icon for mcp server

AWS Security

STDIO

AI assistant interface for AWS security services with cross-account support and security analysis

AWS Security MCP

License: MIT Python 3.11+

A Model Context Protocol (MCP) server that enables AI assistants to perform comprehensive AWS security analysis through natural language queries.

Overview

AWS Security MCP bridges AI assistants like Claude with AWS security services, enabling real-time infrastructure analysis through conversational queries. The system automatically discovers and analyzes resources across multiple AWS accounts, providing security insights without requiring deep AWS CLI knowledge.

Key Capabilities

  • Cross-Account Discovery: Automatic detection and access to AWS Organization accounts
  • Natural Language Interface: Query AWS resources using plain English
  • Security Analysis: Integrated findings from GuardDuty, SecurityHub, and Access Analyzer
  • Infrastructure Mapping: Network topology, threat modelling, security review and blast radius analysis
  • Log Analytics: Athena-powered analysis of CloudTrail, VPC Flow Logs, and security events

Prerequisites

  • Python: 3.11 or higher
  • Package Manager: uv
  • AWS Account: With appropriate IAM permissions
  • MCP Client: Claude Desktop, Cline, or compatible client

AWS Requirements

MCP Server's AWS credentials must have the following permissions:

Core MCP Permissions

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "CrossAccountAccess",
      "Effect": "Allow",
      "Action": [
        "sts:AssumeRole"
      ],
      "Resource": "arn:aws:iam::*:role/aws-security-mcp-cross-account-access"
    },
    {
      "Sid": "OrganizationDiscovery",
      "Effect": "Allow",
      "Action": [
        "organizations:ListAccounts"
      ],
      "Resource": "*"
    }
  ]
}

Athena Integration Permissions

For advanced log analysis capabilities, additional permissions are required:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AthenaQueryExecution",
      "Effect": "Allow",
      "Action": [
        "athena:BatchGetQueryExecution",
        "athena:GetQueryExecution",
        "athena:GetQueryResults",
        "athena:GetWorkGroup",
        "athena:GetTableMetadata",
        "athena:ListQueryExecutions",
        "athena:StartQueryExecution",
        "athena:GetQueryResultsStream",
        "athena:GetDataCatalog",
        "athena:ListDataCatalogs",
        "athena:ListDatabases",
        "athena:ListTableMetadata"
      ],
      "Resource": "*"
    },
    {
      "Sid": "GlueCatalogAccess",
      "Effect": "Allow",
      "Action": [
        "glue:GetDatabase",
        "glue:GetDatabases",
        "glue:GetTable",
        "glue:GetTables",
        "glue:GetPartition",
        "glue:GetPartitions",
        "glue:BatchGetPartition"
      ],
      "Resource": "*"
    },
    {
      "Sid": "S3LogDataAccess",
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::your-cloudtrail-bucket/*",
        "arn:aws:s3:::your-cloudtrail-bucket",
        "arn:aws:s3:::your-vpc-flow-logs-bucket/*",
        "arn:aws:s3:::your-vpc-flow-logs-bucket",
        "arn:aws:s3:::your-security-logs-bucket/*",
        "arn:aws:s3:::your-security-logs-bucket"
      ]
    },
    {
      "Sid": "AthenaResultsAccess",
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Resource": [
        "arn:aws:s3:::your-athena-results-bucket/*",
        "arn:aws:s3:::your-athena-results-bucket"
      ]
    }
  ]
}

Required AWS Managed Policies

SecurityAudit Policy (Required)

Attach the AWS managed SecurityAudit policy to your MCP Server's IAM user or IAM role:

Policy ARN: arn:aws:iam::aws:policy/SecurityAudit

This policy provides comprehensive read-only access to AWS security services and is essential for AWS Security MCP functionality. It includes permissions for:

  • IAM: Users, roles, policies, access analysis
  • EC2: Security groups, instances, VPC configurations
  • S3: Bucket policies, ACLs, public access settings
  • GuardDuty: Findings, detectors, threat intelligence
  • SecurityHub: Security standards, compliance findings
  • Access Analyzer: IAM access analysis and findings
  • Lambda: Function configurations and permissions
  • CloudFront: Distribution security settings
  • Route53: DNS configurations and health checks
  • WAF: Web ACL rules and configurations
  • All other security-related AWS services

Optional Managed Policies

  • AthenaFullAccess: arn:aws:iam::aws:policy/AmazonAthenaFullAccess (for simplified Athena log analysis)

Important Notes

  • It's best to use this MCP Server with Claude Desktop Pro/Max Plan or any other platform that allows you to deal with token size greater than 100,000
  • Replace bucket names in the S3 permissions with your actual CloudTrail, VPC Flow Logs, and Athena results bucket names
  • The SecurityAudit policy is mandatory for basic AWS Security MCP functionality
  • Athena integration permissions are optional and only required for advanced log analysis features
  • All permissions follow the principle of least privilege with read-only access where possible

Quick Start ~ local setup

  1. Update config.yml
aws:
  region: "us-east-1"
  profile: {profileName}
  .
  .
  .
  1. Configure your AWS Credentials via ~ local setup
  • aws sso 
    $ aws configure sso
SSO Session Name - [email protected]
URL - https://yourDomain.awsapps.com/start/#
Region - us-east-1
  • env variabls 
    export AWS_ACCESS_KEY_ID=
export export AWS_SECRET_ACCESS_KEY=
export export AWS_SESSION_TOKEN=

  1. Run the following commands

    git clone https://github.com/groovyBugify/aws-security-mcp.git
uv venv
source .venv/bin/activate
uv pip install -r requirements.txt

  2. Configure MCP Client

    # Install mcp-proxy
uv tool install mcp-proxy

# Check location of mcp-proxy
which mcp-proxy

# Add to Claude Desktop config
{
  "mcpServers": {
    "aws-security": {
      "command": "/path/to/mcp-proxy",
      "args": ["http://localhost:8000/sse"]
    }
  }
}

Quick Start ~ as AWS ECS Service

  1. Login to AWS ECR
$ aws ecr get-login-password --region {region} | docker login --username AWS --password-stdin {accountID}.dkr.ecr.{region}.amazonaws.com
  1. Create ECR Repo
$ aws ecr create-repository --repository-name aws-security-mcp --region {region}
  1. Build Docker Image
$ cd aws-security-mcp/
$ docker buildx build --platform linux/amd64 -t aws-security-mcp .
$ docker tag aws-security-mcp:latest {accountID}.dkr.ecr.{region}.amazonaws.com/aws-security-mcp:latest
$ docker push {accountID}.dkr.ecr.{region}.amazonaws.com/aws-security-mcp:latest

  1. Deploying as AWS ECS Service

    • Create a Task Definition with "2048" CPU and "4096" Memory, this is optional, you can choose any values
    • Configure the Task definition to do port mapping for port 8000
    • Create ECS Task Role with the following permissions
      • SecurityAudit IAM Policy
      • Athena Access (Policy mentioned above)
      • STS Assume Role permissions to assume cross account roles
    • Create ECS Task Execution Role with basic permissions
    • Once the Task Definition is completed.
    • Create an AWS ECS Service using the Task definition
      • You can configure Load Balancer as well
      • Make Sure to turn off the Stickness Session on Load Balancers
    • Register the ALB's taget group and listeners for port 80/443 -> ECS Service(8000)
    • Register the ALB for Route53 domain.

  2. Configure MCP Client

    # Install mcp-proxy
uv tool install mcp-proxy

# Check location of mcp-proxy
which mcp-proxy

# Add to Claude Desktop config
{
  "mcpServers": {
    "aws-security": {
      "command": "/path/to/mcp-proxy",
      "args": ["http://{alb}/sse"]
    }
  }
}

Configuration

YAML Configuration

Edit config.yaml in the project root according to your needs:

aws:
  region: "us-east-1"
  profile: null

server:
  log_level: "info"
  startup_quiet: false
  tool_quiet: false

cross_account:
  role_name: "aws-security-mcp-cross-account-access"
  auto_setup_on_startup: true
  max_concurrent_assumptions: 5

Environment Variable Override

Environment variables take precedence over YAML configuration:

export MCP_LOG_LEVEL=debug
export MCP_STARTUP_QUIET=false
export AWS_DEFAULT_REGION=eu-west-1

Usage Examples

Basic Infrastructure Queries

Query: "Can you share a list of running ec2 instances?"

Query: "Share all the secrets stored on env variables of Lambda functions, and share a list of functions for remediating this issue."

Query: "Check my 'prod-ecs-cluster' and share more details about the 'user-login' service, is it deployed?"

Security Analysis

Query: "Show all GuardDuty findings from the last 7 days, and priortise based on the risk of exposure."

Query: "Analyze IAM roles with administrative privileges"

Query: "Generate blast radius analysis for IP 172.16.1.10"

Query: "Fetch more details about the ip - 172.22.141.11, and share a network map for this resource.

Cross-Account Operations

Query: "List all connected AWS accounts"
Query: "Refresh my AWS session"
Query: "Find resources tagged Team:Security across all accounts"
Query: "Show compliance status across organization"

Architecture

Cross-Account Access

AWS Security MCP implements a hub-and-spoke model for multi-account access:

  1. Discovery: Uses organizations:ListAccounts to identify target accounts
  2. Role Assumption: Assumes aws-security-mcp-cross-account-access role in each account
  3. Session Management: Maintains temporary credentials with automatic refresh
  4. Fallback: Uses default credential chain for non-organization accounts

Required IAM Role Setup

Create this role in each target AWS account:

Role Name: aws-security-mcp-cross-account-access

Trust Policy:

{
"Version": "2012-10-17",
"Statement": [
 {
   "Effect": "Allow",
   "Principal": {
     "AWS": "arn:aws:iam::YOUR-MASTER-ACCOUNT-ID:root"
   },
   "Action": "sts:AssumeRole"
    }
]
}

Permissions: Attach AWS managed policy arn:aws:iam::aws:policy/SecurityAudit

Athena Integration

Overview

AWS Security MCP integrates with Amazon Athena to provide advanced log analysis capabilities. This feature requires pre-existing Athena tables containing your security-relevant logs.

Supported Log Types

While the MCP server can analyze any log source through Athena, the following sources are recommended to provide comprehensive security metadata to your MCP client. For optimal security coverage, we recommend implementing at least CloudTrail and VPC Flow Logs:

Recommended Log Sources:

  • AWS CloudTrail: API call auditing and user activity tracking
  • VPC Flow Logs: Network traffic pattern analysis
  • CloudFront Logs: CDN request and response analysis
  • ALB Access Logs: Application load balancer traffic insights
  • WAF Logs: Web application firewall events and blocks(Cloudflare/AWS WAF/Akamai)
  • AWS Shield Logs: DDoS protection and mitigation events

Flexibility for Custom Log Sources

The MCP server supports querying any log type stored in S3, giving you complete flexibility to analyze custom or additional log sources. To enable analysis of any log source, ensure:

  1. S3 Storage: Your logs are stored in an S3 bucket
  2. Athena Table: A properly configured Athena table exists for the log format
  3. IAM Permissions: The MCP server has s3:GetObject and s3:ListBucket permissions for the target bucket

This architecture allows you to extend security analysis beyond standard AWS logs to include application logs, custom security events, or third-party security tool outputs.

Query Capabilities

Once tables are configured, you can perform advanced queries:

Query: "Show all failed login attempts from external IPs in the last 24 hours"

Query: "Can you share what did '[email protected]' did in past 24 hours on my aws account? and share a timeline report?"

Query: "Can you check for all the 'Access Denied/Error/Forbidden' on my PCI(123456789012) aws account and share the username and userIP of the principal, and do a reverse IP checkup if this IP is coming from my own AWS Org or external party."

Query: "Correlate GuardDuty findings with CloudTrail and VPC Flow logs events"

Setup Prerequisites

  1. S3 Buckets: CloudTrail and VPC Flow Logs must be stored in S3
  2. Athena Workgroup: Configure appropriate workgroup with result location
  3. Partitioning: Enable partition projection for performance
  4. IAM Permissions: Grant Athena query permissions to the MCP execution role

Supported AWS Services

Currently Available

ServiceCapabilities
IAMUsers, roles, policies, access keys, permission analysis
EC2Instances, security groups, VPCs, subnets, network interfaces
S3Buckets, permissions, public access analysis
GuardDutyFindings, detectors, threat intelligence
SecurityHubFindings, compliance standards, security scores
LambdaFunctions, permissions, configurations, triggers
CloudFrontDistributions, origins, behaviors, security policies
ELB/ALB/NLBLoad balancers, target groups, listeners, health checks
Route53Hosted zones, DNS records, health checks
WAFWeb ACLs, rules, rate limiting
ShieldDDoS protection status and metrics
Access AnalyzerIAM access analysis and findings
ECS/ECRContainer services, repositories, image scanning
OrganizationsAccount structure, SCPs, organizational units
AthenaLog analysis, security event correlation

Planned Additions

  • Oauth Authentication
  • AWS Config compliance analysis
  • AWS Security Hub CSPM integration
  • External CSPM integration

Advanced Configuration

Production Deployment

For production environments, use the following configuration:

server:
  host: "0.0.0.0"
  log_level: "error"
  startup_quiet: true
  tool_quiet: true
  minimal_logging: true

cross_account:
  max_concurrent_assumptions: 10
  session_duration_seconds: 7200

Docker Deployment

FROM python:3.11-slim
WORKDIR /app
COPY . .
RUN pip install -r requirements.txt
EXPOSE 8000
CMD ["python", "aws_security_mcp/main.py", "sse"]
docker build -t aws-security-mcp .
docker run -p 8000:8000 \
  -e AWS_ACCESS_KEY_ID=your_key \
  -e AWS_SECRET_ACCESS_KEY=your_secret \
  aws-security-mcp

Load Balancer Configuration

  • Health Check: GET /health
  • SSE Endpoint: /sse
  • Timeout: 60 seconds minimum
  • Sticky Sessions: Not required

Troubleshooting

Common Issues

Tool Discovery Fails

# Check AWS credentials
aws sts get-caller-identity

# Verify cross-account role exists
aws iam get-role --role-name aws-security-mcp-cross-account-access

Cross-Account Access Denied

# Test role assumption manually
aws sts assume-role \
  --role-arn arn:aws:iam::TARGET-ACCOUNT:role/aws-security-mcp-cross-account-access \
  --role-session-name test-session

Performance Issues

# Reduce concurrent operations
cross_account:
  max_concurrent_assumptions: 3
  
# Enable minimal logging
server:
  minimal_logging: true

Debug Mode

Enable verbose logging for troubleshooting:

export MCP_LOG_LEVEL=debug
export MCP_STARTUP_QUIET=false
python3 aws_security_mcp/main.py sse

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support

Related MCP Server Picks for You

Be the First to Experience MCP Now