AWS Security
A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.
What is AWS Security?
AWS Security is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to model context protocol server that connects ai assistants like claude to aws security services, allowing them to autonomously query, inspect, and analyze aws infrastructure for security issues and mis...
A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.
This server falls under the Cloud Services and Security categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- A Model Context Protocol server that connects AI assistants
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx aws-securityConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use AWS Security
The AWS Security MCP Server connects AI assistants like Claude to a broad range of AWS security and infrastructure services, enabling autonomous querying, inspection, and analysis of your cloud environment for misconfigurations, vulnerabilities, and active threats. It covers GuardDuty findings, SecurityHub compliance data, IAM role analysis, S3 bucket policy review, EC2 and VPC inspection, CloudTrail log analysis via Athena, and more. Security engineers use it to run conversational security investigations — asking Claude to find all public S3 buckets, enumerate IAM roles with admin privileges, or correlate GuardDuty alerts with VPC flow logs — without manually running dozens of AWS CLI commands.
Prerequisites
- Python 3.9 or later and uv (or pip) installed
- AWS credentials configured with sufficient read permissions for the services you want to inspect (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, or an IAM role via instance profile)
- The aws-security-mcp server running locally (it exposes an SSE endpoint that your MCP client connects to)
- An MCP-compatible client such as Claude Desktop that supports SSE-based MCP connections
Clone the repository and install dependencies
Clone the aws-security-mcp repository and install its Python dependencies using uv (recommended) or pip.
git clone https://github.com/groovyBugify/aws-security-mcp.git
cd aws-security-mcp
uv venv
source .venv/bin/activate
uv pip install -r requirements.txtConfigure AWS credentials
Ensure your AWS credentials are available in the environment or in ~/.aws/credentials. The server respects standard AWS credential chain including environment variables and profiles.
export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_DEFAULT_REGION=us-east-1Start the MCP server
Run the server, which starts an SSE endpoint (default: http://localhost:8000/sse) that your MCP client will connect to.
python server.pyConfigure your MCP client
Add the aws-security server to your MCP client config. Since this server runs as an SSE service, use the mcp-proxy or a compatible SSE client config.
{
"mcpServers": {
"aws-security": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-proxy", "http://localhost:8000/sse"]
}
}
}Restart your MCP client and run a security query
Restart your MCP client to connect to the running server. Try asking Claude to list running EC2 instances or show recent GuardDuty findings to verify the connection.
AWS Security Examples
Client configuration
Claude Desktop configuration connecting to a locally running aws-security-mcp SSE server.
{
"mcpServers": {
"aws-security": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-proxy", "http://localhost:8000/sse"]
}
}
}Prompts to try
Example security investigation prompts for your AWS environment.
- "List all running EC2 instances and flag any that are publicly accessible"
- "Show GuardDuty findings from the last 7 days, prioritized by severity"
- "Find all S3 buckets with public read or write access"
- "Analyze IAM roles with administrative privileges and list what services can assume them"
- "Check SecurityHub compliance score and list the top 10 failing controls"
- "Generate a blast radius analysis for IP address 172.16.1.10 appearing in VPC flow logs"Troubleshooting AWS Security
AWS API calls fail with AccessDenied errors
The IAM user or role used by the server needs read permissions across the services you query (e.g., guardduty:ListFindings, ec2:DescribeInstances, iam:ListRoles). Attach the AWS managed policy SecurityAudit for broad read-only access.
MCP client cannot connect to the SSE endpoint
Confirm the Python server is running (python server.py) and listening on port 8000 before starting your MCP client. Check for firewall rules blocking localhost connections and verify the URL in your config matches the actual port.
No findings returned for GuardDuty or SecurityHub
GuardDuty and SecurityHub must be enabled in your AWS account and region before data is available. Log into the AWS Console, navigate to each service, and enable them. Also verify AWS_DEFAULT_REGION matches the region where you enabled these services.
Frequently Asked Questions about AWS Security
What is AWS Security?
AWS Security is a Model Context Protocol (MCP) server that model context protocol server that connects ai assistants like claude to aws security services, allowing them to autonomously query, inspect, and analyze aws infrastructure for security issues and misconfigurations. It connects AI assistants to external tools and data sources through a standardized interface.
How do I install AWS Security?
Follow the installation instructions on the AWS Security GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with AWS Security?
AWS Security works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is AWS Security free to use?
Yes, AWS Security is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.
AWS Security Alternatives — Similar Cloud Services Servers
Looking for alternatives to AWS Security? Here are other popular cloud services servers you can use with Claude, Cursor, and VS Code.
Open WebUI
★ 138.2kUser-friendly AI Interface (Supports Ollama, OpenAI API, ...)
Anything LLM
★ 60.4kThe all-in-one AI productivity accelerator. On device and privacy first with no annoying setup or configuration.
LocalAI
★ 46.4kLocalAI is the open-source AI engine. Run any model - LLMs, vision, voice, image, video - on any hardware. No GPU required.
Nacos
★ 33.0kan easy-to-use dynamic service discovery, configuration and service management platform for building AI cloud native applications.
Xiaozhi ESP32
★ 26.7k本项目为xiaozhi-esp32提供后端服务,帮助您快速搭建ESP32设备控制服务器。Backend service for xiaozhi-esp32, helps you quickly build an ESP32 device control server.
Gateway
★ 11.8kA blazing fast AI Gateway with integrated guardrails. Route to 1,600+ LLMs, 50+ AI Guardrails with 1 fast & friendly API.
Browse More Cloud Services MCP Servers
Explore all cloud services servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up AWS Security in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use AWS Security?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.