AWS has introduced new IAM context keys, aws:ViaAWSMCPService and aws:CalledViaAWSMCP, to track traffic flowing through its managed MCP service. While these keys enhance security by preventing direct deletion of S3 objects when requests are routed through the MCP, they do not propagate through downstream services like Lambda. This means that code executed within a Lambda function, even if invoked by an MCP-routed request, can still perform actions like deleting S3 objects if its own execution role permits it. The article highlights that this is not a security flaw but a consequence of how IAM operates, requiring explicit denies on downstream roles to fully secure such operations. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT Highlights potential gaps in cloud security controls for AI agents, necessitating careful policy configuration.
RANK_REASON The article details a nuanced security observation regarding AWS IAM policies and service interactions, akin to a research finding. [lever_c_demoted from research: ic=1 ai=0.4]