AddMcpServerTargetOptions

class aws_cdk.aws_bedrock_agentcore_alpha.AddMcpServerTargetOptions(*, credential_provider_configurations, endpoint, gateway_target_name, description=None)

Bases: object

(experimental) Options for adding an MCP Server target to a gateway.

Parameters:

  • credential_provider_configurations (Sequence[ICredentialProviderConfig]) – (experimental) Credential providers for authentication. MCP servers require explicit authentication configuration. OAuth2 is strongly recommended over NoAuth.

  • endpoint (str) – (experimental) The HTTPS endpoint URL of the MCP server. The endpoint must: - Use HTTPS protocol - Be properly URL-encoded - Point to an MCP server that implements tool capabilities

  • gateway_target_name (str) – (experimental) The name of the gateway target Valid characters are a-z, A-Z, 0-9, _ (underscore) and - (hyphen).

  • description (Optional[str]) – (experimental) Optional description for the gateway target. Default: - No description

Stability:

experimental

ExampleMetadata:

fixture=default infused

Example:

gateway = agentcore.Gateway(self, "MyGateway",
    gateway_name="my-gateway"
)

# OAuth2 authentication (recommended)
# Note: Create the OAuth provider using AWS console or Identity L2 construct when available
oauth_provider_arn = "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/abc123/oauth2credentialprovider/my-oauth"
oauth_secret_arn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-oauth-secret-abc123"

# Add an MCP server target directly to the gateway
mcp_target = gateway.add_mcp_server_target("MyMcpServer",
    gateway_target_name="my-mcp-server",
    description="External MCP server integration",
    endpoint="https://my-mcp-server.example.com",
    credential_provider_configurations=[
        agentcore.GatewayCredentialProvider.from_oauth_identity_arn(
            provider_arn=oauth_provider_arn,
            secret_arn=oauth_secret_arn,
            scopes=["mcp-runtime-server/invoke"]
        )
    ]
)

# Grant sync permission to a Lambda function that will trigger synchronization
sync_function = lambda_.Function(self, "SyncFunction",
    runtime=lambda_.Runtime.PYTHON_3_12,
    handler="index.handler",
    code=lambda_.Code.from_inline("""
        import boto3

        def handler(event, context):
            client = boto3.client('bedrock-agentcore')
            response = client.synchronize_gateway_targets(
                gatewayIdentifier=event['gatewayId'],
                targetIds=[event['targetId']]
            )
            return response
          """)
)

mcp_target.grant_sync(sync_function)

Attributes

credential_provider_configurations

(experimental) Credential providers for authentication.

MCP servers require explicit authentication configuration. OAuth2 is strongly recommended over NoAuth.

Stability:

experimental

description

(experimental) Optional description for the gateway target.

Default:

  • No description

Stability:

experimental

endpoint

(experimental) The HTTPS endpoint URL of the MCP server.

The endpoint must:

  • Use HTTPS protocol

  • Be properly URL-encoded

  • Point to an MCP server that implements tool capabilities

Stability:

experimental

gateway_target_name

(experimental) The name of the gateway target Valid characters are a-z, A-Z, 0-9, _ (underscore) and - (hyphen).

Stability:

experimental