mcp-aws-manager 0.3.1 → 0.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENT_GUIDANCE_LOOP_TEMPLATE_KO.md +19 -3
- package/IMPLEMENTATION_INTEGRATIONS.md +91 -0
- package/MCP_CLIENT_SETUP.md +17 -8
- package/MCP_DIFFERENTIATION.md +39 -0
- package/README.md +19 -106
- package/bin/mcp-aws-manager-mcp.js +142 -37
- package/bin/mcp-aws-manager.js +888 -132
- package/package.json +13 -6
|
@@ -20,7 +20,7 @@ function usageText() {
|
|
|
20
20
|
return [
|
|
21
21
|
"mcp-aws-manager-mcp",
|
|
22
22
|
"",
|
|
23
|
-
"MCP stdio wrapper for the mcp-aws-manager CLI
|
|
23
|
+
"MCP stdio wrapper for the mcp-aws-manager CLI.",
|
|
24
24
|
"",
|
|
25
25
|
"Usage:",
|
|
26
26
|
" mcp-aws-manager-mcp",
|
|
@@ -28,7 +28,7 @@ function usageText() {
|
|
|
28
28
|
"",
|
|
29
29
|
"Notes:",
|
|
30
30
|
" - This process is an MCP stdio server.",
|
|
31
|
-
" - Exposes
|
|
31
|
+
" - Exposes multi-service AWS inventory and optional runtime tools.",
|
|
32
32
|
""
|
|
33
33
|
].join("\n");
|
|
34
34
|
}
|
|
@@ -100,6 +100,21 @@ function buildCliArgs(input) {
|
|
|
100
100
|
const instanceIds = toCsvArg(input.instanceIds);
|
|
101
101
|
if (instanceIds) args.push("--instance-ids", instanceIds);
|
|
102
102
|
|
|
103
|
+
if (input.includeLambda === true) args.push("--include-lambda");
|
|
104
|
+
if (input.includeLambda === false) args.push("--no-include-lambda");
|
|
105
|
+
if (input.includeEc2 === true) args.push("--include-ec2");
|
|
106
|
+
if (input.includeEc2 === false) args.push("--no-ec2");
|
|
107
|
+
if (input.includeAlb === true) args.push("--include-alb");
|
|
108
|
+
if (input.includeAlb === false) args.push("--no-include-alb");
|
|
109
|
+
if (input.includeAsg === true) args.push("--include-asg");
|
|
110
|
+
if (input.includeAsg === false) args.push("--no-include-asg");
|
|
111
|
+
if (input.includeRds === true) args.push("--include-rds");
|
|
112
|
+
if (input.includeRds === false) args.push("--no-include-rds");
|
|
113
|
+
if (input.includeElastiCache === true) args.push("--include-elasticache");
|
|
114
|
+
if (input.includeElastiCache === false) args.push("--no-include-elasticache");
|
|
115
|
+
if (input.includeRoute53 === true) args.push("--include-route53");
|
|
116
|
+
if (input.includeRoute53 === false) args.push("--no-include-route53");
|
|
117
|
+
|
|
103
118
|
if (input.publicOnly) args.push("--public-only");
|
|
104
119
|
if (input.managedOnly) args.push("--managed-only");
|
|
105
120
|
|
|
@@ -216,6 +231,14 @@ function tryParseJsonArray(text) {
|
|
|
216
231
|
function summarizeRecords(records) {
|
|
217
232
|
const summary = {
|
|
218
233
|
totalRecords: 0,
|
|
234
|
+
ec2Records: 0,
|
|
235
|
+
lambdaRecords: 0,
|
|
236
|
+
albRecords: 0,
|
|
237
|
+
targetGroupRecords: 0,
|
|
238
|
+
asgRecords: 0,
|
|
239
|
+
rdsRecords: 0,
|
|
240
|
+
elasticacheRecords: 0,
|
|
241
|
+
route53ZoneRecords: 0,
|
|
219
242
|
publicIpRecords: 0,
|
|
220
243
|
ssmManagedCount: 0,
|
|
221
244
|
ssmOnlineCount: 0,
|
|
@@ -230,6 +253,15 @@ function summarizeRecords(records) {
|
|
|
230
253
|
|
|
231
254
|
for (const item of Array.isArray(records) ? records : []) {
|
|
232
255
|
summary.totalRecords += 1;
|
|
256
|
+
const resourceType = item && item.resourceType ? String(item.resourceType).toLowerCase() : null;
|
|
257
|
+
if (resourceType === "ec2") summary.ec2Records += 1;
|
|
258
|
+
if (resourceType === "lambda") summary.lambdaRecords += 1;
|
|
259
|
+
if (resourceType === "alb") summary.albRecords += 1;
|
|
260
|
+
if (resourceType === "target_group") summary.targetGroupRecords += 1;
|
|
261
|
+
if (resourceType === "asg") summary.asgRecords += 1;
|
|
262
|
+
if (resourceType === "rds") summary.rdsRecords += 1;
|
|
263
|
+
if (resourceType === "elasticache") summary.elasticacheRecords += 1;
|
|
264
|
+
if (resourceType === "route53_zone") summary.route53ZoneRecords += 1;
|
|
233
265
|
if (item && item.publicIp) summary.publicIpRecords += 1;
|
|
234
266
|
if (item && item.ssmManaged === true) summary.ssmManagedCount += 1;
|
|
235
267
|
if (item && item.ssmOnline === true) summary.ssmOnlineCount += 1;
|
|
@@ -271,9 +303,9 @@ function guidanceForAction(action, args) {
|
|
|
271
303
|
title: "Manual action required",
|
|
272
304
|
steps: [
|
|
273
305
|
action && action.message ? action.message : "A manual action is required.",
|
|
274
|
-
action && action.hint ? action.hint : "After completing the action, reply '
|
|
306
|
+
action && action.hint ? action.hint : "After completing the action, reply '?熬곣뫁?? to continue."
|
|
275
307
|
],
|
|
276
|
-
confirmText: "
|
|
308
|
+
confirmText: "?브퀗??洹쏆쾸? ?熬곣뫁???濡?듆 '?熬곣뫁?????┑?????면썒??닔??? ?띠룇?? ??븐슙???怨쀬Ŧ ???吏?????熬곥굥由?뇦猿뗭쪠????덈펲."
|
|
277
309
|
};
|
|
278
310
|
|
|
279
311
|
switch (code) {
|
|
@@ -284,11 +316,11 @@ function guidanceForAction(action, args) {
|
|
|
284
316
|
code,
|
|
285
317
|
title: "AWS SSO login required",
|
|
286
318
|
steps: [
|
|
287
|
-
|
|
288
|
-
"
|
|
289
|
-
"
|
|
319
|
+
`????????????깅쾳 嶺뚮ㅏ援앲??????덈뺄??琉얠돪?? ${cmd}`,
|
|
320
|
+
"??곗뒧???? ?筌뤾쑴理?MFA???熬곣뫁???琉얠돪??",
|
|
321
|
+
"?熬곣뫁????'?熬곣뫁?????┑?????면썒??닔???"
|
|
290
322
|
],
|
|
291
|
-
confirmText: "SSO
|
|
323
|
+
confirmText: "SSO ?β돦裕??筌뤾쑴逾???硫명뀬???좊듆 '?熬곣뫁?????┑?????면썒??닔???"
|
|
292
324
|
};
|
|
293
325
|
}
|
|
294
326
|
case "AWS_CREDENTIALS_REQUIRED":
|
|
@@ -296,44 +328,44 @@ function guidanceForAction(action, args) {
|
|
|
296
328
|
code,
|
|
297
329
|
title: "AWS credentials required",
|
|
298
330
|
steps: [
|
|
299
|
-
"
|
|
300
|
-
"SSO
|
|
301
|
-
"
|
|
331
|
+
"??????熬곣뫁夷?熬곣뫗踰????遊꾤춯?밸퉾筌?????깆젧??琉얠돪??(SSO ???裕?access key).",
|
|
332
|
+
"SSO??寃밸듆 'aws configure sso --profile <profile>' ???β돦裕??筌뤿굝由?筌뤾쑴??",
|
|
333
|
+
"?熬곣뫁????'?熬곣뫁?????┑?????면썒??닔???"
|
|
302
334
|
],
|
|
303
|
-
confirmText: "
|
|
335
|
+
confirmText: "???遊꾤춯?밸퉾筌????깆젧/?β돦裕??筌뤾쑴逾???硫명뀬???좊듆 '?熬곣뫁?????┑?????면썒??닔???"
|
|
304
336
|
};
|
|
305
337
|
case "SET_SSM_INSTANCE_PROFILE":
|
|
306
338
|
return {
|
|
307
339
|
code,
|
|
308
340
|
title: "SSM remediation target missing",
|
|
309
341
|
steps: [
|
|
310
|
-
"
|
|
311
|
-
"
|
|
312
|
-
"
|
|
342
|
+
"???吏??곌랜踰?袁ㅻご??????濡?졎嶺?instance profile ???藥????裕?ARN??嶺뚯솘??筌먐삵돵????紐껊퉵??",
|
|
343
|
+
"???깅쾳 ?????繞???濡る룎????節띾쐾 ?熬곣뫀堉??琉얠돪?? --ssm-instance-profile-name ???裕?--ssm-instance-profile-arn",
|
|
344
|
+
"?熬곣뫁????'?熬곣뫁?????┑?????면썒??닔???"
|
|
313
345
|
],
|
|
314
|
-
confirmText: "
|
|
346
|
+
confirmText: "?熬곣뫁夷???逾?????⑤챷諭?嶺뚯솘??筌먐삳빳???좊듆 '?熬곣뫁?????┑?????면썒??닔???"
|
|
315
347
|
};
|
|
316
348
|
case "SSM_ROLE_OR_AGENT_REQUIRED":
|
|
317
349
|
return {
|
|
318
350
|
code,
|
|
319
351
|
title: "Instance is not SSM managed",
|
|
320
352
|
steps: [
|
|
321
|
-
"
|
|
322
|
-
"SSM Agent
|
|
323
|
-
"
|
|
353
|
+
"?筌뤾쑬裕??怨룸츩 ?????AmazonSSMManagedInstanceCore???????琉얠돪??",
|
|
354
|
+
"SSM Agent?? ???덈콦??怨뚯씩(SSM endpoint/?筌뤿굛????롪퍔?δ빳??띠럾? ?筌먦끆留?筌? ?筌먦끉逾??琉얠돪??",
|
|
355
|
+
"?熬곣뫁????'?熬곣뫁?????┑?????면썒??닔???"
|
|
324
356
|
],
|
|
325
|
-
confirmText: "SSM
|
|
357
|
+
confirmText: "SSM ??㉱????⑤객臾???브퀗?????덈펲嶺?'?熬곣뫁?????┑?????면썒??닔???"
|
|
326
358
|
};
|
|
327
359
|
case "INSTANCE_HAS_PROFILE":
|
|
328
360
|
return {
|
|
329
361
|
code,
|
|
330
362
|
title: "Existing instance profile detected",
|
|
331
363
|
steps: [
|
|
332
|
-
"
|
|
333
|
-
"
|
|
334
|
-
"
|
|
364
|
+
"?リ옇????筌뤾쑬裕??怨룸츩 ?熬곣뫁夷???逾?????곕????덈펲.",
|
|
365
|
+
"??ルㅎ臾?1: ?リ옇????????筌먦끉???SSM 雅?굝??뇡???怨뺣뼺???紐껊퉵??",
|
|
366
|
+
"??ルㅎ臾?2: ???吏???흮?우뮁紐???믨퀡由?춯?allowReplaceProfile=true ??????熬곥굥????덈펲."
|
|
335
367
|
],
|
|
336
|
-
confirmText: "
|
|
368
|
+
confirmText: "??⑤챷????꾩렮維뽬떋???筌먐삳빳???좊듆 '?熬곣뫁?????┑?????면썒??닔???"
|
|
337
369
|
};
|
|
338
370
|
case "IAM_PROFILE_ASSOCIATION_FAILED":
|
|
339
371
|
case "IAM_PROFILE_REPLACE_FAILED":
|
|
@@ -341,22 +373,88 @@ function guidanceForAction(action, args) {
|
|
|
341
373
|
code,
|
|
342
374
|
title: "Missing IAM permission for remediation",
|
|
343
375
|
steps: [
|
|
344
|
-
"
|
|
345
|
-
"
|
|
346
|
-
"
|
|
376
|
+
"???덈뺄 ?낅슣?섊뙼??EC2 ?筌뤾쑬裕??怨룸츩 ?熬곣뫁夷???逾???⑤슡????흮??雅?굝??뇡???遊붋????筌뤾쑴??",
|
|
377
|
+
"?熬곣뫗??雅?굝??뇡? ec2:AssociateIamInstanceProfile, ec2:ReplaceIamInstanceProfileAssociation(??흮????, iam:PassRole",
|
|
378
|
+
"?熬곣뫁????'?熬곣뫁?????┑?????면썒??닔???"
|
|
347
379
|
],
|
|
348
|
-
confirmText: "IAM
|
|
380
|
+
confirmText: "IAM 雅?굝??뇡??꾩룇瑗?????硫명뀬???좊듆 '?熬곣뫁?????┑?????면썒??닔???"
|
|
349
381
|
};
|
|
350
382
|
case "SSM_RUNCOMMAND_PERMISSION_REQUIRED":
|
|
351
383
|
return {
|
|
352
384
|
code,
|
|
353
385
|
title: "Missing SSM RunCommand permission",
|
|
354
386
|
steps: [
|
|
355
|
-
"
|
|
356
|
-
"
|
|
357
|
-
"
|
|
387
|
+
"???덈뺄 ?낅슣?섊뙼??SSM 嶺뚮ㅏ援앲??雅?굝??뇡???遊붋????筌뤾쑴??",
|
|
388
|
+
"?熬곣뫗??雅?굝??뇡? ssm:SendCommand, ssm:GetCommandInvocation",
|
|
389
|
+
"?熬곣뫁????'?熬곣뫁?????┑?????면썒??닔???"
|
|
390
|
+
],
|
|
391
|
+
confirmText: "SSM 雅?굝??뇡??꾩룇瑗?????硫명뀬???좊듆 '?熬곣뫁?????┑?????면썒??닔???"
|
|
392
|
+
};
|
|
393
|
+
case "LAMBDA_LIST_PERMISSION_REQUIRED":
|
|
394
|
+
return {
|
|
395
|
+
code,
|
|
396
|
+
title: "Missing Lambda list permission",
|
|
397
|
+
steps: [
|
|
398
|
+
"??쎈뻬 雅뚯눘猿??Lambda 鈺곌퀬??亦낅슦釉???봔鈺곌퉲鍮??덈뼄.",
|
|
399
|
+
"?袁⑹뒄 亦낅슦釉? lambda:ListFunctions",
|
|
400
|
+
"亦낅슦釉?獄쏆꼷????'??袁⑥┷'??⑦????젻雅뚯눘苑??"
|
|
401
|
+
],
|
|
402
|
+
confirmText: "Lambda 亦낅슦釉?獄쏆꼷?????멸돌筌?'??袁⑥┷'??⑦????젻雅뚯눘苑??"
|
|
403
|
+
};
|
|
404
|
+
case "ELBV2_LIST_PERMISSION_REQUIRED":
|
|
405
|
+
return {
|
|
406
|
+
code,
|
|
407
|
+
title: "Missing ELBv2 list permission",
|
|
408
|
+
steps: [
|
|
409
|
+
"Grant permissions to list load balancers and target groups.",
|
|
410
|
+
"Required: elasticloadbalancing:DescribeLoadBalancers and elasticloadbalancing:DescribeTargetGroups.",
|
|
411
|
+
"Retry after permission update."
|
|
412
|
+
],
|
|
413
|
+
confirmText: "After ELBv2 permission update, reply 'completed' and retry."
|
|
414
|
+
};
|
|
415
|
+
case "ASG_LIST_PERMISSION_REQUIRED":
|
|
416
|
+
return {
|
|
417
|
+
code,
|
|
418
|
+
title: "Missing Auto Scaling list permission",
|
|
419
|
+
steps: [
|
|
420
|
+
"Grant permission to read Auto Scaling Groups.",
|
|
421
|
+
"Required: autoscaling:DescribeAutoScalingGroups.",
|
|
422
|
+
"Retry after permission update."
|
|
423
|
+
],
|
|
424
|
+
confirmText: "After Auto Scaling permission update, reply 'completed' and retry."
|
|
425
|
+
};
|
|
426
|
+
case "RDS_LIST_PERMISSION_REQUIRED":
|
|
427
|
+
return {
|
|
428
|
+
code,
|
|
429
|
+
title: "Missing RDS list permission",
|
|
430
|
+
steps: [
|
|
431
|
+
"Grant permission to list RDS DB instances.",
|
|
432
|
+
"Required: rds:DescribeDBInstances.",
|
|
433
|
+
"Retry after permission update."
|
|
434
|
+
],
|
|
435
|
+
confirmText: "After RDS permission update, reply 'completed' and retry."
|
|
436
|
+
};
|
|
437
|
+
case "ELASTICACHE_LIST_PERMISSION_REQUIRED":
|
|
438
|
+
return {
|
|
439
|
+
code,
|
|
440
|
+
title: "Missing ElastiCache list permission",
|
|
441
|
+
steps: [
|
|
442
|
+
"Grant permission to list ElastiCache clusters.",
|
|
443
|
+
"Required: elasticache:DescribeCacheClusters.",
|
|
444
|
+
"Retry after permission update."
|
|
445
|
+
],
|
|
446
|
+
confirmText: "After ElastiCache permission update, reply 'completed' and retry."
|
|
447
|
+
};
|
|
448
|
+
case "ROUTE53_LIST_PERMISSION_REQUIRED":
|
|
449
|
+
return {
|
|
450
|
+
code,
|
|
451
|
+
title: "Missing Route53 list permission",
|
|
452
|
+
steps: [
|
|
453
|
+
"Grant permission to list Route53 hosted zones.",
|
|
454
|
+
"Required: route53:ListHostedZones (and route53:ListResourceRecordSets for record counts).",
|
|
455
|
+
"Retry after permission update."
|
|
358
456
|
],
|
|
359
|
-
confirmText: "
|
|
457
|
+
confirmText: "After Route53 permission update, reply 'completed' and retry."
|
|
360
458
|
};
|
|
361
459
|
default:
|
|
362
460
|
return defaultItem;
|
|
@@ -393,7 +491,7 @@ function buildAgentGuidance(requiredActions, toolName, args) {
|
|
|
393
491
|
autoRetryRecommended: true,
|
|
394
492
|
retryTool: toolName,
|
|
395
493
|
retryArgs: args,
|
|
396
|
-
completionTrigger: "사용자가 '완료' 또는 조치
|
|
494
|
+
completionTrigger: "사용자가 '완료' 또는 조치 완료 의사를 전달하면 같은 입력으로 재시도",
|
|
397
495
|
userChecklist: items,
|
|
398
496
|
assistantMessageTemplate: lines.join("\n")
|
|
399
497
|
};
|
|
@@ -408,6 +506,13 @@ function toolSchema() {
|
|
|
408
506
|
profiles: z.array(z.string().min(1)).optional().describe("Optional AWS profiles."),
|
|
409
507
|
regions: z.array(z.string().min(1)).optional().describe("Optional AWS regions."),
|
|
410
508
|
instanceIds: z.array(z.string().min(1)).optional().describe("Optional EC2 instance ids."),
|
|
509
|
+
includeLambda: z.boolean().optional().describe("If true, include Lambda inventory."),
|
|
510
|
+
includeEc2: z.boolean().optional().describe("If false, skip EC2 inventory."),
|
|
511
|
+
includeAlb: z.boolean().optional().describe("If true, include ALB/NLB and target group inventory."),
|
|
512
|
+
includeAsg: z.boolean().optional().describe("If true, include Auto Scaling Group inventory."),
|
|
513
|
+
includeRds: z.boolean().optional().describe("If true, include RDS DB instance inventory."),
|
|
514
|
+
includeElastiCache: z.boolean().optional().describe("If true, include ElastiCache cluster inventory."),
|
|
515
|
+
includeRoute53: z.boolean().optional().describe("If true, include Route53 hosted zone inventory."),
|
|
411
516
|
publicOnly: z.boolean().optional().describe("If true, include only public IPv4 instances."),
|
|
412
517
|
managedOnly: z.boolean().optional().describe("If true, include only SSM-managed instances."),
|
|
413
518
|
autoRemediateSsm: z.boolean().optional().describe("If true, try attaching/replacing instance profile for unmanaged instances."),
|
|
@@ -548,15 +653,15 @@ async function registerTools(server) {
|
|
|
548
653
|
registerDiscoverTool(
|
|
549
654
|
server,
|
|
550
655
|
"discover_ec2_with_ssm",
|
|
551
|
-
"Discover
|
|
552
|
-
"Runs mcp-aws-manager
|
|
656
|
+
"Discover AWS Inventory (multi-service + SSM runtime)",
|
|
657
|
+
"Runs mcp-aws-manager and returns inventory across EC2/Lambda/ALB/ASG/RDS/ElastiCache/Route53 with optional SSM runtime snapshots."
|
|
553
658
|
);
|
|
554
659
|
|
|
555
660
|
registerDiscoverTool(
|
|
556
661
|
server,
|
|
557
662
|
"discover_public_ec2_with_pem",
|
|
558
|
-
"Discover
|
|
559
|
-
"Compatibility alias. Internally runs the same
|
|
663
|
+
"Discover AWS Inventory (compat alias)",
|
|
664
|
+
"Compatibility alias. Internally runs the same multi-service discovery flow."
|
|
560
665
|
);
|
|
561
666
|
|
|
562
667
|
server.registerTool(
|