find_instances_with_public_access
Identifies EC2 instances with public internet access via security groups, optionally filtering by port or instance state, and returns results in JSON format for AWS Security MCP.
Instructions
Find EC2 instances that have public internet access through their security groups.
Copy
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| port | No | ||
| state | No | running |
Input Schema (JSON Schema)
You must be authenticated.
Other Tools from AWS Security MCP
- analyze_domain_security
- analyze_trusted_relationships
- batch_describe_instances
- batch_describe_security_groups
- check_confused_deputy_vulnerabilities
- check_console_access
- check_s3_bucket
- check_s3_bucket_security
- check_subdomain_takeover_vulnerability
- count_active_access_keys
- count_ec2_instances
- describe_instance_health
- describe_listeners
- describe_listeners_by_arns
- describe_load_balancer
- describe_load_balancer_listeners
- describe_rules
- describe_target_health
- find_instances_by_port
- find_instances_with_public_access
- find_ip_address_details
- find_public_security_groups
- find_resource_by_ip
- find_roles_by_trust_relationship
- find_security_groups_by_port
- get_access_key_details
- get_account_security_score
- get_all_tag_keys
- get_analyzer
- get_distribution_details
- get_distribution_invalidations
- get_finding
- get_finding_details
- get_function_details
- get_function_policy
- get_hosted_zone_details
- get_iam_policy_content
- get_inline_policy_content
- get_load_balancer_by_arn
- get_load_balancers
- get_role_permissions
- get_role_security_audit
- get_s3_bucket_details
- get_s3_bucket_policy
- get_securityhub_findings
- get_shield_attack_details
- get_shield_drt_access_status
- get_shield_emergency_contacts
- get_shield_protection_details
- get_shield_subscription_status
- get_shield_summary
- get_tag_values_for_key
- get_target_groups
- get_user_permissions
- get_user_security_audit
- get_waf_ip_set_details
- get_waf_rule_group_details
- get_waf_web_acl_details
- list_all_waf_components
- list_analyzers
- list_cache_policies
- list_detectors
- list_distributions
- list_ec2_instances
- list_ec2_resources
- list_failed_security_standards
- list_findings
- list_findings_by_category
- list_function_layers
- list_function_permissions
- list_functions
- list_health_checks
- list_hosted_zones
- list_iam_resources
- list_invocations
- list_ip_sets
- list_origin_request_policies
- list_resource_record_sets
- list_response_headers_policies
- list_role_policies
- list_route_tables
- list_s3_buckets
- list_security_groups
- list_shield_attacks
- list_shield_protected_resources
- list_shield_protections
- list_subnets
- list_threat_intel_sets
- list_traffic_policies
- list_user_policies
- list_vpcs
- list_waf_ip_sets
- list_waf_resources_for_web_acl
- list_waf_rule_groups
- list_waf_web_acls
- scan_s3_buckets_for_public_access
- search_distribution
- search_instance_profiles
- search_load_balancer
- search_resources_by_tag
Related Tools
- @groovyBugify/aws-security-mcp
- @groovyBugify/aws-security-mcp
- @groovyBugify/aws-security-mcp
- @groovyBugify/aws-security-mcp
- @groovyBugify/aws-security-mcp