AWS Security

v1.0.0Cloud Servicesstable

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

awscloud-securityllmmcp-server
Share:
83
Stars
0
Downloads
0
Weekly
0/5

What is AWS Security?

AWS Security is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to model context protocol server that connects ai assistants like claude to aws security services, allowing them to autonomously query, inspect, and analyze aws infrastructure for security issues and mis...

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

This server falls under the Cloud Services and Security categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • A Model Context Protocol server that connects AI assistants

Use Cases

AWS security services integration
Infrastructure vulnerability detection
groovyBugify

Maintainer

LicenseApache-2.0
Languagepython
Versionv1.0.0
UpdatedMay 16, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx aws-security

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use AWS Security

The AWS Security MCP Server connects AI assistants like Claude to a broad range of AWS security and infrastructure services, enabling autonomous querying, inspection, and analysis of your cloud environment for misconfigurations, vulnerabilities, and active threats. It covers GuardDuty findings, SecurityHub compliance data, IAM role analysis, S3 bucket policy review, EC2 and VPC inspection, CloudTrail log analysis via Athena, and more. Security engineers use it to run conversational security investigations — asking Claude to find all public S3 buckets, enumerate IAM roles with admin privileges, or correlate GuardDuty alerts with VPC flow logs — without manually running dozens of AWS CLI commands.

Prerequisites

  • Python 3.9 or later and uv (or pip) installed
  • AWS credentials configured with sufficient read permissions for the services you want to inspect (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, or an IAM role via instance profile)
  • The aws-security-mcp server running locally (it exposes an SSE endpoint that your MCP client connects to)
  • An MCP-compatible client such as Claude Desktop that supports SSE-based MCP connections
1

Clone the repository and install dependencies

Clone the aws-security-mcp repository and install its Python dependencies using uv (recommended) or pip.

git clone https://github.com/groovyBugify/aws-security-mcp.git
cd aws-security-mcp
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt
2

Configure AWS credentials

Ensure your AWS credentials are available in the environment or in ~/.aws/credentials. The server respects standard AWS credential chain including environment variables and profiles.

export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_DEFAULT_REGION=us-east-1
3

Start the MCP server

Run the server, which starts an SSE endpoint (default: http://localhost:8000/sse) that your MCP client will connect to.

python server.py
4

Configure your MCP client

Add the aws-security server to your MCP client config. Since this server runs as an SSE service, use the mcp-proxy or a compatible SSE client config.

{
  "mcpServers": {
    "aws-security": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-proxy", "http://localhost:8000/sse"]
    }
  }
}
5

Restart your MCP client and run a security query

Restart your MCP client to connect to the running server. Try asking Claude to list running EC2 instances or show recent GuardDuty findings to verify the connection.

AWS Security Examples

Client configuration

Claude Desktop configuration connecting to a locally running aws-security-mcp SSE server.

{
  "mcpServers": {
    "aws-security": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-proxy", "http://localhost:8000/sse"]
    }
  }
}

Prompts to try

Example security investigation prompts for your AWS environment.

- "List all running EC2 instances and flag any that are publicly accessible"
- "Show GuardDuty findings from the last 7 days, prioritized by severity"
- "Find all S3 buckets with public read or write access"
- "Analyze IAM roles with administrative privileges and list what services can assume them"
- "Check SecurityHub compliance score and list the top 10 failing controls"
- "Generate a blast radius analysis for IP address 172.16.1.10 appearing in VPC flow logs"

Troubleshooting AWS Security

AWS API calls fail with AccessDenied errors

The IAM user or role used by the server needs read permissions across the services you query (e.g., guardduty:ListFindings, ec2:DescribeInstances, iam:ListRoles). Attach the AWS managed policy SecurityAudit for broad read-only access.

MCP client cannot connect to the SSE endpoint

Confirm the Python server is running (python server.py) and listening on port 8000 before starting your MCP client. Check for firewall rules blocking localhost connections and verify the URL in your config matches the actual port.

No findings returned for GuardDuty or SecurityHub

GuardDuty and SecurityHub must be enabled in your AWS account and region before data is available. Log into the AWS Console, navigate to each service, and enable them. Also verify AWS_DEFAULT_REGION matches the region where you enabled these services.

Frequently Asked Questions about AWS Security

What is AWS Security?

AWS Security is a Model Context Protocol (MCP) server that model context protocol server that connects ai assistants like claude to aws security services, allowing them to autonomously query, inspect, and analyze aws infrastructure for security issues and misconfigurations. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install AWS Security?

Follow the installation instructions on the AWS Security GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with AWS Security?

AWS Security works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is AWS Security free to use?

Yes, AWS Security is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Browse More Cloud Services MCP Servers

Explore all cloud services servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "aws-security": { "command": "npx", "args": ["-y", "aws-security"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use AWS Security?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides