This CloudFormation template deploys an MCP (Model Context Protocol) server on Amazon Bedrock AgentCore Runtime. It demonstrates how to host MCP tools on AgentCore Runtime using infrastructure as code, with automated deployment scripts for a streamlined experience.
The template uses the Amazon Bedrock AgentCore Python SDK to wrap agent functions as an MCP server compatible with Amazon Bedrock AgentCore. It handles the MCP server details so you can focus on your agent's core functionality.
When hosting tools, the Amazon Bedrock AgentCore Python SDK implements the Stateless Streamable HTTP transport protocol with the MCP-Session-Id header for session isolation. Your MCP server will be hosted on port 8000 and provide one invocation path: the mcp-POST endpoint.
| Information | Details |
|---|---|
| Tutorial type | Hosting Tools |
| Tool type | MCP server |
| Tutorial components | CloudFormation, AgentCore Runtime, MCP server |
| Tutorial vertical | Cross-vertical |
| Example complexity | Easy |
| SDK used | Amazon BedrockAgentCore Python SDK and MCP Client |
This CloudFormation template deploys a simple MCP server with 3 tools: add_numbers, multiply_numbers, and greet_user.
The architecture consists of:
- User/MCP Client: Sends requests to the MCP server with JWT authentication
- Amazon Cognito: Provides JWT-based authentication
- User Pool with pre-created test user (testuser/MyPassword123!)
- User Pool Client for application access
- AWS CodeBuild: Builds the ARM64 Docker container image with the MCP server
- Amazon ECR Repository: Stores the container image
- AgentCore Runtime: Hosts the MCP Server
- MCP Server: Exposes three tools via HTTP transport
add_numbers: Adds two numbersmultiply_numbers: Multiplies two numbersgreet_user: Greets a user by name
- Validates JWT tokens from Cognito
- Processes MCP tool invocations
- MCP Server: Exposes three tools via HTTP transport
- IAM Roles:
- IAM role for CodeBuild (builds and pushes images)
- IAM role for AgentCore Runtime (runtime permissions)
- One-Command Deployment - Automated scripts handle everything
- Complete Infrastructure - Full infrastructure as code
- Secure by Default - JWT authentication with Cognito
- Automated Build - CodeBuild creates ARM64 Docker images
- Easy Testing - Automated test script included
- Simple Cleanup - One command removes all resources
The CloudFormation stack creates:
- Amazon ECR Repository - Stores the MCP server Docker image
- AWS CodeBuild Project - Builds ARM64 Docker image automatically
- Amazon Cognito User Pool - JWT authentication
- Cognito User Pool Client - Application client configuration
- Cognito User - Pre-created test user (testuser/MyPassword123!)
- IAM Roles - Least-privilege permissions for all services
- Lambda Functions - Custom resource automation
- Amazon Bedrock AgentCore Runtime - Hosts the MCP server
MCP Server Tools:
add_numbers- Adds two numbers togethermultiply_numbers- Multiplies two numbersgreet_user- Greets a user by name
- AWS CLI configured with appropriate credentials
- AWS account with permissions to create:
- CloudFormation stacks
- ECR repositories
- CodeBuild projects
- Cognito User Pools
- IAM roles and policies
- Lambda functions
- Bedrock AgentCore Runtime
- Python 3.8+ (for testing)
boto3andmcpPython packages (installed automatically by test script)
cd 04-infrastructure-as-code/cloudformation/mcp-server-agentcore-runtime
./deploy.shThe deployment takes approximately 10-15 minutes and includes:
- Creating all AWS resources
- Building the Docker image
- Pushing to ECR
- Starting the AgentCore Runtime
After deployment completes:
./test.shThis will:
- Authenticate with Cognito
- Test all three MCP tools
- Display the results
When you're done:
./cleanup.shThis removes all created resources.
- User authenticates with Cognito using username/password
- Cognito returns an access token (JWT)
- Access token is passed as Bearer token to AgentCore Runtime
- AgentCore Runtime validates the token with Cognito
- If valid, the MCP server processes the request
The MCP server is embedded in the CodeBuild buildspec and includes:
from bedrock_agentcore.mcp import MCPServer
server = MCPServer()
@server.tool()
def add_numbers(a: int, b: int) -> int:
"""Add two numbers together."""
return a + b
@server.tool()
def multiply_numbers(a: int, b: int) -> int:
"""Multiply two numbers together."""
return a * b
@server.tool()
def greet_user(name: str) -> str:
"""Greet a user by name."""
return f"Hello, {name}!"CodeBuild automatically:
- Creates a Python 3.12 ARM64 environment
- Installs dependencies
- Creates the MCP server code
- Builds the Docker image
- Pushes to ECR
- Triggers AgentCore Runtime update