As your AWS infrastructure scales, operational workflows naturally develop extra advanced. SREs and DevOps Engineers spend important time context-switching between the AWS Administration Console, CLI documentation, and a number of service dashboards. They manually translate enterprise questions into the proper API syntax, chain calls throughout companies, and rebuild the identical integration patterns for every new use case.This friction compounds over time. Incident investigations require cross-referencing Amazon CloudWatch Logs, Amazon Elastic Compute Cloud (Amazon EC2) occasion states, and AWS Identification and Entry Administration (IAM) insurance policies throughout separate interfaces. Capability planning means manually querying a number of companies and assembling outcomes. Safety audits demand constant, repeatable API name sequences which might be time-consuming to script from scratch.
This submit reveals you the right way to use Amazon Bedrock AgentCore Runtime with Model Context Protocol (MCP) assist to attach Amazon Fast with AWS companies by means of the AWS API MCP Server, making a conversational AI assistant that interprets pure language into AWS Command Line Interface (AWS CLI) instructions, with out the necessity to change between instruments throughout important moments.
With Amazon Bedrock AgentCore Runtime and MCP assist, pure language queries translate on to AWS API calls. You may ask, “Present me all operating EC2 situations in us-east-1,” and get fast, correct outcomes with out switching between instruments or memorizing API syntax. Your requests run securely inside your current IAM permissions, with full Amazon CloudWatch audit trails for compliance. Moderately than rebuilding connection logic for every workflow, you’ll be able to standardize how AI brokers work together with AWS companies by means of a single, reusable integration. The next diagram reveals how Amazon Bedrock AgentCore Runtime connects Amazon Fast to AWS companies by means of the AWS API MCP Server.
The way it works for day by day operations:
- You ask a query in pure language: “Present operating EC2 situations in us-east-1”.
- The Amazon Fast customized agent interprets your intent.
- Amazon Cognito authenticates the request: Fast obtains a JWT token out of your Amazon Cognito person pool utilizing OAuth 2.0 shopper credentials stream with the Consumer ID and Consumer Secret you configured.
- The agent connects to AWS API MCP Server: The authenticated request reaches Amazon Bedrock AgentCore Runtime, which validates the JWT token in opposition to your Cognito id supplier configuration.
- AgentCore Runtime authorizes and routes the request: After validating your Cognito token, AgentCore Runtime securely invokes the AWS API MCP Server operating within the containerized atmosphere.
- The MCP server interprets your request: Your pure language question is transformed into the suitable AWS CLI command.
- AWS companies execute the command: Utilizing the IAM execution position you configured, the command runs with least-privilege permissions in opposition to AWS companies.
- Outcomes are returned in a readable format: No CLI syntax required. You get structured, readable outcomes instantly in your Fast interface.
Conditions
You should have the next conditions to comply with together with this submit.
Account and entry necessities:
- AWS account with administrative entry
- Amazon Fast Enterprise subscription (Skilled tier minimal)
- Entry to AWS Market – AWS API MCP Server
- IAM permissions to create:
- Amazon Cognito person swimming pools
- IAM roles and insurance policies
- Amazon Bedrock AgentCore Runtime brokers
- Amazon CloudWatch Log teams
Required software program and instruments:
- AWS CLI put in and configured (required for the URL encoding step within the walkthrough)
Required data and experience:
- Fundamental understanding of IAM roles and insurance policies (already listed)
- Familiarity with OAuth 2.0 authentication flows
- Understanding of JWT (JSON Net Token) ideas
Further info:
- Estimated completion time: 30–45 minutes
- Estimated month-to-month price: For a single Enterprise person operating roughly 500 queries monthly, the estimated price is roughly $292/month, primarily pushed by the Amazon Fast Enterprise subscription ($40/person/month) and infrastructure price ($250/account/month).
Arrange the answer
Handbook deployment
To implement the answer, full the next steps:
- Arrange an Amazon Cognito person pool – For authentication.
- Create IAM roles – For authorization.
- Create an Amazon Bedrock AgentCore Runtime agent.
- Configure Integrations in Amazon Fast for AWS API MCP Server.
- Create a customized chat agent in Amazon Fast.
Visible layouts in some screenshots on this submit may look completely different than these in your AWS Administration Console.
Arrange Amazon Cognito person pool
Amazon Cognito offers authentication and authorization on your software. On this resolution, you configure a Cognito person pool to generate JWT tokens that authenticate requests to the Amazon Bedrock AgentCore Runtime. With JWT authentication utilizing Amazon Cognito, you configure the authorizer throughout the CreateAgentRuntime operation, specifying your id supplier (IdP)-specific discovery URL and allowed purchasers. Your current agent code requires no modification. You add the authorizer configuration to your runtime deployment. When a calling entity or person invokes your agent, they go their IdP-specific entry token as a bearer token within the Authorization header. AgentCore Runtime makes use of AgentCore Identification to routinely validate this token in opposition to your configured authorizer and rejects unauthorized requests.
Create Amazon Cognito person pool for JWT authentication with distinctive software title and software sort as Machine-to-machine software as proven within the following screenshot. Present a reputation for the appliance after which select create person listing.
While you create a Cognito person pool with a machine-to-machine software, Amazon Cognito routinely creates a useful resource server on your software. The useful resource server defines customized OAuth 2.0 scopes that specify the permissions your software can request
From the newly created person pool menu, navigate to Branding and select Area. Choose the Useful resource server created and select edit. Add write scope to the customized scope and replace the descriptions for each learn and write.
The learn and write scopes management entry to the AWS API MCP Server:
- Learn scope – Permits the appliance to question AWS assets (for instance, itemizing EC2 situations or describing Amazon Easy Storage Service (Amazon S3) buckets).
- Write scope – Permits the appliance to change AWS assets (for instance, creating assets or updating configurations).
These scopes map to the IAM permissions that the MCP server makes use of when executing AWS CLI instructions on behalf of authenticated requests.
Create IAM roles
To run brokers or instruments in Amazon Bedrock AgentCore Runtime, you want an IAM execution position. For details about creating an IAM position, see IAM position creation.
Create the required belief coverage and execution position for Amazon Bedrock AgentCore Runtime. See IAM Permissions for AgentCore Runtime for extra particulars. Change YOUR_ACCOUNR_ID beneath together with your AWS account ID.
The next code is for the AgentCore Runtime belief coverage:
The next code is for the AgentCore Runtime execution position:
The next IAM coverage grants your execution position the permissions required to drag the AWS API MCP Server container picture and write runtime logs. The container picture is hosted in an AWS-managed public Amazon Elastic Container Registry (Amazon ECR) repository. You don’t must construct or keep the picture your self.
To seek out the most recent container URI, go to : AWS Market – AWS API MCP Server.
Connect particular permissions to the position that outline what actions it will possibly carry out in your behalf. This instance makes use of a scoped-down read-only coverage granting s3:ListBucket and s3:GetObject throughout all buckets. That is deliberately broad for discovery and exploration functions solely.
Observe: Utilizing a wildcard useful resource (arn:aws:s3:::*) grants entry to each S3 bucket in your account. That is acceptable for preliminary setup and testing however violates the precept of least privilege in manufacturing. Earlier than deploying to manufacturing, substitute the wildcard with particular bucket ARNs:
Instance Position:
Create Amazon Bedrock AgentCore Runtime agent
From Amazon AgentCore, select runtime from the menu, then select host/agent instrument. Present a novel title on your runtime agent. For Agent Supply, choose the ECR container choice and enter the picture URI from AWS Market.
On the identical web page, below permissions, choose the prevailing position created within the earlier step.
Within the inbound auth part on the identical web page, choose the MCP protocol and JWT token for inbound auth sort. For JWT schema configuration, use the prevailing id supplier configuration (the Cognito id pool created in step one).
Receive the invention URL out of your Cognito person pool info. Search for the Token signing key URL, which follows this format:https://cognito-idp.$REGION.amazonaws.com/$POOL_ID/.well-known/jwks.json
Change jwks.json with openid-configuration. Your closing URL ought to look just like this instance:
https://cognito-idp.us-east-1.amazonaws.com/us-east-1_ev5CwXjma/.well-known/openid-configuration
Add allowed purchasers to your configuration. Navigate to the App Consumer part in your Cognito person pool by selecting App Consumer within the left panel. Copy the shopper ID from the App shopper info and add it to the allowed purchasers part.
Configure superior settings on your AgentCore Runtime deployment. Beneath Superior configurations, hold the default community mode set to Public for this walkthrough. This permits the runtime to be reachable over the web throughout preliminary setup and testing.
For manufacturing deployments, select the VPC choice to limit community entry to personal, managed environments. That is the advisable method for workloads dealing with delicate knowledge or requiring community isolation. Subsequent, add your atmosphere variables as proven within the following part, then select Create agent.
AUTH_TYPE: “no-auth”AWS_API_MCP_HOST: “0.0.0.0”AWS_API_MCP_PORT: “8000”AWS_API_MCP_STATELESS_HTTP: “true”AWS_API_MCP_TRANSPORT: “streamable-http”AWS_API_MCP_ALLOWED_HOSTS= “*”AWS_API_MCP_ALLOWED_ORIGINS= “*”
Understanding AWS API authentication on AgentCore
| Variable | Description |
AWS_API_MCP_TRANSPORT |
Units the transport protocol to streamable HTTP for MCP communications. |
AWS_API_MCP_STATELESS_HTTP |
Allows stateless HTTP mode, required for streamable-http transport. |
AWS_API_MCP_PORT |
Port on which the MCP server listens for incoming requests. |
AWS_API_MCP_HOST |
Binds the server to obtainable community interfaces inside the container. |
AWS_API_MCP_ALLOWED_ORIGINS |
Permits requests from any origin. Acceptable inside the AgentCore Runtime managed execution atmosphere. |
AWS_API_MCP_ALLOWED_HOSTS |
Permits requests from any host. Scoped to the container community boundary enforced by AgentCore Runtime. |
AUTH_TYPE |
Disables MCP server-level authentication. Authentication is dealt with by AgentCore Runtime utilizing JWT token validation. For info, see the next safety be aware. |
The AUTH_TYPE is about to no-auth as a result of the MCP server itself doesn’t carry out authentication. That is intentional and protected when deploying by means of Amazon Bedrock AgentCore Runtime. AgentCore Runtime acts because the safety boundary. Earlier than a request reaches your MCP server container, AgentCore Runtime enforces JWT token validation. It verifies cryptographic signatures utilizing public keys from AgentCore Identification, validates token claims (issuer, viewers, expiration), and rejects requests that don’t current a sound OAuth 2.0 bearer token. In different phrases: the MCP server trusts that AgentCore Runtime has already authenticated the caller. This is similar sample utilized by inner microservices behind an API Gateway. The service itself doesn’t re-authenticate as a result of the gateway already did.
Observe: Don’t use AUTH_TYPE: no-auth for those who’re operating this MCP server outdoors of AgentCore Runtime (for instance, instantly on an EC2 occasion or as a standalone container). In that situation, the server can be uncovered with out an authentication layer.
The wildcard values for AWS_API_MCP_ALLOWED_HOSTS and AWS_API_MCP_ALLOWED_ORIGINS (*) are deliberately broad for this tutorial. In manufacturing, substitute these with the particular hostnames and origins your workload requires to implement least-privilege community entry.
Create customized chat agent in Amazon Fast
Now that you’ve got the AWS API MCP server operating in Amazon Bedrock AgentCore Runtime, let’s create a customized chat agent in Amazon Fast that can be utilized to execute AWS CLI instructions by means of pure language interactions.
Navigate to the Amazon Fast console, entry integration settings. Within the left navigation panel, select Integrations, then choose Actions. Add the MCP protocol integration to attach Amazon Fast together with your MCP server hosted on Amazon Bedrock AgentCore Runtime.
To configure the mixing particulars, enter integration metadata. Present a descriptive Title on your integration after which add a transparent Description explaining the mixing’s goal.
For endpoint configuration, retrieve your Amazon Bedrock AgentCore Runtime ARN. Navigate to your agent’s Instruments Particulars part. Copy the Runtime ARN from the Runtime part.
Instance ARN format:
arn:aws:bedrock-agentcore:us-east-1:123456789123:runtime/demoagent-LmNop08QoR
The tip level URL needs to be within the following format, substitute Area together with your AWS Area and comply with steps to create url encoded arn.
https://bedrock-agentcore.{area}.amazonaws.com/runtimes/{url-encoded-arn}/invocations?qualifier=DEFAULT
To create a URL-encoded ARN, run the next command in your terminal:
echo "YOUR_ARN" | sed 's/:/%3A/g; s///%2F/g'[System.Uri]::EscapeDataString("YOUR_ARN")Observe: The bash command requires Linux, macOS, or Home windows with WSL (Home windows Subsystem for Linux) put in. The Home windows PowerShell cmdlet works natively on Home windows programs with out extra dependencies.Lastly hold the allow auto-publishing choice enabled.To determine safe communication between Amazon Fast and the MCP server, configure service authentication utilizing your Amazon Cognito person pool credentials.
Observe: Amazon Cognito is a totally managed AWS id service that handles authentication and authorization on your functions. App shopper secrets and techniques are saved encrypted at relaxation and in transit. Your credentials aren’t transmitted in plaintext. Cognito additionally helps on-demand shopper secret rotation, so you’ll be able to keep as much as two energetic secrets and techniques per app shopper for zero-downtime rotation.
When prompted within the authentication settings web page, choose Service Authentication as your authentication methodology.
To seek out your Consumer ID and Consumer Secret:
- Open the Amazon Cognito console.
- Select Person Swimming pools, then choose your person pool.
- Within the left navigation pane, select App purchasers (below Functions).
- Choose your app shopper. The App shopper ID is displayed instantly on this web page.
- Select Present shopper secret to disclose the App shopper secret.
Observe: Deal with your Consumer Secret like a password. Retailer it securely utilizing AWS Secrets and techniques Supervisor for manufacturing deployments. Don’t embed it in client-side code or model management.
For the Token URL, assemble it utilizing your person pool’s area:
- Within the left navigation pane of your person pool, scroll right down to Branding part.
- Select Area. Your Cognito area is displayed right here within the format:
https://your-domain.auth.area.amazoncognito.com - Append
/oauth2/token to this area to type your full token endpoint:https://your-domain.auth.area.amazoncognito.com/oauth2/token
After you’ve entered the Consumer ID, Consumer Secret, and Token URL, select Create and Proceed.
Observe: Inside Amazon Fast, your credentials are encrypted utilizing AWS Key Administration Service (AWS KMS). By default, Fast makes use of a service-managed AWS KMS key to encrypt knowledge supply credentials and OAuth tokens. For organizations with stricter compliance necessities, account directors can configure buyer managed keys to keep up full management over encryption key lifecycle, together with the flexibility to revoke entry immediately and keep an auditable log of credential entry.
Subsequent, set the sharing preferences for this motion. Select whether or not to share this motion with different crew members and configure acceptable entry permissions. Select Carried out and confirm that the motion seems within the Actions part.
Now let’s construct a conversational agent that interprets pure language into AWS CLI instructions. Navigate to agent creation in Amazon Fast console, within the left panel, select Customized Brokers, then select Create Chat Agent.
Configure the agent with a descriptive immediate:
Immediate: Create a conversational agent that enables customers to execute AWS CLI instructions utilizing pure language. Interprets person requests into acceptable AWS API calls by means of the aws-api-mcp connector.
Amazon Fast routinely detects and selects the MCP connector based mostly in your immediate. Confirm that the proper integration is related together with your agent. Select Launch Agent to make it obtainable for testing.
Automated deployment
For automated deployment, comply with the directions in GitHub to deploy the AWS API MCP server in Amazon Bedrock Runtime.Moreover, to deploy Cognito person pool and app shopper, comply with the AWS documentation directions below the Appendix part in Arrange Cognito person pool for authentication.
Lastly, for establishing the mixing between Amazon Fast and AWS API MCP server, comply with the steps talked about within the part Create Customized Chat Agent in Amazon Fast.
Take a look at the answer
To validate your customized chat agent performance, entry the chat interface on your newly created customized chat agent and check pure language instructions:
Immediate: Present operating EC2 situations within the us-east-1 area.
Clear up
To keep away from incurring ongoing expenses, clear up the assets that you just created as a part of this resolution.
- Delete the Amazon Fast assets. Take away the Amazon Fast options that you just enabled, together with your customized chat agent, Areas, and Flows.
- Take away the MCP integration. Delete the Amazon Fast MCP motion that you just created.
- Clear up Amazon Bedrock assets. Delete the Amazon Bedrock AgentCore agent and its related IAM execution position.
- Delete the Amazon Cognito person pool. Lastly, take away the Amazon Cognito person pool that you just created for authentication.
Conclusion
On this submit, you discovered the right way to join Amazon Fast with AWS companies utilizing Amazon Bedrock AgentCore Runtime and the AWS API MCP Server. While you standardize how AI brokers work together together with your infrastructure by means of MCP, you’ll be able to keep away from the necessity to rebuild customized integration patterns for every new use case.
From right here, you’ll be able to lengthen this sample to automate widespread operational queries. You can too construct domain-specific brokers for safety, price optimization, or capability planning, and combine with incident administration workflows utilizing Amazon Fast Flows and Amazon Fast Automate. The result’s a extra constant, safe, and environment friendly approach to handle AWS infrastructure at scale.
Concerning the authors
