AWS’ Serverless MCP Server to aid agentic development of managed applications

Amazon Web Services (AWS) has released a new open MCP Server to help enterprises develop managed applications faster with the help of AI-driven agents that barely require manual intervention.

The AWS Serverless MCP Server is designed to aid developers by providing AI coding assistants, such as Amazon Q, Cline, or Cursor, with the knowledge of serverless architecture, templates, patterns and best practices — essentially from Lambda, which is AWS’ managed service for running applications without the complexity of managing servers, or compute.

“This MCP server acts as an intelligent companion, guiding developers through the entire application development lifecycle, from initial design to deployment, offering contextual assistance at each stage,” the cloud services provider wrote in a blog post.

MCP, short for Model Context Protocol, is an Anthropic-developed open protocol that allows AI agents inside applications to access external tools and data to complete a user request using a client-server mechanism, where the client is the AI agent or agentic interface and the server provides tools and data.

For web-based applications, the AWS MCP Server will also provide specialized support for backend, frontend, or full-stack applications, and setting up custom domains, it added.

Lambda Tool Server vs Serverless MCP Server

The new Serverless MCP Server is not to be confused with AWS’ existing Lambda Tool Server, which is aimed at helping developers use Lambda functions via agents.

The Lambda Server Tool essentially allows large language models to directly interact with existing Lambda functions as MCP tools without any code changes, thereby acting as a bridge between MCP clients and Lambda functions.

The new offering, though, can be used to complement the existing Lambda Tool Server or used in combination for developing applications that can be used for a wider variety of use cases, or used to maintain more processes or workflows.

Apart from serverless application lifecycle management and web application development and deployment, the new Serverless MCP Server can be used for observability and guidance on topics like when to use Lambda for specific runtimes and use cases or which infrastructure-as-code tool should be used to deploy an application, AWS said.

How does the new serverless MCP Server work?

Developers have a choice of using any coding assistant via its MCP Client to use the new AWS Serverless MCP Server, and they can start by downloading the new Server from GitHub or Python Package Index (PyPi).Once the Server is downloaded and installed, developers have to insert a piece of code into the MCP client configuration to configure which AWS profile that they own they want to use.Post this step, they can start seeking guidance, designing, testing, deploying, and troubleshooting serverless applications by prompting their AI assistant, which, depending on what is being asked, seeks out tools in the new Server and presents information or completes tasks.

Examples of tools for application development and deployment include  — sam_init_tool, sam_build_tool, sam_deploy_tool sam_local_invoke_tool, deployment_help_tool, and deploy_serverless_app_help_tool.

AWS suggests that enterprises, when building applications, should start by using its AI-assisted guidance feature for architectural decisions and also throughout the development process, use the guidance tool to make informed decisions as it follows best practices.

In addition, the cloud services provider said that the new Server also addresses security concerns, which are common with MCP.

“By default, the MCP server operates in a read-only mode, allowing only non-mutating actions,” AWS said, adding that the server also restricts access to Amazon CloudWatch logs by default, protecting sensitive operational data from exposure to AI assistants.

However, developers do have the option of overriding security defaults selectively — they can use the allow-write flag to enable mutating operations for tasks such as deployments and updates, and allow-sensitive-data-access to provide access to CloudWatch Logs for debugging and troubleshooting.