aws-bedrock-mcp-client-server
Spring Boot (deployed on AWS Lambda behind API Gateway) that exposes a REST API to interact with Amazon Bedrock models and leverages MCP-style tool use for tasks such as calculations, weather retrieval (via external weather API), and converting web pages to markdown; includes CDK/IAM provisioning.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Uses AWS Lambda/API Gateway over HTTPS is typical, but TLS enforcement for the public API is not explicitly stated in the README. Caller authentication/authorization for the REST endpoints is not described. Deployment requires AWS IAM permissions for Lambda/API Gateway/Bedrock; ensure least-privilege IAM. There is an external weather API key requirement—ensure it is stored in AWS Secrets Manager/SSM and not logged. No details provided on input validation, SSRF protections for the webpage URL endpoint, or prompt/tool output sanitization; those are important for security review.
⚡ Reliability
Best When
You want a serverless, AWS-native prototype/demo of Bedrock + tool calling via an MCP-like approach, and you can configure/test IAM and operational controls.
Avoid When
You need a well-specified public API contract (OpenAPI/examples), documented auth scheme for callers, strong retry/idempotency semantics, or clear rate-limit behavior out of the box.
Use Cases
- • Tool-using LLM interactions with Amazon Bedrock (multi-step queries)
- • Serverless hosting of an MCP-like workflow that calls model + tools
- • Weather lookups and summarization-style workflows
- • Simple calculation operations via tool endpoints
- • Webpage-to-markdown conversion via an endpoint
Not For
- • Production workloads requiring strict enterprise governance unless IAM, logging, and data handling are reviewed
- • Use cases needing guaranteed idempotency/replay safety (not documented)
- • Environments that require explicit published API rate-limit guarantees (not documented)
Interface
Authentication
The README discusses AWS credentials/permissions for deploying and for Bedrock access, but does not document caller authentication/authorization for the exposed REST endpoints (e.g., IAM auth, Cognito, API keys, JWT, etc.).
Pricing
No pricing information provided. Costs likely come from AWS Lambda/API Gateway usage, Bedrock model inference, and the external weather API.
Agent Metadata
Known Gotchas
- ⚠ No documented machine-readable API contract (e.g., OpenAPI) or explicit response/error schema, so agents may need to infer behavior from trial runs.
- ⚠ Retry/idempotency semantics for POST endpoints are not documented; agents should be cautious about repeated tool invocations.
- ⚠ Rate limiting behavior is not documented; high-throughput agents may see throttling without clear guidance.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for aws-bedrock-mcp-client-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.