AWS Security

v1.0.0Cloud Servicesstable

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

awscloud-securityllmmcp-server
Share:
83
Stars
0
Downloads
0
Weekly
0/5

What is AWS Security?

AWS Security is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to model context protocol server that connects ai assistants like claude to aws security services, allowing them to autonomously query, inspect, and analyze aws infrastructure for security issues and mis...

A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, inspect, and analyze AWS infrastructure for security issues and misconfigurations.

This server falls under the Cloud Services and Security categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • A Model Context Protocol server that connects AI assistants

Use Cases

AWS infrastructure security analysis
Misconfiguration detection
Autonomous security audit and inspection
groovyBugify

Maintainer

LicenseApache 2.0
Languagepython
Versionv1.0.0
UpdatedMay 16, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx aws-security-mcp

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use AWS Security

AWS Security MCP is a Python-based Model Context Protocol server that connects AI assistants like Claude directly to AWS security services, enabling autonomous querying, inspection, and analysis of your cloud infrastructure. It covers a wide range of AWS services including IAM, EC2, S3, GuardDuty, SecurityHub, Lambda, CloudFront, WAF, Shield, ECS/ECR, and more, allowing the AI to surface misconfigurations, analyze blast radius, and audit permissions without manual CLI work. Security teams can use it to run natural-language security investigations across single or multi-account AWS environments.

Prerequisites

  • Python 3.10 or higher and the `uv` package manager installed
  • AWS credentials configured (via `aws configure sso`, environment variables, or an IAM role)
  • AWS IAM policy `arn:aws:iam::aws:policy/SecurityAudit` attached to your credentials
  • An MCP-compatible client such as Claude Desktop
  • `uv tool install mcp-proxy` for bridging stdio MCP clients to the HTTP server
1

Clone the repository

Download the server source code from GitHub since it is not published to PyPI.

git clone https://github.com/groovyBugify/aws-security-mcp.git
cd aws-security-mcp
2

Create a virtual environment and install dependencies

Use `uv` to set up an isolated Python environment and install all required packages.

uv venv
source .venv/bin/activate
uv pip install -r requirements.txt
3

Configure AWS credentials

Ensure your AWS credentials are available. You can use AWS SSO, environment variables, or a named profile. The SecurityAudit managed policy must be attached to the credentials being used.

# Option 1: AWS SSO
aws configure sso

# Option 2: Environment variables
export AWS_ACCESS_KEY_ID=your_key
export AWS_SECRET_ACCESS_KEY=your_secret
export AWS_DEFAULT_REGION=us-east-1
4

Create or edit config.yaml

Configure the server's AWS region, log level, and optional cross-account role settings in the YAML configuration file.

aws:
  region: us-east-1
  profile: null  # Optional: named AWS profile
server:
  log_level: info
cross_account:
  role_name: SecurityAuditRole  # Optional: for multi-account
  max_concurrent_assumptions: 5
5

Install mcp-proxy and configure your MCP client

Install mcp-proxy to bridge Claude Desktop (stdio) with the MCP server, then add the server configuration to your Claude Desktop config file.

uv tool install mcp-proxy
6

Add the server to Claude Desktop configuration

Edit your claude_desktop_config.json to register the AWS Security MCP server. Update the path to match your cloned repository location.

{
  "mcpServers": {
    "aws-security": {
      "command": "/path/to/aws-security-mcp/.venv/bin/python",
      "args": ["/path/to/aws-security-mcp/server.py"],
      "env": {
        "AWS_DEFAULT_REGION": "us-east-1",
        "AWS_ACCESS_KEY_ID": "your_key",
        "AWS_SECRET_ACCESS_KEY": "your_secret"
      }
    }
  }
}

AWS Security Examples

Client configuration

Claude Desktop configuration using direct Python execution with environment variable credentials.

{
  "mcpServers": {
    "aws-security": {
      "command": "/path/to/aws-security-mcp/.venv/bin/python",
      "args": ["/path/to/aws-security-mcp/server.py"],
      "env": {
        "AWS_DEFAULT_REGION": "us-east-1",
        "AWS_ACCESS_KEY_ID": "AKIAIOSFODNN7EXAMPLE",
        "AWS_SECRET_ACCESS_KEY": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
      }
    }
  }
}

Prompts to try

Natural language prompts that leverage the server's AWS security analysis capabilities across IAM, EC2, GuardDuty, and more.

- "List all running EC2 instances and flag any with public IPs"
- "Show GuardDuty findings from the last 7 days with HIGH or CRITICAL severity"
- "Analyze IAM roles with administrative privileges and show their trust policies"
- "Find S3 buckets with public access enabled"
- "Generate a blast radius analysis for IP 172.16.1.10"
- "Find resources tagged Team:Security across all accounts"

Troubleshooting AWS Security

Permission denied errors when querying AWS services

Ensure the AWS credentials in use have the `arn:aws:iam::aws:policy/SecurityAudit` managed policy attached. For cross-account analysis, also ensure the role specified in `cross_account.role_name` exists in target accounts and trusts the calling account.

Server fails to start or crashes on launch

Verify the virtual environment is activated and all dependencies are installed (`uv pip install -r requirements.txt`). Check that `config.yaml` exists in the project root with valid YAML syntax and an accessible AWS region.

Claude Desktop does not see the server tools

Restart Claude Desktop after editing `claude_desktop_config.json`. Verify the Python path points to the `.venv` binary, not a system Python, and that the absolute path to `server.py` is correct.

Frequently Asked Questions about AWS Security

What is AWS Security?

AWS Security is a Model Context Protocol (MCP) server that model context protocol server that connects ai assistants like claude to aws security services, allowing them to autonomously query, inspect, and analyze aws infrastructure for security issues and misconfigurations. It connects AI assistants to external tools and data sources through a standardized interface.

How do I install AWS Security?

Follow the installation instructions on the AWS Security GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with AWS Security?

AWS Security works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is AWS Security free to use?

Yes, AWS Security is open source and available under the Apache 2.0 license. You can use it freely in both personal and commercial projects.

Browse More Cloud Services MCP Servers

Explore all cloud services servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "aws-security-mcp": { "command": "npx", "args": ["-y", "aws-security-mcp"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use AWS Security?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides