Skip to content

feat(servers): add AWS Security MCP Server #1414

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

feat(servers): add AWS Security MCP Server #1414

wants to merge 1 commit into from

Conversation

crypto-br
Copy link

  • Add GuardDuty findings integration
  • Add Security Hub findings integration
  • Add health check functionality
  • Include comprehensive tests and documentation

Fixes

Summary

Changes

Please provide a summary of what's being changed

User experience

Please share what the user experience looks like before and after this change

Checklist

If your change doesn't seem to apply, please leave them unchecked.

  • I have reviewed the contributing guidelines
  • I have performed a self-review of this change
  • Changes have been tested
  • Changes are documented

Is this a breaking change? (Y/N)

RFC issue number:

Checklist:

  • Migration process documented
  • Implement warnings (if it can live side by side)

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.

feat(servers): add AWS Security MCP Server
142c966 
- Add GuardDuty findings integration
- Add Security Hub findings integration
- Add health check functionality
- Include comprehensive tests and documentation
@crypto-br crypto-br requested review from a team as code owners October 1, 2025 18:59
@scottschreckengaust scottschreckengaust added hold-merging Signals to hold the PR from merging new mcp server A new MCP server ideally linked to an issue labels Oct 1, 2025
@scottschreckengaust scottschreckengaust moved this from To triage to Backlog in awslabs/mcp Project Oct 1, 2025
@scottschreckengaust scottschreckengaust self-assigned this Oct 1, 2025
@alexa-perlov
Copy link
Contributor

Can you please take a look at the Well Architected Security MCP Server and see if it meets your use case? For example, it already has support for:

CheckSecurityServices: Monitor AWS security services operational status

Monitors operational status of GuardDuty, Security Hub, Inspector, and IAM Access Analyzer
Identifies service availability across regions for operational visibility
Provides operational recommendations for maintaining security service coverage

From a high level overview, looks like there is a lot of overlap. Please let me know what you think. Thanks!

@crypto-br
Copy link
Author

@alexa-perlov ,

Thanks for the suggestion! I reviewed the Well-Architected Security MCP Server and while there is some overlap in service monitoring, the use cases are quite different:

  • Well-Architected Server: Compliance assessment and overall security posture evaluation against the Well-Architected Framework
  • AWS Security MCP Server: Direct access to operational security findings for threat analysis

They're complementary - the Well-Architected server answers 'how is my overall security posture' while mine answers 'what specific threats have been detected.' The Well-Architected server focuses on recommendations and compliance, while
mine provides direct access to GuardDuty findings with threat types, severity scores, and Security Hub findings with workflow status.

I believe both have unique value in the MCP ecosystem - one for strategic security assessment, the other for operational threat monitoring.

@github-actions GitHub Actions
Copy link
Contributor

This pull request is now marked as stale because it hasn't seen activity for a while. Add a comment or it will be closed soon. If you wish to exclude this issue from being marked as stale, add the "backlog" label.

@github-actions github-actions bot added the stale These are items that have been around for a long time without progress label Oct 16, 2025
@github-actions GitHub Actions
Copy link
Contributor

Closing this pull request as it hasn't seen activity for a while. Please add a comment @mentioning a maintainer to reopen. If you wish to exclude this issue from being marked as stale, add the "backlog" label.

@github-actions github-actions bot closed this Oct 19, 2025
@github-project-automation github-project-automation bot moved this from Backlog to Done in awslabs/mcp Project Oct 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@scottschreckengaust scottschreckengaust

Labels

hold-merging Signals to hold the PR from merging new mcp server A new MCP server ideally linked to an issue stale These are items that have been around for a long time without progress

Projects

awslabs/mcp Project
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@crypto-br @alexa-perlov @scottschreckengaust