aws-security-mcp 0.6.0 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +5 -7
  2. package/dist/bin/aws-security-mcp.js +326 -556
  3. package/dist/bin/aws-security-mcp.js.map +1 -1
  4. package/dist/src/index.js +326 -556
  5. package/dist/src/index.js.map +1 -1
  6. package/package.json +1 -2
package/README.md CHANGED
@@ -125,11 +125,11 @@ For multi-account scanning across an AWS Organization:
125
125
  | `scan_idle_resources` | Find unused/idle resources |
126
126
  | `scan_disaster_recovery` | Assess disaster recovery readiness |
127
127
  | `scan_security_hub_findings` | Aggregate findings from AWS Security Hub |
128
- | `scan_guardduty_findings` | Aggregate findings from Amazon GuardDuty |
129
- | `scan_inspector_findings` | Aggregate findings from Amazon Inspector |
128
+ | `scan_guardduty_findings` | Check if GuardDuty is enabled (findings via Security Hub) |
129
+ | `scan_inspector_findings` | Check if Inspector is enabled (findings via Security Hub) |
130
130
  | `scan_trusted_advisor_findings` | Aggregate findings from AWS Trusted Advisor |
131
- | `scan_config_rules_findings` | Aggregate findings from AWS Config Rules |
132
- | `scan_access_analyzer_findings` | Aggregate findings from IAM Access Analyzer |
131
+ | `scan_config_rules_findings` | Check if Config is enabled (findings via Security Hub) |
132
+ | `scan_access_analyzer_findings` | Check if Access Analyzer is enabled (findings via Security Hub) |
133
133
  | `scan_patch_compliance_findings` | Aggregate findings from SSM Patch Compliance |
134
134
  | `scan_imdsv2_enforcement` | Check EC2 instances for IMDSv2 enforcement |
135
135
  | `scan_waf_coverage` | Check internet-facing ALBs for WAF Web ACL protection |
@@ -206,8 +206,6 @@ Attach this policy to the IAM user or role running the scanner. All actions are
206
206
  "lambda:ListFunctions",
207
207
  "lambda:GetFunction",
208
208
 
209
- "macie2:GetMacieSession",
210
-
211
209
  "organizations:ListAccounts",
212
210
 
213
211
  "rds:DescribeDBInstances",
@@ -248,7 +246,7 @@ Attach this policy to the IAM user or role running the scanner. All actions are
248
246
 
249
247
  | Module | What It Checks | Risk Score Range |
250
248
  |--------|---------------|-----------------|
251
- | **Service Detection** | Enabled security services (Security Hub, GuardDuty, Inspector, Config, Macie, CloudTrail) and maturity level | 5.0 - 7.5 |
249
+ | **Service Detection** | Enabled security services (Security Hub, GuardDuty, Inspector, Config, CloudTrail) and maturity level | 5.0 - 7.5 |
252
250
  | **Secret Exposure** | Lambda env vars and EC2 userData for exposed secrets (AWS keys, private keys, passwords) | 7.0 - 9.5 |
253
251
  | **SSL Certificate** | ACM certificate expiry, failed status, upcoming renewals | 5.5 - 9.0 |
254
252
  | **Dangling DNS** | Route53 CNAME records pointing to non-existent resources (subdomain takeover) | 7.0 - 8.5 |