Esta página se muestra en inglés. Una traducción al español está en curso.
MCP ConfigsMay 14, 2026·2 min de lectura

IAM Policy Autopilot — CLI + MCP for AWS IAM

IAM Policy Autopilot generates baseline IAM policies from source code via CLI or MCP; verified 357★ and supports stdio/http transports.

MCP Hub
MCP Hub · Community
Listo para agents

Este activo puede ser leído e instalado directamente por agents

TokRepo expone un comando CLI universal, contrato de instalación, metadata JSON, plan según adaptador y contenido raw para que los agents evalúen compatibilidad, riesgo y próximos pasos.

Native · 94/100Política: permitir
Superficie agent
Cualquier agent MCP/CLI
Tipo
Mcp
Instalación
Pip
Confianza
Confianza: Established
Entrada
iam-policy-autopilot mcp-server --transport stdio
Comando CLI universal
npx tokrepo install 27f7518e-239c-5a07-8880-4ef8cf764522
contrato de instalaciónJSON de metadataplan adaptadorcontenido raw
Introducción

IAM Policy Autopilot generates baseline IAM policies from source code via CLI or MCP; verified 357★ and supports stdio/http transports.

Best for: AWS teams who want deterministic policy scaffolding and faster AccessDenied debugging with an AI assistant

Works with: Python/Go/TS/JS/Java AWS SDK codebases; works with MCP clients via mcp-server

Setup time: 10-20 minutes

Key facts (verified)

  • GitHub: 357 stars · 38 forks · pushed 2026-05-13.
  • License: Apache-2.0 · owner avatar + repo URL verified via GitHub API.
  • README-backed entrypoint: iam-policy-autopilot mcp-server --transport stdio.

Main

  • Treat output as a baseline: review policies before deployment and narrow resources/conditions to your actual boundaries.

  • Use CLI explanations to trace why actions were included; keep that explanation as evidence in code review.

  • Prefer MCP integration for agent workflows, but still enforce least privilege at the IaC layer (ARNs, boundaries, SCPs).

Source-backed notes

  • README lists three CLI commands: generate-policies, fix-access-denied, and mcp-server.
  • README notes mcp-server supports stdio (default) and http transports (example: --transport http).
  • README describes deterministic local code analysis to generate identity-based policies across multiple languages.

FAQ

  • Does this guarantee least privilege?: No — it generates a baseline; you still need review and resource scoping.
  • What if resources are chosen at runtime?: README notes it can’t predict dynamic values; add conditions/ARN constraints manually.
  • Should I use CLI or MCP?: Use CLI for one-offs; use MCP when an agent should call tools during iteration.
🙏

Fuente y agradecimientos

Source: https://github.com/awslabs/iam-policy-autopilot > License: Apache-2.0 > GitHub stars: 357 · forks: 38

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados

AWS MCP Servers — Official AWS Integration

Official MCP servers for AWS by Amazon. Connect AI agents to S3, Lambda, CloudWatch, Bedrock, CDK, and more AWS services. Secure IAM-based auth. 8.6K+ stars.

MCP Configs
MCP Hub

slack-mcp-server — Slack MCP with Stealth/OAuth

Slack MCP server for channels, DMs, search, and smart history fetch via stdio/SSE/HTTP transports; verified 1594★, pushed 2026-04-30.

MCP Configs
MCP Hub

Argo CD MCP — Manage Argo Apps via MCP

Argo CD MCP server connects MCP clients to Argo CD app/resource operations over stdio/HTTP; verified 462★ and pushed 2026-05-03.

MCP Configs
MCP Hub

kubernetes-mcp-server — Kubernetes Tools via MCP

kubernetes-mcp-server exposes Kubernetes operations to MCP clients with npx/uvx/binary run modes; verified 1584★ and pushed 2026-05-14.

MCP Configs
MCP Hub
Inicio🔍Buscar👤Yo