| list_s3_buckets | List S3 buckets with metadata and optional public access check. Args:
search_term: Optional search term to filter buckets by name
check_public: Whether to check each bucket for public access
Returns:
JSON object with bucket information and public access details if requested |
| check_s3_bucket | Check an individual S3 bucket for security issues. Args:
bucket_name: Name of the S3 bucket to check
Returns:
JSON object with detailed security assessment for the specified bucket |
| get_s3_bucket_details | Get detailed information about an S3 bucket. Args:
bucket_name: Name of the S3 bucket
Returns:
JSON object with detailed bucket information |
| check_s3_bucket_security | Perform a comprehensive security audit of an S3 bucket. Args:
bucket_name: Name of the S3 bucket
Returns:
JSON object with security assessment results |
| get_s3_bucket_policy | Get the policy of an S3 bucket. Args:
bucket_name: Name of the S3 bucket
Returns:
JSON object with bucket policy information |
| scan_s3_buckets_for_public_access | Scan S3 buckets for public access permissions. Args:
search_term: Optional text to filter buckets by name (ignored if bucket_names is provided)
bucket_names: Optional list of specific bucket names to scan
Returns:
JSON object with security assessment results for public buckets |
| list_iam_resources | List IAM resources of the specified type, filtered for security audit relevance. Returns only the most security-relevant fields:
- Name and ARN
- AWS Managed Policies
- Customer Managed Policies
- Inline Policies
- Last Usage Information
- Trust Relationship (for roles)
Args:
resource_type: Type of IAM resource to list (roles, users, policies, access_keys, or all)
limit: Maximum number of resources to return
search_term: Optional search term to filter resources by name
next_token: Pagination token for fetching the next set of resources (optional)
Returns:
JSON string with security-relevant IAM resource information |
| get_role_security_audit | Get comprehensive security audit information for an IAM role. Returns only the most security-relevant fields:
- Name and ARN
- AWS Managed Policies
- Customer Managed Policies
- Inline Policies with documents
- Last Usage Information
- Trust Relationship document
Args:
role_name: Name of the IAM role
Returns:
JSON string with security audit information |
| get_user_security_audit | Get comprehensive security audit information for an IAM user. Returns only the most security-relevant fields:
- Name and ARN
- AWS Managed Policies
- Customer Managed Policies
- Inline Policies with documents
- Access Keys with last used information
- MFA status
- Console access status
Args:
user_name: Name of the IAM user
Returns:
JSON string with security audit information |
| list_user_policies | List all policies (both inline and attached managed policies) associated with an IAM user. Args:
user_name: Name of the IAM user
include_documents: Whether to include the full policy documents (default: True)
Returns:
JSON string with user policy information |
| get_user_permissions | Get permissions associated with an IAM user. Args:
user_name: Name of the IAM user
Returns:
JSON string with user permission information |
| list_role_policies | List all policies (both inline and attached managed policies) associated with an IAM role. Args:
role_name: Name of the IAM role
include_documents: Whether to include the full policy documents (default: True)
Returns:
JSON string with role policy information |
| get_role_permissions | Get permissions associated with an IAM role. Args:
role_name: Name of the IAM role
Returns:
JSON string with role permission information |
| count_active_access_keys | Count all active access keys across all IAM users in the AWS account. Returns:
JSON string with counts and details of active access keys |
| get_iam_policy_content | Get the full content of an IAM policy by its ARN. Args:
policy_arn: ARN of the IAM policy to retrieve
Returns:
JSON string with the policy document and metadata |
| get_inline_policy_content | Get the full content of an inline IAM policy. Args:
entity_type: Type of entity the policy is attached to ('user' or 'role')
entity_name: Name of the user or role
policy_name: Name of the inline policy
Returns:
JSON string with the policy document and metadata |
| search_instance_profiles | Search for IAM instance profiles with optional filtering. Args:
search_term: Optional text to filter instance profiles by name
limit: Maximum number of instance profiles to return
next_token: Pagination token for fetching the next set of results
Returns:
JSON string with instance profile information |
| analyze_trusted_relationships | Analyze the trusted relationships (assume role policies) for IAM roles. Args:
role_name: Optional specific role name to analyze
all_roles: Set to True to analyze all roles in the account
limit: Maximum number of roles to analyze when all_roles is True
Returns:
JSON string with trusted relationship information |
| check_console_access | Check IAM users for console sign-in capability. Args:
user_name: Specific IAM user to check
check_all_users: Set to True to check all users in the account
limit: Maximum number of users to check when check_all_users is True
Returns:
JSON string with console access information |
| check_confused_deputy_vulnerabilities | Identify IAM roles that might be vulnerable to confused deputy attacks. Confused deputy vulnerabilities occur when a role can be assumed by external entities
without proper safeguards such as external IDs or source ARN restrictions.
Args:
all_roles: Set to True to check all roles in the account
role_name: Specific IAM role to check (ignored if all_roles is True)
limit: Maximum number of roles to check when all_roles is True
include_aws_service_roles: Whether to include AWS service roles in the analysis
Returns:
JSON string with vulnerability analysis results |
| find_roles_by_trust_relationship | Find IAM roles based on their trust relationship criteria. This tool has two main use cases:
1. Identifying roles that can be assumed by a specific principal (role/user/service)
2. Identifying roles that a specific IAM role can assume (by checking permissions)
Args:
principal_type: Type of principal to search for ('role', 'user', 'service', 'account', 'role_arn')
principal_value: Value of the principal (role name, user name, service name, account ID, or complete role ARN)
limit: Maximum number of roles to analyze
Returns:
JSON string with roles matching the trust relationship criteria |
| get_access_key_details | Get detailed information about a specific AWS access key ID. This tool searches across all IAM users to find which user owns the specified
access key ID and returns detailed information about the key and its owner.
Args:
access_key_id: The AWS access key ID to look up (e.g., AKIAIOSFODNN7EXAMPLE)
Returns:
JSON string with detailed information about the access key and its owner |
| list_ec2_instances | List EC2 instances with details. Args:
limit: Maximum number of instances to return (None for all)
search_term: Optional search term to filter instances by name, ID, or type
state: Instance state to filter by (default is "running"). Set to empty string to show all states.
next_token: Pagination token from a previous request (optional)
Returns:
JSON formatted string with EC2 instance information |
| count_ec2_instances | Count EC2 instances, optionally filtering by state and security group rules. Args:
state: Optional instance state to filter by (e.g., running, stopped, terminated)
has_public_access: If set, only count instances with (True) or without (False) public internet access
port: Optional specific port to check for access (e.g., 22 for SSH)
Returns:
JSON formatted string with instance count information |
| list_security_groups | List EC2 security groups with details. Args:
limit: Maximum number of security groups to return (None for all)
search_term: Optional search term to filter security groups. Supports special syntax:
- Standard text search by name, ID, description, or VPC ID
- port:XX - Find security groups with specific port open (e.g., port:22 for SSH)
- protocol:XX - Find security groups allowing specific protocol (e.g., protocol:http)
- public:true - Find security groups open to the internet (0.0.0.0/0)
- cidr:X.X.X.X/X - Find security groups allowing specific CIDR range
next_token: Pagination token from a previous request (optional)
Returns:
JSON formatted string with security group information |
| list_vpcs | List VPCs with details. Args:
limit: Maximum number of VPCs to return (None for all)
search_term: Optional search term to filter VPCs by ID or CIDR
next_token: Optional pagination token for fetching next page of results
Returns:
JSON formatted string with VPC information |
| list_route_tables | List route tables with details. Args:
limit: Maximum number of route tables to return (None for all)
search_term: Optional search term to filter route tables by ID or VPC ID
next_token: Optional pagination token for fetching next page of results
Returns:
JSON formatted string with route table information |
| list_subnets | List all subnets in a VPC or across all VPCs. Args:
vpc_id: Optional VPC ID to list subnets for. If None, lists subnets across all VPCs.
include_details: Whether to include detailed subnet information (route tables, ACLs)
limit: Maximum number of subnets to return (None for all)
search_term: Optional text to filter subnets by ID, VPC ID, CIDR, or tags
next_token: Optional pagination token for fetching next page of results
Returns:
JSON formatted string with subnet information |
| list_ec2_resources | List EC2 resources of the specified type. Args:
resource_type: Type of EC2 resource to list (instances, security_groups, vpcs, route_tables, subnets, or all)
limit: Maximum number of resources to return (None for all)
search_term: Optional search term to filter resources
state: Instance state to filter by (default is "running"). Only applies to instances.
next_token: Optional pagination token for fetching next page of results
Returns:
JSON formatted string with EC2 resource information |
| find_public_security_groups | Find security groups with public internet access (0.0.0.0/0). Args:
port: Optional specific port to check for public access (e.g., 22 for SSH)
Returns:
JSON formatted string with security groups that allow public access |
| find_instances_with_public_access | Find EC2 instances that have public internet access through their security groups. Args:
port: Optional specific port to check for public access (e.g., 22 for SSH)
state: Instance state to filter by (default is "running")
Returns:
JSON formatted string with publicly accessible instances |
| find_resource_by_ip | Find AWS resources associated with a specific IP address. Args:
ip_address: IP address to search for (public or private)
Returns:
JSON formatted string with information about resources using the IP address |
| find_instances_by_port | Find EC2 instances with security groups allowing access on a specific port. Args:
port: The port number to check for
state: Instance state to filter by (default is "running")
Returns:
JSON formatted string with instances that have the specified port open |
| find_security_groups_by_port | Find security groups with a specific port open. Args:
port: Port number to check for (e.g., 22 for SSH, 3389 for RDP)
Returns:
JSON formatted string with security groups that have the specified port open |
| batch_describe_security_groups | Batch describe multiple security groups by ID. Args:
security_group_ids: List of security group IDs to describe
Returns:
JSON formatted string with detailed information about multiple security groups |
| batch_describe_instances | Batch describe multiple EC2 instances by ID. Args:
instance_ids: List of EC2 instance IDs to describe
Returns:
JSON formatted string with detailed information about multiple EC2 instances |
| get_securityhub_findings | Get findings from AWS SecurityHub. Args:
limit: Maximum number of findings to return
severity: Severity level to filter by (CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, or ALL)
search_term: Optional search term to filter findings
Returns:
JSON formatted string with SecurityHub findings |
| list_failed_security_standards | List failed security standards from SecurityHub. Args:
limit: Maximum number of failed standards to return
Returns:
JSON formatted string with failed security standards |
| get_account_security_score | Get the overall security score for the AWS account. Returns:
JSON formatted string with account security score |
| list_functions | List Lambda functions in the AWS account. Args:
region: Optional region to filter functions
limit: Maximum number of functions to return
search_term: Optional search term to filter functions by name
next_token: Pagination token for fetching the next set of functions (optional)
Returns:
JSON formatted string with Lambda functions |
| get_function_details | Get detailed information about a specific Lambda function. Args:
function_name: Name or ARN of the Lambda function
Returns:
JSON formatted string with Lambda function details |
| get_function_policy | Get the resource policy for a Lambda function. Args:
function_name: Name or ARN of the Lambda function
Returns:
JSON formatted string with Lambda function policy |
| list_function_permissions | List permissions granted to invoke a Lambda function. Args:
function_name: Name or ARN of the Lambda function
Returns:
JSON formatted string with Lambda function permissions |
| list_function_layers | List layers used by a Lambda function. Args:
function_name: Name or ARN of the Lambda function
Returns:
Formatted string with Lambda function layers |
| list_invocations | Get recent invocations of a Lambda function from CloudWatch logs. Args:
function_name: Name or ARN of the Lambda function
limit: Maximum number of invocations to return
Returns:
Formatted string with recent Lambda function invocations |
| list_detectors | List all GuardDuty detectors in the account. Args:
max_results: Maximum number of detectors to return
Returns:
JSON formatted string with GuardDuty detectors |
| list_findings | List findings from a specific IAM Access Analyzer. Args:
analyzerArn: ARN of the Access Analyzer
status: Optional filter for finding status (ACTIVE, ARCHIVED, RESOLVED)
next_token: Pagination token for fetching the next set of results
limit: Maximum number of findings to return
Returns:
JSON string with findings |
| get_finding_details | Get detailed information about a specific GuardDuty finding. Args:
detector_id: GuardDuty detector ID
finding_id: ID of the finding to retrieve
Returns:
JSON formatted string with detailed finding information |
| list_ip_sets | List IP sets for a GuardDuty detector. Args:
detector_id: GuardDuty detector ID
max_results: Maximum number of results to return
Returns:
JSON formatted string with GuardDuty IP sets |
| list_threat_intel_sets | List threat intelligence sets for a GuardDuty detector. Args:
detector_id: GuardDuty detector ID
max_results: Maximum number of results to return
Returns:
JSON formatted string with GuardDuty threat intel sets |
| list_analyzers | List all IAM Access Analyzers in the account. Returns:
JSON string with Access Analyzers |
| get_analyzer | Get detailed information about a specific Access Analyzer. Args:
analyzer_name: Name of the Access Analyzer
Returns:
JSON string with analyzer details |
| get_finding | Get detailed information about a specific Access Analyzer finding. Args:
analyzerArn: ARN of the Access Analyzer
finding_id: ID of the finding
Returns:
JSON string with finding details |
| list_findings_by_category | Get findings filtered by resource type category. Args:
analyzerArn: ARN of the Access Analyzer
resource_type: Resource type to filter by (e.g., AWS::S3::Bucket, AWS::SQS::Queue)
status: Finding status filter (ACTIVE, ARCHIVED, RESOLVED)
next_token: Pagination token for fetching the next set of results
limit: Maximum number of findings to return
Returns:
JSON string with findings for the specified category |
| get_load_balancers | Get load balancers with optional filtering. Searches ELBv2 first (ALB, NLB, GWLB), then falls back to classic ELB if needed.
Returns ARNs as the primary identifier.
Args:
load_balancer_type: Filter by type ('classic', 'application', 'network', 'gateway')
arns: Filter by load balancer ARNs (preferred method)
names: Filter by load balancer names (fallback method)
next_token: Token for pagination
max_items: Maximum items to return
Returns:
JSON string with load balancer information and pagination details |
| describe_load_balancer | Get detailed information about a specific load balancer. Args:
load_balancer_arn: ARN of the load balancer
Returns:
JSON string with load balancer information |
| describe_instance_health | Describe the health of instances for a Classic Load Balancer. Args:
load_balancer_name: Name of the Classic Load Balancer
instance_ids: Optional list of instance IDs to filter by
Returns:
JSON string with instance health information |
| get_target_groups | Get target groups with optional filtering by load balancer ARN. Args:
load_balancer_arn: Optional load balancer ARN to filter by
next_token: Token for pagination
max_items: Maximum items to return
Returns:
JSON string with target group information and pagination details |
| describe_target_health | Describe the health of targets in a target group. Args:
target_group_arn: ARN of the target group
targets: Optional list of targets to describe
Returns:
JSON string with target health information |
| describe_listeners | Describe listeners for a load balancer. Args:
load_balancer_arn: ARN of the load balancer
next_token: Token for pagination
max_items: Maximum items to return
Returns:
JSON string with listener information |
| describe_load_balancer_listeners | Describe listeners for a load balancer using its ARN. Args:
load_balancer_arn: The ARN of the load balancer
next_token: Token for pagination
max_items: Maximum items to return
Returns:
JSON string with listener information |
| describe_rules | Describe rules for a listener. Args:
listener_arn: ARN of the listener
next_token: Token for pagination
max_items: Maximum items to return
Returns:
JSON string with rule information |
| search_load_balancer | Search for a load balancer by ARN, name, or DNS name. Searches ELBv2 first, then falls back to classic ELB if needed.
Args:
identifier: Load balancer ARN, name, or DNS name
Returns:
JSON string with load balancer information |
| describe_listeners_by_arns | Describe listeners by their ARNs. Args:
listener_arns: List of listener ARNs
Returns:
JSON string with listener information |
| get_load_balancer_by_arn | Get load balancer by its ARN. Args:
load_balancer_arn: ARN of the load balancer
Returns:
JSON string with load balancer information |
| list_distributions | List CloudFront distributions in the AWS account. Args:
limit: Maximum number of distributions to return (default: 1000)
next_token: Token for pagination (from previous request)
Returns:
JSON string with CloudFront distributions |
| get_distribution_details | Get detailed information about a specific CloudFront distribution. Args:
distribution_id: ID of the CloudFront distribution or domain name
Returns:
JSON string with distribution details |
| list_cache_policies | List CloudFront cache policies. Args:
limit: Maximum number of policies to return (default: 100)
next_token: Token for pagination (from previous request)
Returns:
JSON string with cache policies |
| list_origin_request_policies | List CloudFront origin request policies. Args:
limit: Maximum number of policies to return (default: 100)
next_token: Token for pagination (from previous request)
Returns:
JSON string with origin request policies |
| list_response_headers_policies | List CloudFront response headers policies. Args:
limit: Maximum number of policies to return (default: 100)
next_token: Token for pagination (from previous request)
Returns:
JSON string with response headers policies |
| get_distribution_invalidations | Get invalidations for a specific CloudFront distribution. Args:
distribution_id: ID of the CloudFront distribution
limit: Maximum number of invalidations to return (default: 100)
next_token: Token for pagination (from previous request)
Returns:
JSON string with invalidation details |
| search_distribution | Search for a CloudFront distribution by domain name, distribution ID, or alias. This tool searches for CloudFront distributions using the provided identifier,
which can be a CloudFront domain name (e.g., d1234abcdef8ghi.cloudfront.net),
a distribution ID (e.g., E1A2B3C4D5E6F7), or a custom domain alias.
Args:
identifier: CloudFront domain name, distribution ID, or alias
Returns:
JSON string with distribution details if found |
| list_hosted_zones | List Route53 hosted zones in the AWS account. Args:
limit: Maximum number of hosted zones to return (default: 100)
next_token: Token for pagination (from previous request)
Returns:
JSON string with Route53 hosted zones information |
| get_hosted_zone_details | Get detailed information about a specific Route53 hosted zone. Args:
zone_id: ID of the Route53 hosted zone (can include or exclude '/hostedzone/' prefix)
Returns:
JSON string with hosted zone details |
| list_resource_record_sets | List resource record sets in a specific Route53 hosted zone. Args:
zone_id: ID of the Route53 hosted zone (can include or exclude '/hostedzone/' prefix)
limit: Maximum number of record sets to return per page (default: 100)
next_token: Pagination token from a previous request (optional)
Returns:
JSON string with resource record sets and pagination information |
| list_health_checks | List Route53 health checks in the AWS account. Args:
limit: Maximum number of health checks to return (default: 100)
next_token: Token for pagination (from previous request)
Returns:
JSON string with Route53 health checks |
| list_traffic_policies | List Route53 traffic policies in the AWS account. Args:
limit: Maximum number of traffic policies to return (default: 100)
next_token: Token for pagination (from previous request)
Returns:
JSON string with Route53 traffic policies |
| check_subdomain_takeover_vulnerability | Check if a specific domain or subdomain is vulnerable to subdomain takeover attacks. This function performs a DNS-based analysis for subdomain takeover vulnerabilities:
1. Identifies all DNS records for the domain
2. For CNAME records, checks if they point to services that could be vulnerable
3. Analyzes DNS configurations for signs of abandoned or unclaimed resources
Args:
domain_name: The domain or subdomain name to check (e.g., xyz.dreamplug.in)
Returns:
JSON string with vulnerability assessment results |
| find_ip_address_details | Find details about an IP address, including associated EC2 resources and DNS records pointing to it. This function:
1. Identifies EC2 instances with this IP (public or private)
2. Finds network interfaces using this IP
3. Searches Route53 records pointing to this IP
Args:
ip_address: The IP address to lookup (e.g., 43.205.186.36)
Returns:
JSON string with IP address details and associated resources |
| analyze_domain_security | Analyze the security posture of a domain, including its DNS configuration and associated resources. This function:
1. Checks the domain's DNS records
2. For A records, analyzes the security of the associated IP addresses
3. For CNAME records, checks for subdomain takeover vulnerabilities
4. Provides security recommendations based on the findings
Args:
domain_name: The domain name to analyze
Returns:
JSON string with security analysis results |
| list_waf_web_acls | List AWS WAF Web ACLs. Args:
scope: The scope of the Web ACLs to retrieve ('REGIONAL' or 'CLOUDFRONT')
limit: Maximum number of Web ACLs to return
next_token: Pagination token for fetching the next set of Web ACLs
Returns:
JSON object with Web ACL information |
| get_waf_web_acl_details | Get detailed information about a specific AWS WAF Web ACL. Args:
web_acl_id: The ID of the Web ACL
web_acl_name: The name of the Web ACL
scope: The scope of the Web ACL ('REGIONAL' or 'CLOUDFRONT')
Returns:
JSON object with detailed Web ACL information |
| list_waf_ip_sets | List AWS WAF IP sets. Args:
scope: The scope of the IP sets to retrieve ('REGIONAL' or 'CLOUDFRONT')
limit: Maximum number of IP sets to return
next_token: Pagination token for fetching the next set of IP sets
Returns:
JSON object with IP set information |
| get_waf_ip_set_details | Get detailed information about a specific AWS WAF IP set. Args:
ip_set_id: The ID of the IP set
ip_set_name: The name of the IP set
scope: The scope of the IP set ('REGIONAL' or 'CLOUDFRONT')
Returns:
JSON object with detailed IP set information |
| list_waf_rule_groups | List AWS WAF rule groups. Args:
scope: The scope of the rule groups to retrieve ('REGIONAL' or 'CLOUDFRONT')
limit: Maximum number of rule groups to return
next_token: Pagination token for fetching the next set of rule groups
Returns:
JSON object with rule group information |
| get_waf_rule_group_details | Get detailed information about a specific AWS WAF rule group. Args:
rule_group_id: The ID of the rule group
rule_group_name: The name of the rule group
scope: The scope of the rule group ('REGIONAL' or 'CLOUDFRONT')
Returns:
JSON object with detailed rule group information |
| list_waf_resources_for_web_acl | List resources protected by a specific AWS WAF Web ACL. Args:
web_acl_arn: The ARN of the Web ACL
resource_type: The type of resource (e.g., 'APPLICATION_LOAD_BALANCER', 'API_GATEWAY')
Returns:
JSON object with resources protected by the Web ACL |
| list_all_waf_components | List all AWS WAF components (Web ACLs, IP sets, and rule groups). Args:
scope: The scope of the components to retrieve ('REGIONAL' or 'CLOUDFRONT')
limit: Maximum number of each component type to return
Returns:
JSON object with comprehensive WAF component information |
| get_shield_subscription_status | Get the status of AWS Shield Advanced subscription. Returns:
JSON object with subscription information |
| list_shield_protected_resources | List resources protected by AWS Shield Advanced. Args:
limit: Maximum number of protected resources to return
next_token: Pagination token for fetching the next set of resources
Returns:
JSON object with protected resource information |
| list_shield_protections | List protections configured in AWS Shield Advanced. Args:
limit: Maximum number of protections to return
next_token: Pagination token for fetching the next set of protections
Returns:
JSON object with protection information |
| get_shield_protection_details | Get detailed protection information for a specific resource in AWS Shield Advanced. Args:
resource_arn: ARN of the resource to get protection details for
Returns:
JSON object with detailed protection information |
| list_shield_attacks | List DDoS attacks detected by AWS Shield Advanced. Args:
days: Number of days to look back for attacks
limit: Maximum number of attacks to return
next_token: Pagination token for fetching the next set of attacks
Returns:
JSON object with attack information |
| get_shield_attack_details | Get detailed information about a specific DDoS attack detected by AWS Shield Advanced. Args:
attack_id: ID of the attack to get details for
Returns:
JSON object with detailed attack information |
| get_shield_drt_access_status | Get the status of DDoS Response Team (DRT) access in AWS Shield Advanced. Returns:
JSON object with DRT access information |
| get_shield_emergency_contacts | Get the emergency contacts configured for AWS Shield Advanced. Returns:
JSON object with emergency contact information |
| get_shield_summary | Get a comprehensive summary of AWS Shield Advanced status and configuration. Returns:
JSON object with Shield Advanced summary information |
| search_resources_by_tag | Search AWS resources by tag key and optional value.
Args:
tag_key: The tag key to search for
tag_value: Optional tag value to filter by
resource_types: Optional list of resource types to filter by (e.g., ['ec2:instance', 's3:bucket'])
next_token: Token for pagination
max_items: Maximum number of items to return (no limit if None)
group_by_type: If True, resources will be grouped by service/resource type
Returns:
JSON string with resources matching the specified tags and pagination details |
| get_all_tag_keys | Get all tag keys used in the AWS account.
Args:
next_token: Token for pagination
max_items: Maximum number of items to return
Returns:
JSON string with tag keys and pagination details |
| get_tag_values_for_key | Get all values for a specific tag key in the AWS account.
Args:
tag_key: The tag key to get values for
next_token: Token for pagination
max_items: Maximum number of items to return
Returns:
JSON string with tag values and pagination details |