npm - mcp-aws-manager - Versions diffs - 0.3.2 → 0.3.3 - Mend

mcp-aws-manager 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/MCP_CLIENT_SETUP.md CHANGED Viewed

@@ -4,7 +4,6 @@ This project provides an MCP stdio wrapper around the SSM-first AWS operations C
 - Preferred CLI command: `mcp-aws-manager`
 - Preferred MCP server command: `mcp-aws-manager-mcp`
-- Compatibility aliases: `mcp-aws-discover`, `mcp-aws-discover-mcp`
 Exposed MCP tools:
@@ -29,19 +28,8 @@ mcp-aws-manager doctor
 ## Agent-Led Setup Flow
-When the user is unfamiliar with AWS setup, run this sequence through the agent:
-1. `mcp-aws-manager doctor`
-2. If AWS auth missing, guide:
-   - `aws configure sso --profile default`
-   - `aws sso login --profile default`
-3. Validate:
-   - `aws sts get-caller-identity --profile default`
-4. Validate MCP discovery path:
-   - `mcp-aws-manager discover --profiles default --no-progress`
-5. If `requiresUserAction=true`, ask for one manual action only, then retry same request.
-Manual user actions are typically limited to SSO browser/MFA and IAM approval.
+Detailed onboarding flow is maintained in `USAGE_GUIDE.md` ("Agent-Assisted First-Time Setup").
+This document only covers MCP server registration/configuration.
 ## Explicit Registration
@@ -115,8 +103,4 @@ Use only when automatic registration is unavailable in your environment.
 - Discovery is SSM-first for host/runtime access; PEM path arguments are no longer required.
 - Runtime execution uses this package's internal AWS SDK/CLI path only (no external AWS management MCP backend dependency).
-- Use include flags (`includeLambda`, `includeAlb`, `includeAsg`, `includeRds`, `includeElastiCache`, `includeRoute53`) to expand inventory scope.
-- Keep AWS credentials/profiles available on the host running MCP.
-- When `requiresUserAction=true` is returned, use `guidance.assistantMessageTemplate` to prompt the user, then retry with `guidance.retryTool` + `guidance.retryArgs` after user confirmation.
-- For auto remediation, pass `autoRemediateSsm` and an instance profile name/arn.
 - Supported setup clients: `codex`, `claude`, `cursor`, `windsurf`, `antigravity`.

package/README.md CHANGED Viewed

@@ -42,150 +42,14 @@ This ensures `mcp-aws-manager` is registered in detected clients (`codex`, `clau
 For first-time users, follow the agent-assisted onboarding flow in `USAGE_GUIDE.md` ("Agent-Assisted First-Time Setup").
-## Prerequisites
+## Document Map
-- Node.js `>=18`
-- AWS credentials/profile (or IAM role) on the machine running the CLI/MCP server
-- For runtime snapshots: SSM permissions (`ssm:SendCommand`, `ssm:GetCommandInvocation`, `ssm:DescribeInstanceInformation`)
-- For auto remediation: EC2/IAM permissions (`ec2:AssociateIamInstanceProfile`, optionally `ec2:ReplaceIamInstanceProfileAssociation`, `iam:PassRole`)
-- For ALB inventory: `elasticloadbalancing:DescribeLoadBalancers`, `elasticloadbalancing:DescribeTargetGroups`
-- For ASG inventory: `autoscaling:DescribeAutoScalingGroups`
-- For RDS inventory: `rds:DescribeDBInstances`
-- For ElastiCache inventory: `elasticache:DescribeCacheClusters`
-- For Route53 inventory: `route53:ListHostedZones` (record counts require `route53:ListResourceRecordSets`)
+- End-user setup and run commands: `USAGE_GUIDE.md`
+- MCP client registration and stdio config: `MCP_CLIENT_SETUP.md`
+- Agent retry/guidance loop template: `AGENT_GUIDANCE_LOOP_TEMPLATE_KO.md`
+- Implementation APIs/CLI wiring: `IMPLEMENTATION_INTEGRATIONS.md`
+- Positioning vs existing AWS MCPs: `MCP_DIFFERENTIATION.md`
-## Quick Start
-Bootstrap / setup / doctor:
-```bash
-mcp-aws-manager                     # bootstrap (default command)
-mcp-aws-manager setup              # register/re-register MCP server
-mcp-aws-manager doctor             # verify install + registration
-```
-Basic discovery:
-```bash
-mcp-aws-manager discover --profiles default
-```
-Include Lambda inventory together:
-```bash
-mcp-aws-manager discover --profiles default --include-lambda
-```
-Include core service topology (ALB/ASG/RDS/ElastiCache/Route53):
-```bash
-mcp-aws-manager discover \
-  --profiles default \
-  --include-alb --include-asg --include-rds --include-elasticache --include-route53
-```
-Lambda-only inventory:
-```bash
-mcp-aws-manager discover --profiles default --include-lambda --no-ec2 --no-runtime-snapshot
-```
-Only public IP instances:
-```bash
-mcp-aws-manager discover --profiles default --public-only
-```
-Collect runtime snapshots:
-```bash
-mcp-aws-manager discover --profiles default --runtime-snapshot
-```
-Try automatic remediation for unmanaged instances:
-```bash
-mcp-aws-manager discover \
-  --profiles default \
-  --auto-remediate-ssm \
-  --ssm-instance-profile-name MySsmInstanceProfile
-```
-Output CSV file:
-```bash
-mcp-aws-manager discover --profiles default --format csv --out ./inventory.csv
-```
-Compatibility note:
-- Legacy invocation without subcommand still works for discovery when options are passed.
-- Example: `mcp-aws-manager --profiles default --public-only`
-## MCP (LLM Tool) Usage
-Run as an MCP stdio server:
-```bash
-mcp-aws-manager-mcp
-```
-Exposed MCP tools:
-- `discover_ec2_with_ssm` (primary, multi-service inventory + SSM runtime)
-- `discover_public_ec2_with_pem` (compatibility alias, same behavior)
-- `mcp_aws_discover_cli_help`
-Example tool arguments:
-```json
-{
-  "profiles": ["default"],
-  "includeLambda": true,
-  "publicOnly": true,
-  "runtimeSnapshot": true,
-  "autoSsoLogin": true,
-  "noProgress": true
-}
-```
-## Human-in-the-loop Behavior
-When fully automatic execution is not possible, the CLI/MCP returns actionable guidance:
-- `ACTION_REQUIRED: [SSO_LOGIN_NEEDED] ...`
-- `ACTION_REQUIRED: [SSM_ROLE_OR_AGENT_REQUIRED] ...`
-- `ACTION_REQUIRED: [IAM_PROFILE_ASSOCIATION_FAILED] ...`
-- `ACTION_REQUIRED: [LAMBDA_LIST_PERMISSION_REQUIRED] ...`
-- `ACTION_REQUIRED: [ELBV2_LIST_PERMISSION_REQUIRED] ...`
-- `ACTION_REQUIRED: [ASG_LIST_PERMISSION_REQUIRED] ...`
-- `ACTION_REQUIRED: [RDS_LIST_PERMISSION_REQUIRED] ...`
-- `ACTION_REQUIRED: [ELASTICACHE_LIST_PERMISSION_REQUIRED] ...`
-- `ACTION_REQUIRED: [ROUTE53_LIST_PERMISSION_REQUIRED] ...`
-The MCP wrapper surfaces these in a structured `requiredActions` list and a `guidance` object (`assistantMessageTemplate`, `retryTool`, `retryArgs`).
-For agent orchestration, see:
-- `AGENT_GUIDANCE_LOOP_TEMPLATE_KO.md`
-## Security Notes
-- Prefer IAM role + SSM over SSH key based access.
-- Restrict RunCommand scopes with IAM policies and resource conditions.
-- Review remediation permissions before enabling `--auto-remediate-ssm`.
-## Compatibility Aliases
-These legacy commands are still available:
-- `mcp-aws-discover`
-- `mcp-aws-discover-mcp`
-## Differentiation Docs
+## Differentiation
 This project does not delegate runtime execution to other AWS management MCP servers.
-Implementation details and differentiation are documented in:
-- `IMPLEMENTATION_INTEGRATIONS.md` (implemented MCP/API/CLI inventory)
-- `MCP_DIFFERENTIATION.md` (differences from existing AWS management MCPs)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mcp-aws-manager",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "AWS operations CLI and MCP server (SSM-only) for EC2/Lambda inventory, remediation, and runtime snapshots",
   "license": "MIT",
   "publishConfig": {
@@ -18,9 +18,7 @@
   ],
   "bin": {
     "mcp-aws-manager": "bin/mcp-aws-manager.js",
-    "mcp-aws-manager-mcp": "bin/mcp-aws-manager-mcp.js",
-    "mcp-aws-discover": "bin/mcp-aws-manager.js",
-    "mcp-aws-discover-mcp": "bin/mcp-aws-manager-mcp.js"
+    "mcp-aws-manager-mcp": "bin/mcp-aws-manager-mcp.js"
   },
   "files": [
     "bin",