How do I use AWS MCP Audit?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@AWS MCP Audit collect a snapshot of our EC2 and S3 resources and run security checks" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

AWS MCP Audit

by oldcoder01

Overview Schema Related Servers Score Discussions

Python

Hybrid

aws-mcp-audit (MVP)

A contractor-friendly read-only AWS assessment tool (MCP server) that inventories an AWS environment, runs deterministic security/ops checks, and generates actionable reports plus a cost/usage snapshot.

Quick start (uv)

uv sync
uv run python -m aws_mcp_audit.server

Claude Desktop (Windows) example config

Put this in %APPDATA%\Claude\claude_desktop_config.json and adjust the directory path:

{
  "mcpServers": {
    "aws-mcp-audit": {
      "command": "uv",
      "args": [
        "--directory",
        "C:\\D_Drive\\Dev\\aws-mcp-audit",
        "run",
        "python",
        "-m",
        "aws_mcp_audit.server"
      ]
    }
  }
}

Tool usage (conceptual)

aws_whoami(auth?)
collect_snapshot(scope, auth?) -> snapshot_id
run_checks(snapshot_id) -> finding_set_id
cost_signals(snapshot_id)
cost_explorer_summary(days=30, auth?) (optional permissions)
generate_report(snapshot_id, finding_set_id, format="md|pdf")

Auth

All tools accept an optional auth object:

{ "mode": "default" }

or (contractor-run):

{
  "mode": "assume_role",
  "role_arn": "arn:aws:iam::123456789012:role/ContractorAuditReadOnly",
  "external_id": "client-specific-external-id",
  "session_name": "aws-mcp-audit",
  "region_name": "us-east-1"
}

Outputs

Artifacts are stored locally under ./data/snapshots/<snapshot_id>/:

snapshot.json
findings.json
cost.json (tier-1 signals)
cost_explorer.json (if enabled)
report.md / report.pdf

Terraform module (client-side)

See terraform/ContractorAuditReadOnly/ for a simple module that creates a read-only role with ExternalId.

Install Server

security – no known vulnerabilities

license - not found

quality - not tested

How are these scores calculated?

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Tools

View all tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/oldcoder01/aws-mcp-audit'

If you have feedback or need assistance with the MCP directory API, please join our Discord server