AWS CDK MCP Server
Official AWS Labs MCP server that guides agents through AWS CDK development with prescriptive patterns, CDK Nag security validation, and Solutions Constructs discovery.
The AWS CDK MCP Server is an official AWS Labs server that gives AI coding agents prescriptive guidance for building AWS infrastructure with the Cloud Development Kit. It surfaces vetted patterns from AWS Solutions Constructs, GenAI CDK constructs, and Lambda Powertools, and helps agents reason about CDK Nag security and compliance rules before generating or modifying CDK code.
The server is documentation and pattern oriented rather than action oriented: it does not deploy stacks or call the AWS control plane. Instead it provides tools and resources that an agent can call to look up the right construct, generate a Bedrock Agent OpenAPI schema, explain a specific CDK Nag rule, or check whether existing CDK code contains Nag suppressions that need human review. This makes it safe to run without AWS credentials, while still steering agents toward Well Architected and secure-by-default implementations.
It is part of the broader awslabs/mcp monorepo, which contains dozens of AWS focused MCP servers. The CDK server is published to PyPI as awslabs.cdk-mcp-server and is intended to be run via uvx or Docker alongside an MCP client such as Claude Desktop, Cursor, or Amazon Q Developer.
Tools
| Tool | Description |
|---|---|
CDKGeneralGuidance |
Returns prescriptive advice for building AWS applications with the CDK, including recommended structure and decision flow. |
GetAwsSolutionsConstructPattern |
Looks up vetted AWS Solutions Constructs patterns that combine multiple AWS services into a single L3 construct. |
SearchGenAICDKConstructs |
Discovers GenAI CDK constructs (Bedrock, Agents, Knowledge Bases, etc.) by name or feature. |
GenerateBedrockAgentSchema |
Creates an OpenAPI schema for a Bedrock Agent action group, with a fallback script if direct generation fails. |
LambdaLayerDocumentationProvider |
Returns documentation and guidance for implementing AWS Lambda layers, including Lambda Powertools. |
ExplainCDKNagRule |
Explains a specific CDK Nag rule with AWS Well Architected context so agents can decide how to remediate. |
CheckCDKNagSuppressions |
Scans CDK code for CDK Nag suppressions that may require human review and flags undocumented justifications. |
Prerequisites
- Install
uvfrom Astral (the Python package manager used to launch the server) - Install Python 3.10 with
uv python install 3.10 - Install the AWS CDK CLI:
npm install -g aws-cdk(used by your generated CDK app, not by the server itself)
No AWS credentials are required to run the server, since it provides guidance, pattern lookup, and Nag rule explanations rather than deployment actions.
Install and configure (uvx)
Add the server to your MCP client config (Claude Desktop, Cursor, Amazon Q, etc.):
{
"mcpServers": {
"awslabs.cdk-mcp-server": {
"command": "uvx",
"args": ["awslabs.cdk-mcp-server@latest"],
"env": {
"FASTMCP_LOG_LEVEL": "ERROR"
},
"disabled": false,
"autoApprove": []
}
}
}
Docker alternative
Clone the awslabs/mcp repo, then from src/cdk-mcp-server:
docker build -t awslabs/cdk-mcp-server .
Point your MCP client at the resulting image instead of uvx.
Environment variables
FASTMCP_LOG_LEVEL: log verbosity for the underlying FastMCP runtime.ERRORis recommended for production use.
MCP resources
The server also exposes URI based resources that an agent can read directly:
cdk-nag://rules/{rule_pack}aws-solutions-constructs://{pattern_name}genai-cdk-constructs://{construct_type}/{construct_name}lambda-powertools://{topic}
- Generate a new CDK stack that follows AWS Solutions Constructs patterns instead of hand wiring L1/L2 resources, with the agent pulling the right pattern via
GetAwsSolutionsConstructPattern. - Audit an existing CDK project for CDK Nag suppressions and surface any that lack a documented justification before code review.
- Have an agent explain a failing CDK Nag rule (for example
AwsSolutions-IAM5) and propose a Well Architected aligned fix rather than blindly adding a suppression. - Scaffold a Bedrock Agent action group by generating the required OpenAPI schema directly from a Lambda handler definition.
- Discover and wire up GenAI CDK constructs (Bedrock Knowledge Bases, Agents, etc.) when building generative AI infrastructure on AWS.
- "Build me a CDK stack for an S3 to Lambda to DynamoDB pipeline using AWS Solutions Constructs."
- "Scan this CDK app and list any CDK Nag suppressions that don't have a written justification."
- "Explain the CDK Nag rule AwsSolutions-IAM5 and rewrite my IAM policy so it passes."
- "Generate an OpenAPI schema for a Bedrock Agent action group backed by this Lambda handler."
- "Find a GenAI CDK construct for a Bedrock Knowledge Base with an OpenSearch Serverless vector store and show me how to use it."
- Officially maintained by AWS Labs as part of the awslabs/mcp monorepo.
- Bakes in security guidance via CDK Nag and Well Architected context, not just code generation.
- Covers a broad surface area: general CDK guidance, Solutions Constructs, GenAI constructs, Lambda Powertools, and Bedrock Agent schemas.
- Safe to run without AWS credentials since it is read only and documentation focused.
- Provides guidance and lookups only. It does not synthesize, deploy, or diff CDK stacks against a live AWS account.
- Some sources indicate the CDK server may be consolidated into a broader AWS IaC MCP server in the future, so the exact tool surface could shift.
- Python 3.10 plus
uvis required, which is heavier setup than a pure Node based MCP server.
- AWS CloudFormation / IaC MCP Server (awslabs/mcp) for broader infrastructure as code coverage including CloudFormation.
- AWS Terraform MCP Server (awslabs/mcp) if you author infrastructure in Terraform/HCL instead of CDK.
- AWS Documentation MCP Server (awslabs/mcp) for general AWS service documentation lookups outside of CDK specific patterns.