aws-security-mcp 0.3.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/README.md +118 -42
  2. package/dashboard/dist/assets/index-CQyERuqT.css +2 -0
  3. package/dashboard/dist/data.json +167 -758
  4. package/dashboard/dist/index.html +2 -2
  5. package/dist/bin/aws-security-mcp.js +1526 -2901
  6. package/dist/bin/aws-security-mcp.js.map +1 -1
  7. package/dist/src/index.d.ts +35 -1
  8. package/dist/src/index.js +1516 -2881
  9. package/dist/src/index.js.map +1 -1
  10. package/package.json +4 -4
  11. package/templates/stackset-audit-role.json +55 -0
  12. package/templates/stackset-audit-role.yaml +44 -0
  13. package/dashboard/dist/assets/index-DCplBiuM.css +0 -2
  14. /package/dashboard/dist/assets/{index-jFq0Af8S.js → index-BYE-UdjR.js} +0 -0
package/dist/src/index.d.ts CHANGED
@@ -15,6 +15,8 @@ interface Finding {
15
15
  remediationSteps: string[];
16
16
  priority: Priority;
17
17
  module?: string;
18
+ accountId?: string;
19
+ accountAlias?: string;
18
20
  }
19
21
  interface ScanResult {
20
22
  module: string;
@@ -26,10 +28,17 @@ interface ScanResult {
26
28
  scanTimeMs: number;
27
29
  findings: Finding[];
28
30
  }
31
+ interface AwsCredentials {
32
+ accessKeyId: string;
33
+ secretAccessKey: string;
34
+ sessionToken: string;
35
+ }
29
36
  interface ScanContext {
30
37
  region: string;
31
38
  partition: string;
32
39
  accountId: string;
40
+ accountAlias?: string;
41
+ credentials?: AwsCredentials;
33
42
  }
34
43
  interface FullScanResult {
35
44
  scanStart: string;
@@ -84,6 +93,31 @@ interface Scanner {
84
93
  }
85
94
 
86
95
  declare function runAllScanners(scanners: Scanner[], region: string): Promise<FullScanResult>;
96
+ interface MultiAccountOptions {
97
+ orgMode: boolean;
98
+ roleName: string;
99
+ accountIds?: string[];
100
+ }
101
+ declare function runMultiAccountScanners(scanners: Scanner[], region: string, opts: MultiAccountOptions): Promise<FullScanResult>;
102
+
103
+ declare function getCurrentAccountId(region: string): Promise<string>;
104
+ declare function assumeRole(roleArn: string, region: string, options?: {
105
+ sessionName?: string;
106
+ externalId?: string;
107
+ }): Promise<{
108
+ accessKeyId: string;
109
+ secretAccessKey: string;
110
+ sessionToken: string;
111
+ }>;
112
+ declare function buildRoleArn(accountId: string, roleName: string, partition?: string): string;
113
+
114
+ interface OrgAccount {
115
+ id: string;
116
+ name: string;
117
+ email: string;
118
+ status: string;
119
+ }
120
+ declare function listOrgAccounts(region: string): Promise<OrgAccount[]>;
87
121
 
88
122
  declare function generateMarkdownReport(scanResults: FullScanResult): string;
89
123
 
@@ -96,4 +130,4 @@ declare function saveResults(scanResults: FullScanResult, outputDir?: string): s
96
130
  declare function createServer(defaultRegion: string): McpServer;
97
131
  declare function startServer(defaultRegion: string): Promise<void>;
98
132
 
99
- export { type DashboardData, type DashboardHistoryEntry, type Finding, type FullScanResult, type Priority, type ScanContext, type ScanResult, type Scanner, type Severity, calculateScore, createServer, generateHtmlReport, generateMarkdownReport, generateMlps3HtmlReport, runAllScanners, saveResults, startServer };
133
+ export { type DashboardData, type DashboardHistoryEntry, type Finding, type FullScanResult, type OrgAccount, type Priority, type ScanContext, type ScanResult, type Scanner, type Severity, assumeRole, buildRoleArn, calculateScore, createServer, generateHtmlReport, generateMarkdownReport, generateMlps3HtmlReport, getCurrentAccountId, listOrgAccounts, runAllScanners, runMultiAccountScanners, saveResults, startServer };