Critical-risk tools in AWS IoT SiteWise MCP Server
7 of the 72 tools in AWS IoT SiteWise MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
delete_assetDestructiveDelete an asset. Args: asset_id: The ID of the asset to delete. Accepts UUID format (12345678-1234-1234-1234-123456789012) or external ID format (externalId:my...
-
delete_asset_modelDestructiveDelete an asset model. Args: asset_model_id: The ID of the asset model to delete. Accepts UUID format (12345678-1234-1234-1234-123456789012) or external ...
-
delete_computation_modelDestructiveDelete a computation model in AWS IoT SiteWise. This action permanently deletes a computation model and cannot be undone. Args: computation_model_id: The ID of the computa...
-
delete_gatewayDestructiveDelete a gateway. Args: gateway_id: The ID of the gateway to delete region: AWS region (default: us-east-1) Returns: Dictionary containing deletion response
-
delete_time_seriesDestructiveDelete a time series (data stream). Args: alias: The alias that identifies the time series asset_id: The ID of the asset in which the asset property was created pro...
-
cancel_metadata_transfer_jobFinancialCancel a metadata transfer job. Args: metadata_transfer_job_id: The ID of the metadata transfer job to cancel region: AWS region (default: us-east-1) Returns: Dict...
-
create_metadata_transfer_jobFinancialCreate a new metadata transfer job for bulk import/export operations between S3 and IoT SiteWise. This tool provides a user-friendly way to set up metadata transfer jobs with s...
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.