, enabling users to query and manage AWS services without using the traditional AWS Console or CLI.Last updated -34