iam-lens-mcp
Verified Safeby agarabhishek
Overview
Provides AWS IAM analysis capabilities through a Model Context Protocol (MCP) server, enabling AI assistants to query and simulate IAM permissions and configurations using natural language.
Installation
uv run --directory <path_to_iam-lens-mcp> python iam_lens_server.pyEnvironment Variables
- COLLECT_CONFIGS
Security Notes
The server uses `subprocess.create_subprocess_exec` to run the `iam-lens` CLI tool, passing arguments as a list which mitigates shell injection risks. File path operations for direct IAM data analysis use `Path.resolve()` and `startswith` checks to prevent path traversal vulnerabilities. No `eval` or obviously dangerous patterns are present. The primary external risk would come from the `iam-lens` CLI tool itself or the contents of the `iam-collect` data.
Similar Servers
octocode-mcp
The Octocode Research server enables AI agents to perform expert code forensics and deep-dive research across local filesystems (LSP, ripgrep, file I/O) and external GitHub repositories (code search, repo structure, pull requests, package search). It's optimized for architectural analysis, pattern discovery, and implementation planning.
iam-policy-autopilot
Generates baseline AWS IAM identity-based policies from application source code (Python, Go, TypeScript) and helps fix AccessDenied errors, primarily for AI coding assistants.
aws-mcp-server
The AWS MCP Server allows AI assistants to execute AWS CLI commands and access AWS environment context, providing a powerful interface for cloud management and automation.
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.