config_describe_compliance_by_resource
List AWS resource compliance summaries with optional filtering by resource type to identify configuration issues.
Instructions
List compliance summaries for resources, optionally filtered by type.
Parameters:
aws_region (str): The AWS region - use 'us-east-1' if not specified.
resource_type (str): optional AWS resource type filter.
Returns:
JSON list of ComplianceByResource objects.Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| aws_region | Yes | ||
| resource_type | No |
Implementation Reference
- server.py:763-784 (handler)Handler function implementing the tool logic: calls AWS Config API to describe compliance by resource, filters optionally by type, returns JSON list of ComplianceByResources. The @mcp.tool() decorator registers it as a tool.
@mcp.tool() async def config_describe_compliance_by_resource( aws_region: str, resource_type: str = None ) -> str: """ List compliance summaries for resources, optionally filtered by type. Parameters: aws_region (str): The AWS region - use 'us-east-1' if not specified. resource_type (str): optional AWS resource type filter. Returns: JSON list of ComplianceByResource objects. """ client = boto3.client('config', region_name=aws_region) params = {} if resource_type: params["ResourceType"] = resource_type resp = client.describe_compliance_by_resource(**params) compliances = resp.get("ComplianceByResources", []) return json.dumps(compliances, indent=2) - server.py:763-763 (registration)MCP decorator that registers the function as a tool named after the function.
@mcp.tool() - server.py:1117-1130 (helper)Supporting prompt that takes the JSON output from this tool and analyzes compliance data for non-compliant resources and remediation.
async def summarize_config_compliance(compliance_data: str) -> str: """ Given AWS Config compliance summaries, identify non-compliant resources, explain the violated rules, and recommend corrective actions to achieve compliance. Parameters: compliance_data (str): JSON list of ComplianceByResource objects. """ return ( f"Analyze the following AWS Config compliance data. Identify which " f"resources are non-compliant, describe the specific rules they violate, " f"and provide concise remediation steps to bring them into compliance:\n\n{compliance_data}" )