Cette page est affichée en anglais. Une traduction française est en cours.
MCP ConfigsMay 14, 2026·2 min de lecture

IAM Policy Autopilot — CLI + MCP for AWS IAM

IAM Policy Autopilot generates baseline IAM policies from source code via CLI or MCP; verified 357★ and supports stdio/http transports.

MCP Hub
MCP Hub · Community
Prêt pour agents

Cet actif peut être lu et installé directement par les agents

TokRepo expose une commande CLI universelle, un contrat d'installation, le metadata JSON, un plan selon l'adaptateur et le contenu raw pour aider les agents à juger l'adaptation, le risque et les prochaines actions.

Native · 94/100Policy : autoriser
Surface agent
Tout agent MCP/CLI
Type
Mcp
Installation
Pip
Confiance
Confiance : Established
Point d'entrée
iam-policy-autopilot mcp-server --transport stdio
Commande CLI universelle
npx tokrepo install 27f7518e-239c-5a07-8880-4ef8cf764522
contrat d'installationJSON metadataplan adaptateurcontenu raw
Introduction

IAM Policy Autopilot generates baseline IAM policies from source code via CLI or MCP; verified 357★ and supports stdio/http transports.

Best for: AWS teams who want deterministic policy scaffolding and faster AccessDenied debugging with an AI assistant

Works with: Python/Go/TS/JS/Java AWS SDK codebases; works with MCP clients via mcp-server

Setup time: 10-20 minutes

Key facts (verified)

  • GitHub: 357 stars · 38 forks · pushed 2026-05-13.
  • License: Apache-2.0 · owner avatar + repo URL verified via GitHub API.
  • README-backed entrypoint: iam-policy-autopilot mcp-server --transport stdio.

Main

  • Treat output as a baseline: review policies before deployment and narrow resources/conditions to your actual boundaries.

  • Use CLI explanations to trace why actions were included; keep that explanation as evidence in code review.

  • Prefer MCP integration for agent workflows, but still enforce least privilege at the IaC layer (ARNs, boundaries, SCPs).

Source-backed notes

  • README lists three CLI commands: generate-policies, fix-access-denied, and mcp-server.
  • README notes mcp-server supports stdio (default) and http transports (example: --transport http).
  • README describes deterministic local code analysis to generate identity-based policies across multiple languages.

FAQ

  • Does this guarantee least privilege?: No — it generates a baseline; you still need review and resource scoping.
  • What if resources are chosen at runtime?: README notes it can’t predict dynamic values; add conditions/ARN constraints manually.
  • Should I use CLI or MCP?: Use CLI for one-offs; use MCP when an agent should call tools during iteration.
🙏

Source et remerciements

Source: https://github.com/awslabs/iam-policy-autopilot > License: Apache-2.0 > GitHub stars: 357 · forks: 38

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

AWS MCP Servers — Official AWS Integration

Official MCP servers for AWS by Amazon. Connect AI agents to S3, Lambda, CloudWatch, Bedrock, CDK, and more AWS services. Secure IAM-based auth. 8.6K+ stars.

MCP Configs
MCP Hub

slack-mcp-server — Slack MCP with Stealth/OAuth

Slack MCP server for channels, DMs, search, and smart history fetch via stdio/SSE/HTTP transports; verified 1594★, pushed 2026-04-30.

MCP Configs
MCP Hub

Argo CD MCP — Manage Argo Apps via MCP

Argo CD MCP server connects MCP clients to Argo CD app/resource operations over stdio/HTTP; verified 462★ and pushed 2026-05-03.

MCP Configs
MCP Hub

kubernetes-mcp-server — Kubernetes Tools via MCP

kubernetes-mcp-server exposes Kubernetes operations to MCP clients with npx/uvx/binary run modes; verified 1584★ and pushed 2026-05-14.

MCP Configs
MCP Hub
Accueil🔍Rechercher👤Moi