cloud-audit
The cloud-audit MCP server enables AI agents to perform AWS security auditing through six tools:
scan_aws— Scan AWS accounts for misconfigurations across 18+ services, detect attack chains, and estimate breach costs. Supports AWS CLI profile, regions, and severity filters.get_findings— Retrieve findings from the latest scan, filterable by severity (critical/high/medium/low) and AWS service prefix. Each finding includes check ID, severity, affected resource, description, and estimated breach cost.get_attack_chains— Fetch correlated findings that form exploitable end-to-end attack paths, each with a narrative, priority fix recommendation, and breach cost estimate.get_remediation— Get copy-paste ready AWS CLI commands and Terraform HCL snippets to fix a specific security check by ID.get_health_score— Retrieve a 0–100 security health score with finding counts by severity, attack chain count, and total estimated risk exposure in USD.list_checks— List all 80 available security checks organized by service/category, no AWS credentials required.
Enables scanning of AWS accounts to detect security vulnerabilities and multi-step attack chains, providing breach cost estimations and remediation guidance via AWS CLI commands and Terraform HCL.
Quick Start
pip install cloud-audit
cloud-audit scan # uses your default AWS credentials and regionNo AWS account handy? Run a full sample report offline:
cloud-audit democloud-audit is read-only. It never modifies your infrastructure; SecurityAudit is enough (permissions).
Related MCP server: agent-bom
Example Output
+---- Attack Chains (5 detected) -----------------------------------+
| CRITICAL Internet-Exposed Admin Instance |
| i-0abc123 - public SG + admin IAM role + IMDSv1 |
| CRITICAL IAM Privilege Escalation via iam:PassRole |
| ci-deploy-role - 3-step path to admin |
| CRITICAL CI/CD to Admin Takeover |
| github-deploy - OIDC without sub + admin policy |
+-------------------------------------------------------------------+
+---- Remediation Plan ---------------------------------------------+
| Fix 4 root causes, break 22 attack chains |
| Quick wins (effort LOW, 14 chains): |
| 1. Restrict SG ingress on sg-0abc123 -> breaks 8 chains |
| 2. Add OIDC sub condition -> breaks 6 chains |
+-------------------------------------------------------------------+Preview a fix before you touch anything:
cloud-audit simulate --fix aws-vpc-002
# Score 34 -> 58 (+24) | Chains broken 8 of 22 | Findings resolved 11What You Get
Attack chains // 31 rules correlate individual findings into exploitable paths (MITRE ATT&CK + pathfinding.cloud). docs
Root-cause fixes // groups findings by shared cause and ranks them: "fix 4 things, break 22 chains," with a what-if
simulateto preview impact. docsIAM privilege escalation // 64 methods across 9 categories, including lateral movement through the AssumeRole graph. docs
Blast radius // walk outward from any resource to see what an attacker reaches; export JSON to the live visualizer. docs
Proof Mode //
scan --verifychecks each escalation path against the IAM policy simulator (read-only) and flags the ones the principal can actually perform. docsData perimeter // resource-policy checks for confused-deputy and cross-org exposure, evaluating condition values (not just their presence). docs
AgentCore security // checks for Amazon Bedrock AgentCore AI agents: network mode, MMDSv2, memory encryption, gateway authorizer. docs
Threat Feed // 10 detectors for active-abuse patterns from 2025-2026 incidents, each with a primary-source citation. docs
Remediation on every finding // copy-paste AWS CLI + reviewable Terraform you apply yourself; security findings also carry a USD breach-cost estimate with sources.
Trend & drift //
cloud-audit diffcatches ClickOps drift between scans;cloud-audit trendtracks posture over time.
Reports
cloud-audit scan --format html -o report.html # client-ready
cloud-audit scan --format sarif -o results.sarif # GitHub Code Scanning
cloud-audit scan --format json -o report.json # machine-readable
cloud-audit scan --format markdown -o report.md # PR commentsCI/CD
- run: pip install cloud-audit
- run: cloud-audit scan --format sarif --output results.sarif
- uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif--quiet exits with a code only: 0 clean, 1 findings, 2 error. Gate on severity with --min-severity high. Ready-made workflows: basic scan, daily diff, post-deploy.
Installation
pip install cloud-audit # pip (recommended)
pipx install cloud-audit # isolated
docker run ghcr.io/gebalamariusz/cloud-audit scan # DockerDocker with credentials:
docker run -v ~/.aws:/home/cloudaudit/.aws:ro ghcr.io/gebalamariusz/cloud-audit scanAWS Permissions
Read-only. Attach the AWS-managed SecurityAudit policy (covers every check, including IAM escalation analysis):
aws iam attach-role-policy --role-name auditor \
--policy-arn arn:aws:iam::aws:policy/SecurityAuditcloud-audit never modifies your infrastructure. simulate runs locally against scan data and makes no AWS calls.
What's Checked
110 checks across 25 AWS services - IAM, S3, EC2, VPC, RDS, KMS, CloudTrail, GuardDuty, Lambda, Secrets Manager, Bedrock, SageMaker, Bedrock AgentCore, DynamoDB, and more. Run cloud-audit list-checks, or see the full check reference.
6 compliance frameworks via scan --compliance <id>: CIS AWS v3.0 and SOC 2 Type II (stable), plus ISO 27001:2022, HIPAA, NIS2, and BSI C5:2020 (beta). docs
MCP server for AI agents - 6 read-only tools (scan_aws, get_findings, get_attack_chains, get_remediation, get_health_score, list_checks):
claude mcp add cloud-audit -- uvx --from cloud-audit cloud-audit-mcpcloud-audit scan -R # show remediation inline
cloud-audit scan --profile prod --regions eu-central-1 # profile / region
cloud-audit scan --regions all # all enabled regions
cloud-audit scan --role-arn arn:aws:iam::...:role/audit # cross-account
cloud-audit scan --export-fixes fixes.sh # export all fixesConfigure defaults in .cloud-audit.yml (regions, min_severity, exclude_checks, time-boxed suppressions). Environment variables (CLOUD_AUDIT_REGIONS, CLOUD_AUDIT_MIN_SEVERITY, ...) override the file; CLI flags override everything. See the configuration guide.
Documentation
Full documentation at haitmg.pl/cloud-audit: getting started, attack chains, IAM escalation, blast radius, Proof Mode, data perimeter, AgentCore, compliance, and the full check reference.
Commercial Support
cloud-audit is free and stays free. If you want a human on the findings, the author offers professional services:
Scanner output review (free) - send your cloud-audit / Prowler / Security Hub output, get a short written review of what actually matters and what to fix first
AWS security audit - full account audit with a prioritized report and ready-to-apply fixes
Remediation support - Terraform and IAM changes, verified against your workloads
Palo Alto VM-Series on AWS - architecture and security review (GWLB/TGW, HA, routing)
Details: haitmg.pl/cloud-audit-support or email kontakt@haitmg.pl.
Development
git clone https://github.com/gebalamariusz/cloud-audit.git
cd cloud-audit
pip install -e ".[dev]"
pytest -q && ruff check src/ tests/ && mypy src/See CONTRIBUTING.md to add a check. Past releases in CHANGELOG.md.
License
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/gebalamariusz/cloud-audit'
If you have feedback or need assistance with the MCP directory API, please join our Discord server