This repository contains a reference implementation for bridging AWS API MCP Server with chat channels such as Telegram and WhatsApp. This is also the prototype that been used as demonstration in my session titled "Chatting with your AWS Infrastructure on-the-go: The Power of AWS API MCP Server" for AWS Community Day Indonesia 2025.
This solution means to demonstrate initial capabilities and not intended for production workload. Configurations such as permissive IAM policies, publicly accessible endpoint, and simplified authentication mechanisms, are intentionally relaxed for demonstration purposes and must be hardened before any production deployment.
Please also remember that AI can make mistakes!
Always verify and validate outputs and if possible implement traditional-logic handling before applying them in a production or critical environment especially when you configure AWS API MCP Server with priviledged access. The author assume no responsibility for any unintended or adverse effects this solution may have on your workload or environment when deploying to production.
These instructions help you recreate the sandbox environment, deploy the AWS resources, and connect the chat channels for end-to-end conversations powered by Bedrock.
-
Clone the repository.
git clone https://github.com/revawiki/aws-api-mcp-chatbot-integration.git cd aws-api-mcp-chatbot-integration -
Provision core AWS resources.
- Deploy and provision all AWS resource needed by following the specification guide in
spec/. - This prototype resources are purely provisioned via AWS console, for terraform or aws-cli approach please follow all
spec/detail.
- Deploy and provision all AWS resource needed by following the specification guide in
-
Details for Lambda environment variables.
MCP_HOST: Hostname of the MCP server (EC2 instance).SESSION_TABLE_NAME: Name of the DynamoDB table (wiki-dynamo-sandbox).INTEGRATION_AUTH_TOKEN: A simple bearer token for webhook auth. You can use this token-generator or generate locally using cryptic generation.INTEGRATION_API_TOKEN:- for WhatsApp: Fill with Fonnte device token.
- for Telegram: Fill with Telegram bot token.
-
Verify Bedrock access.
- Confirm the Lambda execution role can invoke the required Bedrock models via the Converse API.
- Review
spec/iam-role.mdfor least-privilege policy guidance.
-
Telegram Bot
- With an active Telegram account, follow guidance on
channel/telegram-bot.md. - Verify the listener Lambda receives inbound messages and that the responder calls Telegram’s sendMessage API.
- With an active Telegram account, follow guidance on
-
WhatsApp via Fonnte
- Register to Fonnte and follow guidance on
channel/fonnte-whatsapp.md. - Verify the listener Lambda receives inbound messages and that the responder calls Fonnte’s send API.
- Register to Fonnte and follow guidance on
-
Event Routing
- Ensure EventBridge rules forward listener events (
lambda.telegram.listener,lambda.whatsapp.listener) to the matching responder Lambdas. - Validate end-to-end flows through CloudWatch Logs and channel clients.
- Ensure EventBridge rules forward listener events (
- Amazon Lambda for listener and responder functions.
- Amazon EventBridge for message fan-out between listeners and responders.
- Amazon DynamoDB for session and state persistence.
- Amazon Bedrock for generative responses.
- Amazon EC2 for hosting the MCP server.
- AWS API MCP Server for FM to communicate with AWS infrastructure.
- Docker & Docker-Compose for running the MCP server.
- AWS Labs Team for a great breakthrough.
- AWS User Group Indonesia for giving me a chance to share this prototype.
If you have questions about the project, feel free to reach out to reva.wiki@gmail.com. Thank you!