A serverless remote MCP server that exposes a Lambda POJO via the MCP protocol.
- Lambda Function: Event-driven handler processing incoming AWS service events and returning personalized greetings
- Agent Core Gateway: Bedrock Agent Core Gateway with Cognito-based authentication
- Cognito User Pool: Dedicated authentication stack for API access control
- JDK 21 or later
- Apache Maven
- AWS CDK bootstrapped in target region:
cdk bootstrap aws://ACCOUNT-ID/REGION
./buildAndDeployDontAsk.sh-
Deploy the Infrastructure
./buildAndDeployDontAsk.sh
-
Create a User Account
- Navigate to the Cognito Hosted UI using the
agent-core-gateway-lambda-cognito-stack.UserSignUpURLoutput - Sign up with email and password
- Verify email address if required
- Navigate to the Cognito Hosted UI using the
-
Obtain JWT Token
Option A: Via Hosted UI
- Sign in through the Hosted UI
- Extract the JWT token from the URL fragment after authentication (OAuth implicit grant flow)
Option B: Via AWS CLI
aws cognito-idp initiate-auth \ --auth-flow USER_PASSWORD_AUTH \ --client-id <client-id> \ --auth-parameters USERNAME=<email>,PASSWORD=<password> \ --query 'AuthenticationResult.AccessToken' \ --output text
-
Access the MCP Server
Use the JWT token to invoke the Agent Core Gateway:
./callMCPServer.sh <gateway-url> <jwt-token>
Or with a custom payload:
./callMCPServer.sh <gateway-url> <jwt-token> payload.json
-
Interactive Testing with MCP Inspector
npx @modelcontextprotocol/inspector <gateway-url>
Configure the JWT token in the inspector's authentication settings to explore available tools and test requests interactively.