A community-driven registry for Claude, Cursor, Windsurf, Cline & more. Not affiliated with Anthropic.
Are you the author? Sign in to claim
Conversational cloud security compliance auditing. MCP server enabling natural language queries about AWS security postu
A Model Context Protocol (MCP) server for AWS cloud compliance auditing.
This MCP server aims to automate cloud compliance reporting for major security frameworks including SOC2, NIST, and PCI-DSS. Instead of manually gathering evidence and checking hundreds of controls across your AWS infrastructure, you'll be able to have a conversation with Claude to generate comprehensive compliance reports.
The vision is to transform compliance auditing from a manual, time-consuming process into an intelligent, conversational experience where you can ask questions like:
Currently, the project supports S3 bucket compliance checks across multiple compliance frameworks, with plans to expand to full AWS service coverage and automated report generation.
# Clone the repository
git clone https://github.com/uprightsleepy/mcp-cloud-compliance.git
cd mcp-cloud-compliance
# Build the project
mvn clean package
mvn spring-boot:run
java -jar target/cloud-compliance-mcp-0.1.0.jar
Add this to your Claude configuration file:
macOS/Linux: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
{
"mcpServers": {
"cloud-compliance": {
"command": "java",
"args": ["-jar", "/absolute/path/to/mcp-cloud-compliance/target/cloud-compliance-mcp-0.1.0.jar"]
}
}
}
Restart Claude Desktop and look for the 🔨 icon to confirm the server is connected.
Once connected to Claude, you can interact with your cloud compliance setup conversationally:
"Check SOC2 compliance for storage resources"
"What's my current NIST compliance status?"
"Show me CIS benchmark compliance for my S3 buckets"
"List my S3 buckets in us-west-2"
"Show me all storage resources across regions"
"What buckets were created this month?"
"Generate a compliance summary report"
"Show me all non-compliant resources"
"What are the high-severity compliance findings?"
health_check - Verify server is runninglist_supported_standards - Get supported compliance frameworkslist_supported_resource_types - Get available resource types for compliance checkinglist_s3_buckets - List S3 buckets with detailed metadata by regioncheck_resource_compliance - Check compliance status against specific standards# Run all tests
mvn test
# Run with coverage report
mvn clean test jacoco:report
# View coverage report
open target/site/jacoco/index.html
The easiest way to see the tool in action is through the conversational interface:
The assistant confirms storage resources are fully compliant with SOC 2 standards, showing no compliance issues or findings.
Lists S3 buckets organized by category: Production/Application buckets (Shareframe services), System/Diagnostic buckets, and Test buckets with creation dates.
Shows the three supported compliance standards with descriptions of their focus areas: security controls, configuration benchmarks, and risk management.
Contributions are welcome! Whether you're adding new compliance checks, improving documentation, or fixing bugs, we appreciate your help. Please feel free to:
For major changes, please open an issue first to discuss what you would like to change.
MIT
MCP server integration for DaVinci Resolve Studio
mcp-language-server gives MCP enabled clients access semantic tools like get definition, references, rename, and diagnos
Run Claude Code as an MCP server so any agent can delegate coding tasks to it
@microsoft✓ OfficialBrowser automation using accessibility snapshots instead of screenshots