iam-policy-autopilot
Verified Safeby awslabs
Overview
Generates baseline AWS IAM identity-based policies from application source code (Python, Go, TypeScript) and helps fix AccessDenied errors, primarily for AI coding assistants.
Installation
iam-policy-autopilot mcp-serverEnvironment Variables
- AWS_PROFILE
- AWS_REGION
Security Notes
The tool directly modifies AWS IAM policies in an account via the `apply` command. While it includes guardrails (e.g., account mismatch checks, rejection of root users/service-linked roles, and default confirmation prompts for `fix-access-denied` in CLI), its core function is a high-privilege operation. Policies generated and applied should always be carefully reviewed by a human before deployment to ensure they align with security requirements and the principle of least privilege. The `install.sh` script downloads and executes a binary from GitHub releases, which is a common pattern but presents a supply chain risk if the repository or distribution channel were compromised.
Similar Servers
code-assistant
Standardizes communication between code editors and AI coding agents, enabling autonomous code analysis and modification via command-line, GUI, or server modes.
VibeShift
VibeShift is an intelligent security agent that integrates with AI coding assistants to analyze AI-generated code for vulnerabilities, suggest remediations, and facilitate web test recording, crawling, and execution.
CodeMCP
Provides deep code intelligence (symbol navigation, impact analysis, architecture maps, ownership, risk assessment) to AI assistants, CLI, and HTTP API.
codebase-context
Provides AI coding agents with real-time, context-rich insights into a codebase's patterns, libraries, architecture, and conventions to improve code generation quality and alignment with team standards.