awslabs.cdk-mcp-server 0.0.91005__py3-none-any.whl → 0.0.2025141004__py3-none-any.whl

awslabs/cdk_mcp_server/core/server.py

@@ -63,6 +63,7 @@ mcp.tool(name='CheckCDKNagSuppressions')(tools.check_cdk_nag_suppressions_tool)
 mcp.tool(name='GenerateBedrockAgentSchema')(tools.bedrock_schema_generator_from_file)
 mcp.tool(name='GetAwsSolutionsConstructPattern')(tools.get_aws_solutions_construct_pattern)
 mcp.tool(name='SearchGenAICDKConstructs')(tools.search_genai_cdk_constructs)
+mcp.tool(name='LambdaLayerDocumentationProvider')(tools.lambda_layer_documentation_provider)
 
 
 def main():

awslabs/cdk_mcp_server/core/tools.py

@@ -22,6 +22,7 @@ from awslabs.cdk_mcp_server.data.cdk_nag_parser import (
 from awslabs.cdk_mcp_server.data.genai_cdk_loader import (
     list_available_constructs,
 )
+from awslabs.cdk_mcp_server.data.lambda_layer_parser import LambdaLayerParser
 from awslabs.cdk_mcp_server.data.schema_generator import generate_bedrock_schema_from_file
 from awslabs.cdk_mcp_server.data.solutions_constructs_parser import (
     fetch_pattern_list,
@@ -476,3 +477,55 @@ async def search_genai_cdk_constructs(
         }
     except Exception as e:
         return {'error': f'Error searching constructs: {str(e)}', 'status': 'error'}
+
+
+async def lambda_layer_documentation_provider(
+    ctx: Context,
+    layer_type: str,  # "generic" or "python"
+) -> Dict[str, Any]:
+    """Provide documentation sources for Lambda layers.
+
+    This tool returns information about where to find documentation for Lambda layers
+    and instructs the MCP Client to fetch and process this documentation.
+
+    Args:
+        ctx: MCP context
+        layer_type: Type of layer ("generic" or "python")
+
+    Returns:
+        Dictionary with documentation source information
+    """
+    if layer_type.lower() == 'python':
+        # For Python layers, use AWS Documentation MCP Server
+        return {
+            'layer_type': 'python',
+            'documentation_source': {
+                'server': 'awslabs.aws-documentation-mcp-server',
+                'tool': 'read_documentation',
+                'parameters': {'url': LambdaLayerParser.PYTHON_LAYER_URL, 'max_length': 10000},
+            },
+            'documentation_usage_guide': {
+                'when_to_fetch_full_docs': 'Fetch full documentation to view detailed property definitions, learn about optional parameters, and find additional code examples',
+                'contains_sample_code': True,
+                'contains_props_documentation': True,
+            },
+            'code_generation_guidance': {
+                'imports': [
+                    "import { PythonLayerVersion } from '@aws-cdk/aws-lambda-python-alpha'"
+                ],
+                'construct_types': {'python': 'PythonLayerVersion'},
+                'required_properties': {'python': ['entry']},
+                'sample_code': "new python.PythonLayerVersion(this, 'MyLayer', {\n  entry: '/path/to/my/layer', // point this to your library's directory\n})",
+            },
+        }
+    else:
+        # For all other layer types (including generic), use the existing parser
+        docs = await LambdaLayerParser.fetch_lambda_layer_docs()
+        layer_docs = docs['generic_layers']
+
+        return {
+            'layer_type': 'generic',
+            'code_examples': layer_docs['examples'],
+            'directory_structure': layer_docs['directory_structure'],
+            'source_url': layer_docs['url'],
+        }

awslabs/cdk_mcp_server/data/lambda_layer_parser.py

@@ -0,0 +1,231 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+# with the License. A copy of the License is located at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+# OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+# and limitations under the License.
+
+"""Lambda layer documentation parser module."""
+
+import httpx
+import logging
+from bs4 import BeautifulSoup
+from bs4.element import Tag
+from typing import Any, Dict, List, Optional
+
+
+# Set up logging
+logger = logging.getLogger(__name__)
+
+
+class LambdaLayerParser:
+    """Parser for Lambda layer documentation from AWS docs."""
+
+    # Documentation URLs
+    GENERIC_LAYER_URL = (
+        'https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda-readme.html#layers'
+    )
+    PYTHON_LAYER_URL = 'https://docs.aws.amazon.com/cdk/api/v2/docs/@aws-cdk_aws-lambda-python-alpha.PythonLayerVersion.html'
+
+    # Search patterns to directly find sections when headers aren't working
+    LAYER_SECTION_PATTERNS = ['layers', 'layer version', 'layerversion']
+
+    @classmethod
+    async def fetch_page(cls, url: str) -> Optional[str]:
+        """Fetch a page from AWS documentation."""
+        try:
+            async with httpx.AsyncClient() as client:
+                response = await client.get(url)
+                if response.status_code == 200:
+                    return response.text
+                else:
+                    logger.error(f'Failed to fetch {url}: HTTP {response.status_code}')
+                    return None
+        except Exception as e:
+            logger.error(f'Error fetching {url}: {str(e)}')
+            return None
+
+    @classmethod
+    def extract_code_examples(cls, html_section: Optional[str]) -> List[Dict[str, str]]:
+        """Extract code examples from an HTML section."""
+        if not html_section:
+            return []
+
+        soup = BeautifulSoup(html_section, 'html.parser')
+        code_blocks = soup.find_all('pre')
+
+        examples = []
+        for block in code_blocks:
+            # Make sure we're working with a Tag
+            if not isinstance(block, Tag):
+                continue
+
+            # Try to determine the language
+            language = 'typescript'  # Default
+            classes = block.attrs.get('class', [])
+
+            # Make sure classes is a list of strings
+            if not isinstance(classes, list):
+                classes = [str(classes)]
+
+            class_str = ' '.join(classes)
+
+            if 'python' in class_str.lower():
+                language = 'python'
+            elif 'javascript' in class_str.lower():
+                language = 'javascript'
+
+            # Get the code content
+            code = block.get_text()
+            examples.append({'language': language, 'code': code})
+
+        return examples
+
+    @classmethod
+    def extract_directory_structure(cls, html_section: Optional[str]) -> Optional[str]:
+        """Extract directory structure information from HTML section."""
+        if not html_section:
+            return None
+
+        soup = BeautifulSoup(html_section, 'html.parser')
+
+        # Look for pre blocks that might contain directory structure
+        pre_blocks = soup.find_all('pre')
+        for block in pre_blocks:
+            text = block.get_text()
+            if '/' in text and (
+                'directory' in text.lower()
+                or 'structure' in text.lower()
+                or 'layer' in text.lower()
+            ):
+                return text
+
+        # Look for paragraphs that might describe directory structure
+        paragraphs = soup.find_all('p')
+        for p in paragraphs:
+            text = p.get_text()
+            if (
+                'directory' in text.lower() and 'structure' in text.lower()
+            ) or 'layer' in text.lower():
+                return text
+
+        return None
+
+    @classmethod
+    def find_layer_content(cls, html: Optional[str]) -> Optional[str]:
+        """Find Lambda layer content using multiple strategies."""
+        if not html:
+            return None
+
+        soup = BeautifulSoup(html, 'html.parser')
+
+        # Strategy 1: Find section by id
+        section = soup.find(id='layers')
+        if section and isinstance(section, Tag):
+            # If we found an anchor, get its parent and look for the actual content
+            if section.name == 'a':
+                parent = section.parent
+                if parent and isinstance(parent, Tag) and parent.name and parent.name[0] == 'h':
+                    # We found a header, extract all content until the next header of same or higher level
+                    content = []
+                    content.append(str(parent))
+
+                    header_level = int(parent.name[1])
+                    sibling = parent.next_sibling
+
+                    while sibling:
+                        if (
+                            isinstance(sibling, Tag)
+                            and sibling.name
+                            and sibling.name[0] == 'h'
+                            and int(sibling.name[1]) <= header_level
+                        ):
+                            break
+                        if isinstance(sibling, Tag) and sibling.name:
+                            content.append(str(sibling))
+                        sibling = sibling.next_sibling
+
+                    return ''.join(content)
+
+        # Strategy 2: Look for headers containing layer keywords
+        for tag in ['h1', 'h2', 'h3', 'h4']:
+            headers = soup.find_all(tag)
+            for header in headers:
+                if not isinstance(header, Tag):
+                    continue
+
+                text = header.get_text().lower()
+                if any(pattern in text for pattern in cls.LAYER_SECTION_PATTERNS):
+                    # Found a relevant header, extract all content until the next header of same or higher level
+                    content = []
+                    content.append(str(header))
+
+                    if not header.name:
+                        continue
+
+                    header_level = int(header.name[1])
+                    sibling = header.next_sibling
+
+                    while sibling:
+                        if (
+                            isinstance(sibling, Tag)
+                            and sibling.name
+                            and sibling.name[0] == 'h'
+                            and int(sibling.name[1]) <= header_level
+                        ):
+                            break
+                        if isinstance(sibling, Tag) and sibling.name:
+                            content.append(str(sibling))
+                        sibling = sibling.next_sibling
+
+                    return ''.join(content)
+
+        # Strategy 3: Look for content div with class="api" or class="props"
+        content_divs = soup.find_all('div', class_=['api', 'props'])
+        if content_divs:
+            return ''.join(str(div) for div in content_divs)
+
+        # Strategy 4: Look for table with class containing 'cdk'
+        tables = soup.find_all('table')
+        for table in tables:
+            if not isinstance(table, Tag):
+                continue
+
+            classes = table.attrs.get('class', [])
+            if not isinstance(classes, list):
+                classes = [str(classes)]
+
+            if any('cdk' in str(cls_name) for cls_name in classes):
+                return str(table)
+
+        return None
+
+    @classmethod
+    async def fetch_lambda_layer_docs(cls) -> Dict[str, Any]:
+        """Fetch Lambda layer documentation from AWS docs."""
+        logger.info('Fetching Lambda layer documentation from AWS')
+
+        # Fetch only the generic page
+        generic_html = await cls.fetch_page(cls.GENERIC_LAYER_URL)
+
+        # Extract relevant sections using our specialized finder
+        generic_layers_section = cls.find_layer_content(generic_html)
+
+        # Extract code examples and directory structure
+        generic_examples = cls.extract_code_examples(generic_layers_section)
+        generic_dir_structure = cls.extract_directory_structure(generic_layers_section)
+
+        # Compile the results
+        result = {
+            'generic_layers': {
+                'examples': generic_examples,
+                'directory_structure': generic_dir_structure,
+                'url': cls.GENERIC_LAYER_URL,
+            }
+        }
+
+        return result

awslabs/cdk_mcp_server/data/solutions_constructs_parser.py

@@ -288,7 +288,7 @@ def extract_services_from_pattern_name(pattern_name: str) -> List[str]:
         'iot': 'IoT Core',
         'elasticsearch': 'Elasticsearch',
         'opensearch': 'OpenSearch',
-        'secretsmanager': 'Secrets Manager',
+        'secretsmanager': 'Secrets Manager',  # pragma: allowlist secret
         'sagemakerendpoint': 'SageMaker Endpoint',
         'stepfunctions': 'Step Functions',
         'wafwebacl': 'WAF Web ACL',

awslabs/cdk_mcp_server/static/CDK_GENERAL_GUIDANCE.md

@@ -45,84 +45,106 @@ cdk diff
 - Generates CloudFormation templates for inspection
 - Provides more informative error messages for debugging
 
-## Decision Flow for CDK Implementation
-
-When implementing AWS infrastructure with CDK, consider these complementary approaches:
-
-1. **For Common Architecture Patterns: AWS Solutions Constructs**
-   - Use the `GetAwsSolutionsConstructPattern` tool to search for patterns that match your use case
-   - Example: `GetAwsSolutionsConstructPattern(services=["lambda", "dynamodb"])`
-   - AWS Solutions Constructs implement AWS best practices by default
-   - For complete documentation: `aws-solutions-constructs://{pattern_name}`
-   - Ideal for REST APIs, serverless backends, data processing pipelines, etc.
-
-2. **For GenAI/AI/ML Use Cases: GenAI CDK Constructs**
-   - Use the `SearchGenAICDKConstructs` tool for specialized AI/ML constructs
-   - These simplify implementation of Bedrock, SageMaker, and other AI services
-   - Perfect for agents, knowledge bases, vector stores, and other GenAI components
-
-   **Installation:**
-
-   ```typescript
-   // TypeScript
-   // Create or use an existing CDK application
-   cdk init app --language typescript
-   // Install the package
-   npm install @cdklabs/generative-ai-cdk-constructs
-   // Import the library
-   import * as genai from '@cdklabs/generative-ai-cdk-constructs';
-   ```
-
-   ```python
-   # Python
-   # Create or use an existing CDK application
-   cdk init app --language python
-   # Install the package
-   pip install cdklabs.generative-ai-cdk-constructs
-   # Import the library
-   import cdklabs.generative_ai_cdk_constructs
-   ```
-
-3. **For All Projects: Apply CDK Nag**
-   - Always apply CDK Nag to ensure security best practices
-   - Use the `ExplainCDKNagRule` tool to understand specific rules
+## CDK Implementation Approach and Workflow
 
-4. **For Custom Requirements: Custom Implementation**
-   - Create custom CDK code when no suitable constructs exist
-   - Follow AWS Well-Architected best practices
+# Compare deployed stack with current state
 
-> **IMPORTANT**: AWS Solutions Constructs and GenAI CDK Constructs are complementary and can be used together in the same project. For example, you might use GenAI CDK Constructs for Bedrock components and AWS Solutions Constructs for the REST API and database layers of your application.
+### Common Architecture Patterns
 
-## Key Principles
+**For standard application architectures:**
 
-- **Security First**: Always implement security best practices by default
-- **Cost Optimization**: Design resources to minimize costs while meeting requirements
-- **Operational Excellence**: Implement proper monitoring, logging, and observability
-- **Serverless-First**: Prefer serverless services when possible
-- **Infrastructure as Code**: Use CDK to define all infrastructure
-- **Use Vetted Patterns**: Prefer AWS Solutions Constructs over custom implementations
-- **Regional Awareness**: Consider regional availability and constraints for services
+- Use the `GetAwsSolutionsConstructPattern` tool to find pre-built patterns
+- AWS Solutions Constructs implement AWS best practices by default
+- Ideal for REST APIs, serverless backends, data processing pipelines, etc.
+- Example: `GetAwsSolutionsConstructPattern(services=["lambda", "dynamodb"])`
+- For complete documentation: `aws-solutions-constructs://{pattern_name}`
 
-## Amazon Bedrock Cross-Region Inference Profiles
+**Key benefits:**
+- Accelerated development with vetted patterns
+- Built-in security and best practices
+- Reduced complexity for multi-service architectures
 
-When working with Amazon Bedrock foundation models, many models (including Claude models, Meta Llama models, and Amazon's own Nova models) require the use of inference profiles rather than direct on-demand usage in specific regions.
+### GenAI/AI/ML Implementations
 
-### Key Considerations
+**For AI/ML and generative AI workloads:**
 
-- **Required for Many Models**: Foundation models like Claude 3 often require inference profiles
-- **Regional Configuration**: Profiles are configured for specific geographic regions (US, EU, APAC)
-- **Error Prevention**: Prevents errors like "Invocation with on-demand throughput isn't supported"
-- **Implementation**: Use the `CrossRegionInferenceProfile` class from the GenAI CDK constructs
+- Use the `SearchGenAICDKConstructs` tool for specialized AI/ML constructs
+- These simplify implementation of Bedrock, SageMaker, and other AI services
+- Perfect for agents, knowledge bases, vector stores, and other GenAI components
 
-For detailed implementation examples, see the `genai-cdk-constructs://bedrock/profiles` resource.
+**Installation:**
 
-### Regional Considerations
+```typescript
+// TypeScript
+npm install @cdklabs/generative-ai-cdk-constructs
+import * as genai from '@cdklabs/generative-ai-cdk-constructs';
+```
+
+```python
+# Python
+pip install cdklabs.generative-ai-cdk-constructs
+import cdklabs.generative_ai_cdk_constructs
+```
 
-- **Model Availability**: Not all foundation models are available in all regions
-- **Performance**: Choose the region closest to your users for optimal latency
-- **Compliance**: Consider data residency requirements when selecting regions
+**Regional considerations for Bedrock:**
+- Many foundation models require inference profiles in specific regions
+- Use `CrossRegionInferenceProfile` class for proper configuration
+- For details: `genai-cdk-constructs://bedrock/profiles`
 
-Always check the [Amazon Bedrock documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/what-is-bedrock.html) for the latest information on model availability and regional constraints.
+### Combined Implementation Patterns
+
+**Important:** AWS Solutions Constructs and GenAI CDK Constructs can be used together in the same project:
+
+- Use GenAI CDK Constructs for Bedrock components (agents, knowledge bases)
+- Use AWS Solutions Constructs for REST APIs, databases, and other infrastructure
+- Apply CDK Nag across all components for security validation
+
+**Example combined architecture:**
+- REST API backend using aws-apigateway-lambda-dynamodb construct
+- Bedrock Agent using GenAI CDK constructs for natural language processing
+- Shared data layer between traditional and AI components
+
+### Implementation Workflow
+
+Follow this step-by-step workflow for developing AWS CDK applications:
+
+1. **Get CDK Guidance**: Start with the **CDKGeneralGuidance** tool to understand best practices.
+
+2. **Initialize CDK Project**: Use `cdk init app` to create your project with proper structure.
+
+3. **Choose Implementation Approach**:
+   - For common patterns: Use **GetAwsSolutionsConstructPattern** tool
+   - For GenAI applications: Use **SearchGenAICDKConstructs** tool
+   - For custom requirements: Develop custom CDK code following best practices
+
+4. **For Lambda Functions**:
+   - For observability: Implement Lambda Powertools (see `lambda-powertools://cdk` for details)
+   - For Lambda layers: Use **LambdaLayerDocumentationProvider** tool
+
+5. **For Bedrock Agents with Action Groups**:
+   - Create Lambda function with BedrockAgentResolver from Lambda Powertools
+   - Use **GenerateBedrockAgentSchema** tool to generate OpenAPI schema
+   - Integrate schema into Agent CDK code
+
+6. **Apply Security Best Practices**:
+   - Always apply CDK Nag to ensure security best practices
+   - Use **ExplainCDKNagRule** tool to understand specific rules
+   - Validate suppressions with **CheckCDKNagSuppressions** tool
+
+7. **Validate and Deploy**:
+   - Run `cdk synth` to check for errors and generate CloudFormation
+   - Ensure all CDK Nag warnings are resolved or properly justified
+   - Deploy using `cdk deploy`
+
+## Key Principles
+
+- **Security First**: Always implement security best practices by default
+- **Cost Optimization**: Design resources to minimize costs while meeting requirements
+- **Operational Excellence**: Implement proper monitoring, logging, and observability
+- **Serverless-First**: Prefer serverless services when possible
+- **Infrastructure as Code**: Use CDK to define all infrastructure
+- **Use Vetted Patterns**: Prefer AWS Solutions Constructs over custom implementations
+- **Regional Awareness**: Consider regional availability and constraints for services
 
 ## AWS Solutions Constructs
 
@@ -148,10 +170,12 @@ To discover available patterns, use the `GetAwsSolutionsConstructPattern` tool.
 CDK Nag ensures your CDK applications follow AWS security best practices. **Always apply CDK Nag to all stacks.**
 
 **When to use CDK Nag tools:**
+
 - **ExplainCDKNagRule**: When encountering warnings that need remediation
 - **CheckCDKNagSuppressions**: During code reviews to verify suppression justifications
 
 Key security practices:
+
 - Follow least privilege for IAM
 - Secure S3 buckets with encryption and access controls
 - Implement secure authentication with Cognito
@@ -161,6 +185,10 @@ Key security practices:
 
 **Always implement Lambda Powertools** for structured logging, tracing, and metrics. For detailed guidance, use the `lambda-powertools://cdk` resource.
 
+> **CRITICAL**: Lambda Powertools libraries are NOT included in the default Lambda runtime. You MUST create a Lambda layer to include these dependencies. Use the **LambdaLayerDocumentationProvider** tool for comprehensive guidance on creating and configuring Lambda layers.
+
+**Critical for Bedrock Agents**: When creating Bedrock Agents with Action Groups, use BedrockAgentResolver from Lambda Powertools with the **GenerateBedrockAgentSchema** tool to generate the required OpenAPI schema.
+
 ## Tool Selection Guide
 
 Match CDK tasks to appropriate tools:
@@ -171,110 +199,6 @@ Match CDK tasks to appropriate tools:
 | Understand CDK Nag rules | ExplainCDKNagRule | ❌ Ignoring security warnings without understanding remediation steps |
 | Find architecture patterns | GetAwsSolutionsConstructPattern | ❌ Building common patterns from scratch instead of using vetted constructs |
 | Implement GenAI features | SearchGenAICDKConstructs | ❌ Building GenAI components without specialized constructs |
-| Add Lambda observability | lambda-powertools://cdk | ❌ Missing Layer creation, structured logging and monitoring |
+| Access Lambda layer docs | LambdaLayerDocumentationProvider | ❌ Missing proper Lambda layer structure or configuration |
+| Add Lambda observability | lambda-powertools://cdk | ❌ Missing Lambda layer for Powertools or incomplete monitoring setup |
 | Audit CDK Nag suppressions | CheckCDKNagSuppressions | ❌ Insufficient documentation for security suppressions |
-
-## Lambda Powertools Implementation
-
-> **CRITICAL:** All Lambda functions should implement Lambda Powertools for proper observability.
-
-**Key requirements:**
-- Use language-specific constructs (PythonFunction, NodejsFunction)
-- Include Powertools dependencies with appropriate extras
-- Configure required environment variables
-- Create Lambda layers when needed
-
-**Example Lambda layer for Python:**
-```typescript
-const lambdaPowertoolsLayer = new PythonLayerVersion(this, "LambdaPowertoolsLayer", {
-  entry: path.join("src", "layers", "aws_lambda_powertools"),
-  compatibleRuntimes: [Runtime.PYTHON_3_13],
-  description: "Lambda Powertools for Python",
-});
-```
-
-For complete implementation details and examples for all languages, see the [lambda-powertools://cdk](lambda-powertools://cdk) resource.
-
-## CDK Implementation Workflow
-
-```mermaid
-graph TD
-    Start([Start]) --> Init["cdk init app"]
-
-    Init --> B{Choose Approach}
-    B -->|"Common Patterns"| C1["GetAwsSolutionsConstructPattern"]
-    B -->|"GenAI Features"| C2["SearchGenAICDKConstructs"]
-    B -->|"Custom Needs"| C3["Custom CDK Code"]
-
-    C1 --> D1["Implement Solutions Construct"]
-    C2 --> D2["Implement GenAI Constructs"]
-    C3 --> D3["Implement Custom Resources"]
-
-    %% Bedrock Agent with Action Groups specific flow
-    D2 -->|"For Bedrock Agents<br/>with Action Groups"| BA["Create Lambda with<br/>BedrockAgentResolver"]
-
-    %% Schema generation flow
-    BA --> BS["GenerateBedrockAgentSchema"]
-    BS -->|"Success"| JSON["openapi.json created"]
-    BS -->|"Import Errors"| BSF["Tool generates<br/>generate_schema.py"]
-    BSF --> BSR["Run script manually:<br/>python generate_schema.py"]
-    BSR --> JSON["openapi.json created"]
-
-    %% Use schema in Agent CDK
-    JSON --> AgentCDK["Use schema in<br/>Agent CDK code"]
-    AgentCDK --> D2
-
-    %% Conditional Lambda Powertools implementation
-    D1 & D2 & D3 --> HasLambda{"Using Lambda<br/>Functions?"}
-    HasLambda -->|"Yes"| L["Add Lambda Powertools<br/>and create Layer"]
-    HasLambda -->|"No"| SkipL["Skip Lambda<br/>Powertools"]
-
-    %% Rest of workflow
-    L --> Synth["cdk synth"]
-    SkipL --> Synth
-
-    Synth --> Nag{"CDK Nag<br/>warnings?"}
-    Nag -->|Yes| E["ExplainCDKNagRule"]
-    Nag -->|No| Deploy["cdk deploy"]
-
-    E --> Fix["Fix or Add Suppressions"]
-    Fix --> CN["CheckCDKNagSuppressions"]
-    CN --> Synth
-
-    %% Styling with darker colors
-    classDef default fill:#424242,stroke:#ffffff,stroke-width:1px,color:#ffffff;
-    classDef cmd fill:#4a148c,stroke:#ffffff,stroke-width:1px,color:#ffffff;
-    classDef tool fill:#01579b,stroke:#ffffff,stroke-width:1px,color:#ffffff;
-    classDef note fill:#1b5e20,stroke:#ffffff,stroke-width:1px,color:#ffffff;
-    classDef output fill:#006064,stroke:#ffffff,stroke-width:1px,color:#ffffff;
-    classDef decision fill:#5d4037,stroke:#ffffff,stroke-width:1px,color:#ffffff;
-
-    class Init,Synth,Deploy,BSR cmd;
-    class C1,C2,BS,E,CN tool;
-    class JSON output;
-    class HasLambda,Nag decision;
-```
-
-## Available MCP Tools
-
-This MCP server provides several tools to help you implement AWS CDK best practices:
-
-1. **CDKGeneralGuidance**: This document - general CDK best practices
-2. **ExplainCDKNagRule**: Explain a specific CDK Nag rule with AWS Well-Architected guidance
-3. **CheckCDKNagSuppressions**: Check if CDK code contains Nag suppressions that require human review
-4. **GenerateBedrockAgentSchema**: Generate OpenAPI schema for Bedrock Agent Action Groups from Lambda functions
-5. **GetAwsSolutionsConstructPattern**: Search and discover AWS Solutions Constructs patterns
-6. **SearchGenAICDKConstructs**: Search for GenAI CDK constructs by name or type
-
-## Available MCP Resources
-
-This MCP server also provides several resources for accessing documentation:
-
-1. **cdk-nag://rules/{rule_pack}**: Get all rules for a specific CDK Nag rule pack
-2. **cdk-nag://warnings/{rule_pack}**: Get warnings for a specific CDK Nag rule pack
-3. **cdk-nag://errors/{rule_pack}**: Get errors for a specific CDK Nag rule pack
-4. **lambda-powertools://{topic}**: Get Lambda Powertools guidance on a specific topic
-5. **aws-solutions-constructs://{pattern_name}**: Get complete documentation for an AWS Solutions Constructs pattern
-6. **genai-cdk-constructs://{construct_type}/{construct_name}**: Get documentation for a GenAI CDK construct
-
-Always check for these tools and resources when implementing CDK infrastructure to ensure you're following AWS best practices.

awslabs/cdk_mcp_server/static/genai_cdk/bedrock/knowledgebases/vector/pinecone.md

@@ -8,7 +8,7 @@ import { pinecone, bedrock } from '@cdklabs/generative-ai-cdk-constructs';
 
 const pineconeds = new pinecone.PineconeVectorStore({
   connectionString: 'https://your-index-1234567.svc.gcp-starter.pinecone.io',
-  credentialsSecretArn: 'arn:aws:secretsmanager:your-region:123456789876:secret:your-key-name',
+  credentialsSecretArn: 'arn:aws:secretsmanager:your-region:123456789876:secret:your-key-name', # pragma: allowlist secret
   textField: 'question',
   metadataField: 'metadata',
 });
@@ -43,7 +43,7 @@ from cdklabs.generative_ai_cdk_constructs import (
 
 pineconevs = pinecone.PineconeVectorStore(
             connection_string='https://your-index-1234567.svc.gcp-starter.pinecone.io',
-            credentials_secret_arn='arn:aws:secretsmanager:your-region:123456789876:secret:your-key-name',
+            credentials_secret_arn='arn:aws:secretsmanager:your-region:123456789876:secret:your-key-name', # pragma: allowlist secret
             text_field='question',
             metadata_field='metadata'
         )