{"id":"sverze-aws-bedrock-mcp-client-server","name":"aws-bedrock-mcp-client-server","homepage":null,"repo_url":"https://github.com/sverze/aws-bedrock-mcp-client-server","category":"ai-ml","subcategories":[],"tags":["ai-ml","api-gateway","aws","bedrock","mcp","serverless","spring-boot","lambda","tool-calling"],"what_it_does":"Spring Boot (deployed on AWS Lambda behind API Gateway) that exposes a REST API to interact with Amazon Bedrock models and leverages MCP-style tool use for tasks such as calculations, weather retrieval (via external weather API), and converting web pages to markdown; includes CDK/IAM provisioning.","use_cases":["Tool-using LLM interactions with Amazon Bedrock (multi-step queries)","Serverless hosting of an MCP-like workflow that calls model + tools","Weather lookups and summarization-style workflows","Simple calculation operations via tool endpoints","Webpage-to-markdown conversion via an endpoint"],"not_for":["Production workloads requiring strict enterprise governance unless IAM, logging, and data handling are reviewed","Use cases needing guaranteed idempotency/replay safety (not documented)","Environments that require explicit published API rate-limit guarantees (not documented)"],"best_when":"You want a serverless, AWS-native prototype/demo of Bedrock + tool calling via an MCP-like approach, and you can configure/test IAM and operational controls.","avoid_when":"You need a well-specified public API contract (OpenAPI/examples), documented auth scheme for callers, strong retry/idempotency semantics, or clear rate-limit behavior out of the box.","alternatives":["Direct Amazon Bedrock integration with your own tool-calling orchestration","AWS Lambda + API Gateway with AWS SDK and function calling (custom)","Managed LLM tool frameworks (e.g., LangChain/LlamaIndex tool calling) integrated with Bedrock"],"af_score":33.5,"security_score":48.8,"reliability_score":15.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:59:28.480053+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["AWS IAM credentials/roles for deployment and backend integration (AWS service permissions)"],"oauth":false,"scopes":false,"notes":"The README discusses AWS credentials/permissions for deploying and for Bedrock access, but does not document caller authentication/authorization for the exposed REST endpoints (e.g., IAM auth, Cognito, API keys, JWT, etc.)."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided. Costs likely come from AWS Lambda/API Gateway usage, Bedrock model inference, and the external weather API."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":33.5,"security_score":48.8,"reliability_score":15.0,"mcp_server_quality":30.0,"documentation_accuracy":55.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":40.0,"rate_limit_clarity":10.0,"tls_enforcement":90.0,"auth_strength":35.0,"scope_granularity":25.0,"dependency_hygiene":40.0,"secret_handling":55.0,"security_notes":"Uses AWS Lambda/API Gateway over HTTPS is typical, but TLS enforcement for the public API is not explicitly stated in the README. Caller authentication/authorization for the REST endpoints is not described. Deployment requires AWS IAM permissions for Lambda/API Gateway/Bedrock; ensure least-privilege IAM. There is an external weather API key requirement—ensure it is stored in AWS Secrets Manager/SSM and not logged. No details provided on input validation, SSRF protections for the webpage URL endpoint, or prompt/tool output sanitization; those are important for security review.","uptime_documented":0.0,"version_stability":20.0,"breaking_changes_history":20.0,"error_recovery":20.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["No documented machine-readable API contract (e.g., OpenAPI) or explicit response/error schema, so agents may need to infer behavior from trial runs.","Retry/idempotency semantics for POST endpoints are not documented; agents should be cautious about repeated tool invocations.","Rate limiting behavior is not documented; high-throughput agents may see throttling without clear guidance."]}}