Amazon Web Services has rolled out a significant enhancement to its AI agent capabilities, introducing the ability for developers and enterprises to deploy custom Model Context Protocol (MCP) proxies directly on Amazon Bedrock AgentCore Runtime. This new feature allows for a more granular level of control and extensive customization in how AI agents interact with various tools and services, addressing critical operational and governance needs in production environments.
The Model Context Protocol (MCP) is fundamental to how AI agents connect with and leverage external tools. These connections grant agents access to a wide array of capabilities, encompassing everything from executing database queries and making API calls to performing file operations and integrating with third — party services. In production deployments, it is imperative that these interactions are managed with proper governance, robust controls, and comprehensive observability.
These custom MCP proxies function as intelligent, programmable intermediaries, strategically positioned between AI agents, which act as clients, and the upstream MCP servers providing access to essential resources. Operating as stateless, serverless workloads within the fully managed AgentCore Runtime environment, these proxies empower organizations to inject and enforce bespoke logic directly at the protocol layer. This innovative architecture facilitates the application of customized controls to MCP traffic, ensuring that interactions are compliant and secure without requiring modifications to either the upstream MCP server or the agent client.
Prior to this advancement, Amazon Bedrock AgentCore Gateway offered centralized governance and control for agent — tool integration, including features such as semantic tool discovery, managed credentials, and policy enforcement. For organizations seeking to embed custom logic within the Gateway’s request path, Lambda interceptors have been available. These interceptors allow for the execution of validation, transformation, or filtering code as AWS Lambda functions on every tool invocation, enabling custom logic to be self-contained and managed alongside Gateway configurations.
Despite the utility of Lambda interceptors, certain organizational requirements necessitated a more flexible approach. Many enterprises have substantial investments in custom MCP filtering logic that is tightly coupled with internal libraries or on-premises compliance systems. Their objective is to seamlessly reuse this existing logic within the AgentCore Runtime without undertaking a costly and complex refactoring process into Lambda functions. Furthermore, organizations operating across diverse systems or hybrid environments often require a level of portability that a standalone MCP server can offer, proving more adaptable than a system — specific interceptor.
AgentCore Runtime serves as a fully managed compute environment, specifically designed for deploying AI agents and MCP servers, including these custom proxies. It provides robust serverless infrastructure with automatic scaling capabilities, ensuring high availability and performance. The runtime also integrates built — in observability through services like Amazon CloudWatch and OpenTelemetry, alongside AgentCore Identity for comprehensive authentication and authorization. Because Runtime natively supports the MCP protocol, it simplifies the hosting of MCP servers. The solution's architecture involves three distinct logical layers: the MCP client, the custom MCP proxy residing on AgentCore Runtime, and the upstream MCP server.
The versatility of this proxy pattern extends to its compatibility with various upstream MCP servers, which can be hosted in diverse environments. This includes other MCP servers running on AgentCore Runtime, self-hosted MCP servers within an organization’s own infrastructure, or even third — party MCP services. Organizations also have the option to connect this custom proxy to Amazon Bedrock AgentCore Gateway. This integration allows them to fully leverage Gateway's centralized features such as managed tool discovery, credential management, and policy enforcement across a broad spectrum of integrations, including other MCP servers, AWS Lambda functions, and various SaaS solutions, enhancing overall control and operational efficiency for their AI agent ecosystems.
Sources
Replies (0)
No replies in this topic yet.
