Skip to main content

AWS Solutions Library

Guidance for Deploying Model Context Protocol Servers on AWS

Go to sample code

Overview

This Guidance demonstrates how to securely run Model Context Protocol (MCP) servers on the AWS Cloud using containerized architecture. It helps organizations implement industry-standard OAuth 2.0 authentication while protecting server deployments with multiple security layers, including content delivery networks and web application firewalls. The Guidance shows how to effectively manage client sessions and tokens, monitor server behavior through centralized logging, and maintain high availability using container orchestration services. By following this Guidance, you can confidently deploy and operate secure, scalable MCP server implementations to reduce operational overhead and improve overall system reliability.

How it works

These technical details feature an architecture diagram to illustrate how to effectively use this solution. The architecture diagram shows the key components and their interactions, providing an overview of the architecture's structure and functionality step-by-step.

Download the architecture diagram

Deploy with confidence

Ready to deploy? Review the sample code on GitHub for detailed deployment instructions to deploy as-is or customize to fit your needs. 

Go to sample code

Well-Architected Pillars

The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.

CloudWatch logs provide centralized logging for all MCP server containers with configurable retention periods, allowing operators to monitor and troubleshoot server behavior. The AWS Cloud Development Kit (AWS CDK) implementation enables infrastructure-as-code (IaC) practices for consistent, repeatable deployments. Amazon Elastic Container Service (Amazon ECS)  health checks integrate with ALB to provide automated monitoring of service health. This creates a unified operational model with clear visibility into MCP server behavior. Read the Operational Excellence whitepaper
Amazon Cognito provides OAuth 2.0 authentication with the authorization code grant flow, enabling secure machine-to-machine communication with MCP servers. AWS WAF protects against common web exploits and includes rate limiting to prevent distributed denial of service (DDoS) attacks. The network architecture places MCP servers in private subnets without direct internet access, while security groups restrict traffic flow between components. CloudFront provides HTTPS encryption in transit with modern HTTP2 and HTTP3 protocols. This multi-layered security approach implements the principle of defense in depth, eliminating the need to build custom authentication systems and providing industry-standard OAuth flows. Read the Security whitepaper
Amazon ECS services are configured to run across multiple Availability Zones with health checks that automatically replace unhealthy containers. ALB routes traffic only to healthy targets and provides connection draining during deployments. CloudFront improves availability by serving from edge locations and caching responses. Auto-scaling policies adjust capacity based on demand. This Guidance eliminates single points of failure, helping ensure that MCP servers remain available even if an entire AZ experiences an outage. Health checks with automatic recovery minimize downtime by replacing failed containers without human intervention. Read the Reliability whitepaper
CloudFront improves global performance by caching and serving content from edge locations closer to clients. ALB efficiently distributes traffic across healthy containers and supports modern HTTP/2 protocols for improved connection efficiency. This avoids overprovisioning by allowing precise specification of resource requirements per MCP server and dynamically adjusting capacity based on actual demand. Read the Performance Efficiency whitepaper
CloudWatch log retention policies automatically delete older logs, preventing storage costs from growing unbounded. The Guidance enables multiple MCP servers to share common infrastructure components like NAT gateways, ALBs, and the VPC. The serverless container model eliminates costs associated with idle servers. Read the Cost Optimization whitepaper
The shared infrastructure approach for multiple MCP servers increases utilization of networking components like NAT gateways and load balancers, improving the overall carbon efficiency of the deployment. This Guidance aligns with sustainability best practices by maximizing resource utilization through efficient container placement, dynamic scaling, and infrastructure sharing. Read the Sustainability whitepaper

Disclaimer

The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.