AWS bedrock-agentcore documentation change
Summary
Added detailed instructions for URL-encoding agent ARNs and constructing endpoint URLs for MCP Inspector testing
Security assessment
Improves testing documentation without security implications. The Bearer token authentication mention is standard and not a new security feature.
Diff
diff --git a/bedrock-agentcore/latest/devguide/runtime-mcp.md b/bedrock-agentcore/latest/devguide/runtime-mcp.md index 67a6b6aeb..67e62f50b 100644 --- a//bedrock-agentcore/latest/devguide/runtime-mcp.md +++ b//bedrock-agentcore/latest/devguide/runtime-mcp.md @@ -1024 +1024 @@ To use the Inspector: -You can also test your deployed server using the MCP Inspector: +You can also test your deployed server using the MCP Inspector. First, URL-encode your agent ARN: @@ -1026 +1026,14 @@ You can also test your deployed server using the MCP Inspector: - 1. Open the MCP Inspector: `npx @modelcontextprotocol/inspector` + + export AGENT_ARN="arn:aws:bedrock-agentcore:us-west-2:123456789012:runtime/my_mcp_server-xyz123" + echo -n $AGENT_ARN | jq -sRr '@uri' + +This outputs the URL-encoded ARN: + + + arn%3Aaws%3Abedrock-agentcore%3Aus-west-2%3A123456789012%3Aruntime%2Fmy_mcp_server-xyz123 + +Then connect with the MCP Inspector: + + 1. Start the MCP Inspector: + + npx @modelcontextprotocol/inspector @@ -1032 +1045,5 @@ You can also test your deployed server using the MCP Inspector: - * Enter your agent's endpoint URL, which will look like: `https://bedrock-agentcore.us-west-2.amazonaws.com/runtimes/arn%3Aaws%3Abedrock-agentcore%3Aus-west-2%3A`accountId`%3Aruntime%2F`runtimeName`/invocations?qualifier=DEFAULT` + * Enter your agent's endpoint URL using the encoded ARN. Make sure to use the same region as your agent's ARN: + + https://bedrock-agentcore.REGION.amazonaws.com/runtimes/ENCODED_ARN/invocations?qualifier=DEFAULT + +Example for us-west-2: @@ -1034 +1051 @@ You can also test your deployed server using the MCP Inspector: - * Make sure to URL-encode your agent runtime ARN when constructing the endpoint URL. The colon (:) characters become %3A and forward slashes (/) become %2F in the encoded URL. + https://bedrock-agentcore.us-west-2.amazonaws.com/runtimes/arn%3Aaws%3Abedrock-agentcore%3Aus-west-2%3A123456789012%3Aruntime%2Fmy_mcp_server-xyz123/invocations?qualifier=DEFAULT @@ -1036 +1053 @@ You can also test your deployed server using the MCP Inspector: - * Add your Bearer token under authentication + * Add your Bearer token in the Authentication section with header name `Authorization` and value `Bearer `YOUR_TOKEN``