awslabs.cdk-mcp-server 0.0.31004__tar.gz → 0.0.71717__tar.gz

awslabs_cdk_mcp_server-0.0.71717/PKG-INFO

@@ -0,0 +1,151 @@
+Metadata-Version: 2.4
+Name: awslabs.cdk-mcp-server
+Version: 0.0.71717
+Summary: An AWS CDK MCP server that provides guidance on AWS Cloud Development Kit best practices, infrastructure as code patterns, and security compliance with CDK Nag. This server offers tools to validate infrastructure designs, explain CDK Nag rules, analyze suppressions, generate Bedrock Agent schemas, and discover Solutions Constructs patterns.
+Requires-Python: >=3.10
+Requires-Dist: aws-lambda-powertools>=2.30.0
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: mcp[cli]>=1.6.0
+Requires-Dist: pydantic>=2.10.6
+Description-Content-Type: text/markdown
+
+# AWS CDK MCP Server
+
+MCP server for AWS Cloud Development Kit (CDK) best practices, infrastructure as code patterns, and security compliance with CDK Nag.
+
+## Features
+
+### CDK General Guidance
+
+- Prescriptive patterns with AWS Solutions Constructs and GenAI CDK libraries
+- Structured decision flow for choosing appropriate implementation approaches
+- Security automation through CDK Nag integration and Lambda Powertools
+
+### CDK Nag Integration
+
+- Work with CDK Nag rules for security and compliance
+- Explain specific CDK Nag rules with AWS Well-Architected guidance
+- Check if CDK code contains Nag suppressions that require human review
+
+### AWS Solutions Constructs
+
+- Search and discover AWS Solutions Constructs patterns
+- Find recommended patterns for common architecture needs
+- Get detailed documentation on Solutions Constructs
+
+### Generative AI CDK Constructs
+
+- Search for GenAI CDK constructs by name or type
+- Discover specialized constructs for AI/ML workloads
+- Get implementation guidance for generative AI applications
+
+### Amazon Bedrock Agent Schema Generation
+
+- Generate OpenAPI schema for Bedrock Agent Action Groups
+- Streamline the creation of Bedrock Agent schemas
+- Convert code files to compatible OpenAPI specifications
+
+## CDK Implementation Workflow
+
+This diagram provides a comprehensive view of the recommended CDK implementation workflow:
+
+```mermaid
+graph TD
+    Start([Start]) --> Init["cdk init app"]
+    
+    Init --> B{Choose Approach}
+    B -->|"Common Patterns"| C1["GetAwsSolutionsConstructPattern"]
+    B -->|"GenAI Features"| C2["SearchGenAICDKConstructs"]
+    B -->|"Custom Needs"| C3["Custom CDK Code"]
+    
+    C1 --> D1["Implement Solutions Construct"]
+    C2 --> D2["Implement GenAI Constructs"]
+    C3 --> D3["Implement Custom Resources"]
+    
+    %% Bedrock Agent with Action Groups specific flow
+    D2 -->|"For Bedrock Agents<br/>with Action Groups"| BA["Create Lambda with<br/>BedrockAgentResolver"]
+    
+    %% Schema generation flow
+    BA --> BS["GenerateBedrockAgentSchema"]
+    BS -->|"Success"| JSON["openapi.json created"]
+    BS -->|"Import Errors"| BSF["Tool generates<br/>generate_schema.py"]
+    BSF --> BSR["Run script manually:<br/>python generate_schema.py"]
+    BSR --> JSON["openapi.json created"]
+    
+    %% Use schema in Agent CDK
+    JSON --> AgentCDK["Use schema in<br/>Agent CDK code"]
+    AgentCDK --> D2
+    
+    %% Conditional Lambda Powertools implementation
+    D1 & D2 & D3 --> HasLambda{"Using Lambda<br/>Functions?"}
+    HasLambda -->|"Yes"| L["Add Lambda Powertools<br/>and create Layer"]
+    HasLambda -->|"No"| SkipL["Skip Lambda<br/>Powertools"]
+    
+    %% Rest of workflow
+    L --> Synth["cdk synth"]
+    SkipL --> Synth
+    
+    Synth --> Nag{"CDK Nag<br/>warnings?"}
+    Nag -->|Yes| E["ExplainCDKNagRule"]
+    Nag -->|No| Deploy["cdk deploy"]
+    
+    E --> Fix["Fix or Add Suppressions"]
+    Fix --> CN["CheckCDKNagSuppressions"]
+    CN --> Synth
+    
+    %% Styling with darker colors
+    classDef default fill:#424242,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef cmd fill:#4a148c,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef tool fill:#01579b,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef note fill:#1b5e20,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef output fill:#006064,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef decision fill:#5d4037,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    
+    class Init,Synth,Deploy,BSR cmd;
+    class C1,C2,BS,E,CN tool;
+    class JSON output;
+    class HasLambda,Nag decision;
+```
+
+## Tools and Resources
+
+- **CDK Nag Rules**: Access rule packs via `cdk-nag://rules/{rule_pack}`
+- **Lambda Powertools**: Get guidance on Lambda Powertools via `lambda-powertools://{topic}`
+- **AWS Solutions Constructs**: Access patterns via `aws-solutions-constructs://{pattern_name}`
+- **GenAI CDK Constructs**: Access documentation via `genai-cdk-constructs://{construct_type}/{construct_name}`
+
+## Prerequisites
+
+1. Install `uv` from [Astral](https://docs.astral.sh/uv/getting-started/installation/) or the [GitHub README](https://github.com/astral-sh/uv#installation)
+2. Install Python using `uv python install 3.10`
+
+## Installation
+
+Here are some ways you can work with MCP across AWS, and we'll be adding support to more products including Amazon Q Developer CLI soon: (e.g. for Amazon Q Developer CLI MCP, `~/.aws/amazonq/mcp.json`):
+
+```json
+{
+  "mcpServers": {
+    "awslabs.cdk-mcp-server": {
+      "command": "uvx",
+      "args": ["awslabs.cdk-mcp-server@latest"],
+      "env": {
+        "FASTMCP_LOG_LEVEL": "ERROR"
+      },
+      "disabled": false,
+      "autoApprove": []
+    }
+  }
+}
+```
+
+## Security Considerations
+
+When using this MCP server, you should consider:
+
+- Reviewing all CDK Nag warnings and errors manually
+- Fixing security issues rather than suppressing them whenever possible
+- Documenting clear justifications for any necessary suppressions
+- Using the CheckCDKNagSuppressions tool to verify no unauthorized suppressions exist
+
+Before applying CDK NAG Suppressions, you should consider conducting your own independent assessment to ensure that your use would comply with your own specific security and quality control practices and standards, as well as the local laws, rules, and regulations that govern you and your content.

awslabs_cdk_mcp_server-0.0.71717/README.md

@@ -0,0 +1,140 @@
+# AWS CDK MCP Server
+
+MCP server for AWS Cloud Development Kit (CDK) best practices, infrastructure as code patterns, and security compliance with CDK Nag.
+
+## Features
+
+### CDK General Guidance
+
+- Prescriptive patterns with AWS Solutions Constructs and GenAI CDK libraries
+- Structured decision flow for choosing appropriate implementation approaches
+- Security automation through CDK Nag integration and Lambda Powertools
+
+### CDK Nag Integration
+
+- Work with CDK Nag rules for security and compliance
+- Explain specific CDK Nag rules with AWS Well-Architected guidance
+- Check if CDK code contains Nag suppressions that require human review
+
+### AWS Solutions Constructs
+
+- Search and discover AWS Solutions Constructs patterns
+- Find recommended patterns for common architecture needs
+- Get detailed documentation on Solutions Constructs
+
+### Generative AI CDK Constructs
+
+- Search for GenAI CDK constructs by name or type
+- Discover specialized constructs for AI/ML workloads
+- Get implementation guidance for generative AI applications
+
+### Amazon Bedrock Agent Schema Generation
+
+- Generate OpenAPI schema for Bedrock Agent Action Groups
+- Streamline the creation of Bedrock Agent schemas
+- Convert code files to compatible OpenAPI specifications
+
+## CDK Implementation Workflow
+
+This diagram provides a comprehensive view of the recommended CDK implementation workflow:
+
+```mermaid
+graph TD
+    Start([Start]) --> Init["cdk init app"]
+    
+    Init --> B{Choose Approach}
+    B -->|"Common Patterns"| C1["GetAwsSolutionsConstructPattern"]
+    B -->|"GenAI Features"| C2["SearchGenAICDKConstructs"]
+    B -->|"Custom Needs"| C3["Custom CDK Code"]
+    
+    C1 --> D1["Implement Solutions Construct"]
+    C2 --> D2["Implement GenAI Constructs"]
+    C3 --> D3["Implement Custom Resources"]
+    
+    %% Bedrock Agent with Action Groups specific flow
+    D2 -->|"For Bedrock Agents<br/>with Action Groups"| BA["Create Lambda with<br/>BedrockAgentResolver"]
+    
+    %% Schema generation flow
+    BA --> BS["GenerateBedrockAgentSchema"]
+    BS -->|"Success"| JSON["openapi.json created"]
+    BS -->|"Import Errors"| BSF["Tool generates<br/>generate_schema.py"]
+    BSF --> BSR["Run script manually:<br/>python generate_schema.py"]
+    BSR --> JSON["openapi.json created"]
+    
+    %% Use schema in Agent CDK
+    JSON --> AgentCDK["Use schema in<br/>Agent CDK code"]
+    AgentCDK --> D2
+    
+    %% Conditional Lambda Powertools implementation
+    D1 & D2 & D3 --> HasLambda{"Using Lambda<br/>Functions?"}
+    HasLambda -->|"Yes"| L["Add Lambda Powertools<br/>and create Layer"]
+    HasLambda -->|"No"| SkipL["Skip Lambda<br/>Powertools"]
+    
+    %% Rest of workflow
+    L --> Synth["cdk synth"]
+    SkipL --> Synth
+    
+    Synth --> Nag{"CDK Nag<br/>warnings?"}
+    Nag -->|Yes| E["ExplainCDKNagRule"]
+    Nag -->|No| Deploy["cdk deploy"]
+    
+    E --> Fix["Fix or Add Suppressions"]
+    Fix --> CN["CheckCDKNagSuppressions"]
+    CN --> Synth
+    
+    %% Styling with darker colors
+    classDef default fill:#424242,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef cmd fill:#4a148c,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef tool fill:#01579b,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef note fill:#1b5e20,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef output fill:#006064,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    classDef decision fill:#5d4037,stroke:#ffffff,stroke-width:1px,color:#ffffff;
+    
+    class Init,Synth,Deploy,BSR cmd;
+    class C1,C2,BS,E,CN tool;
+    class JSON output;
+    class HasLambda,Nag decision;
+```
+
+## Tools and Resources
+
+- **CDK Nag Rules**: Access rule packs via `cdk-nag://rules/{rule_pack}`
+- **Lambda Powertools**: Get guidance on Lambda Powertools via `lambda-powertools://{topic}`
+- **AWS Solutions Constructs**: Access patterns via `aws-solutions-constructs://{pattern_name}`
+- **GenAI CDK Constructs**: Access documentation via `genai-cdk-constructs://{construct_type}/{construct_name}`
+
+## Prerequisites
+
+1. Install `uv` from [Astral](https://docs.astral.sh/uv/getting-started/installation/) or the [GitHub README](https://github.com/astral-sh/uv#installation)
+2. Install Python using `uv python install 3.10`
+
+## Installation
+
+Here are some ways you can work with MCP across AWS, and we'll be adding support to more products including Amazon Q Developer CLI soon: (e.g. for Amazon Q Developer CLI MCP, `~/.aws/amazonq/mcp.json`):
+
+```json
+{
+  "mcpServers": {
+    "awslabs.cdk-mcp-server": {
+      "command": "uvx",
+      "args": ["awslabs.cdk-mcp-server@latest"],
+      "env": {
+        "FASTMCP_LOG_LEVEL": "ERROR"
+      },
+      "disabled": false,
+      "autoApprove": []
+    }
+  }
+}
+```
+
+## Security Considerations
+
+When using this MCP server, you should consider:
+
+- Reviewing all CDK Nag warnings and errors manually
+- Fixing security issues rather than suppressing them whenever possible
+- Documenting clear justifications for any necessary suppressions
+- Using the CheckCDKNagSuppressions tool to verify no unauthorized suppressions exist
+
+Before applying CDK NAG Suppressions, you should consider conducting your own independent assessment to ensure that your use would comply with your own specific security and quality control practices and standards, as well as the local laws, rules, and regulations that govern you and your content.

{awslabs_cdk_mcp_server-0.0.31004 → awslabs_cdk_mcp_server-0.0.71717}/awslabs/cdk_mcp_server/core/server.py

@@ -49,7 +49,7 @@ mcp.resource('genai-cdk-constructs://{construct_type}')(resources.get_genai_cdk_
 mcp.tool(name='CDKGeneralGuidance')(tools.cdk_guidance)
 mcp.tool(name='ExplainCDKNagRule')(tools.explain_cdk_nag_rule)
 mcp.tool(name='CheckCDKNagSuppressions')(tools.check_cdk_nag_suppressions_tool)
-mcp.tool(name='GenerateBedrockAgentSchemaFromFile')(tools.bedrock_schema_generator_from_file)
+mcp.tool(name='GenerateBedrockAgentSchema')(tools.bedrock_schema_generator_from_file)
 mcp.tool(name='GetAwsSolutionsConstructPattern')(tools.get_aws_solutions_construct_pattern)
 mcp.tool(name='SearchGenAICDKConstructs')(tools.search_genai_cdk_constructs)
 

{awslabs_cdk_mcp_server-0.0.31004 → awslabs_cdk_mcp_server-0.0.71717}/awslabs/cdk_mcp_server/core/tools.py

@@ -142,6 +142,65 @@ async def check_cdk_nag_suppressions_tool(
     return check_cdk_nag_suppressions(code=code, file_path=file_path)
 
 
+def save_fallback_script_to_file(
+    script_content: str, lambda_code_path: str, output_path: str
+) -> str:
+    """Save fallback script to a file instead of including it in the response.
+
+    Args:
+        script_content: The script content to save
+        lambda_code_path: Original Lambda file path (used for naming)
+        output_path: Schema output path (used for directory)
+
+    Returns:
+        Path to the saved script file
+    """
+    # Sanitize paths to prevent path traversal attacks
+    output_dir = os.path.dirname(os.path.abspath(output_path))
+
+    # Create scripts directory in the same directory as the output file
+    scripts_dir = os.path.join(output_dir, 'scripts')
+
+    try:
+        os.makedirs(scripts_dir, exist_ok=True)
+    except (OSError, IOError) as e:
+        logger.error(f'Failed to create scripts directory: {e}')
+        # Fall back to output directory if scripts dir creation fails
+        scripts_dir = output_dir
+
+    # Sanitize file name - remove any path components and ensure it's just a base name
+    lambda_file_name = os.path.basename(lambda_code_path)
+    # Remove extension and any potentially problematic characters
+    sanitized_name = os.path.splitext(lambda_file_name)[0]
+    sanitized_name = re.sub(r'[^a-zA-Z0-9_-]', '', sanitized_name)
+
+    # Generate script name
+    script_file_name = f'generate_schema_{sanitized_name}.py'
+    script_path = os.path.join(scripts_dir, script_file_name)
+
+    # Validate the resulting path is still within the expected directory
+    if not os.path.abspath(script_path).startswith(os.path.abspath(scripts_dir)):
+        logger.error(f'Path traversal attempt detected: {script_path}')
+        # Fall back to a safe default
+        script_path = os.path.join(scripts_dir, 'generate_schema.py')
+
+    try:
+        # Write the script to file with restricted permissions
+        # Open with restricted permissions from the start (only owner can read/write)
+        with open(os.open(script_path, os.O_CREAT | os.O_WRONLY, 0o600), 'w') as f:
+            f.write(script_content)
+
+        # Update to executable permissions (only for the owner)
+        os.chmod(script_path, 0o700)  # rwx------ permissions (owner only)
+
+        logger.info(f'Successfully created script at {script_path}')
+        return script_path
+
+    except (OSError, IOError) as e:
+        logger.error(f'Failed to save script: {e}')
+        return f'Error saving script: {str(e)}'
+
+
 async def bedrock_schema_generator_from_file(
     ctx: Context, lambda_code_path: str, output_path: str
 ) -> Dict[str, Any]:
@@ -171,6 +230,58 @@ async def bedrock_schema_generator_from_file(
         output_path=output_path,
     )
 
+    # If fallback script was generated, save it to a file instead of returning it in the response
+    if result.get('status') == 'error' and result.get('fallback_script'):
+        # Save the script to a file
+        script_path = save_fallback_script_to_file(
+            result['fallback_script'], lambda_code_path, output_path
+        )
+
+        # Get the output filename for use in examples
+        output_filename = os.path.basename(output_path)
+        output_dir = os.path.dirname(output_path)
+
+        # Update the result dictionary to include the script path instead of script content
+        result['fallback_script_path'] = script_path
+
+        # Remove the full script content to avoid verbose responses
+        del result['fallback_script']
+
+        # Enhanced client instructions with CDK integration example
+        result['client_instructions'] = {
+            'title': 'Schema Generation and Integration Guide',
+            'steps': [
+                f"1. Run the script at '{script_path}'",
+                f"2. The script will generate the schema file at '{output_path}'",
+                '3. In your CDK code, reference this exact schema file as shown below:',
+            ],
+            'command_suggestion': f'python {script_path}',
+            'cdk_integration_example': f"// Assuming your Lambda function is named '{os.path.basename(lambda_code_path).replace('.py', 'Lambda')}'\n"
+            f'const {os.path.basename(lambda_code_path).replace(".py", "ActionGroup")} = new bedrock.AgentActionGroup({{\n'
+            f'  name: "{os.path.basename(lambda_code_path).replace(".py", "ActionGroup")}",\n'
+            f'  description: "This action group is used for {os.path.basename(lambda_code_path).replace(".py", "")}",\n'
+            f'  executor: bedrock.ActionGroupExecutor.fromlambdaFunction({os.path.basename(lambda_code_path).replace(".py", "Lambda")}),\n'
+            f'  apiSchema: bedrock.ApiSchema.fromLocalAsset(\n'
+            f'    path.join(__dirname, "{os.path.relpath(output_dir, os.path.dirname(lambda_code_path))}", "{output_filename}")\n'
+            f'  )\n'
+            f'}});\n'
+            f'agent.addActionGroup({os.path.basename(lambda_code_path).replace(".py", "ActionGroup")});',
+            'important_notes': [
+                '✅ Use the exact openapi.json file generated by the script',
+                '✅ Adjust the path in fromLocalAsset() to point to where the schema was generated',
+                '❌ Do NOT regenerate or modify the schema manually',
+            ],
+        }
+
+        if 'instructions' in result:
+            result['instructions'] = result['instructions'].replace(
+                'save the fallback script to a file',
+                f'run the fallback script located at {script_path}',
+            )
+
+        # Update the solution message
+        result['solution'] = f'Use the fallback script at {script_path} to generate the schema'
+
     return result
 
 

{awslabs_cdk_mcp_server-0.0.31004 → awslabs_cdk_mcp_server-0.0.71717}/awslabs/cdk_mcp_server/data/lambda_powertools_loader.py

@@ -34,14 +34,16 @@ def get_lambda_powertools_section(topic: str = '') -> str:
         topic = 'index'
 
     if topic.lower() in topic_map:
-        file_path = os.path.join(
-            os.path.dirname(__file__), 'static', 'lambda_powertools', f'{topic.lower()}.md'
-        )
+        # Fix the path to correctly point to the static directory (parent of 'data')
+        base_dir = os.path.dirname(
+            os.path.dirname(__file__)
+        )  # Go up from 'data' to get to the package root
+        file_path = os.path.join(base_dir, 'static', 'lambda_powertools', f'{topic.lower()}.md')
         try:
             with open(file_path, 'r') as f:
                 return f.read()
         except FileNotFoundError:
-            return f"Error: File for topic '{topic}' not found."
+            return f"Error: File for topic '{topic}' not found. (Looking in: {file_path})"
     else:
         # Topic not found
         topic_list = '\n'.join([f'- {t}: {desc}' for t, desc in topic_map.items() if t != 'index'])