Seeking Advice on Securing MCP Servers Hosted on AWS Lambdas #2821
Unanswered
Chris-Marais-Caci
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Good afternoon,
I’m looking for some advice and information on how others are structuring access to their MCP servers hosted on AWS Lambdas.
We’ve had initial success in hosting several MCP servers on Lambdas that perform basic functions for our company. Some of these servers access databases for data products, while others interact with internal APIs.
Currently, these tools are fronted by an AWS API Gateway, with endpoints accessible using gateway tokens to control access and track usage by department. We have various agents hosted in different AWS accounts interacting with these common MCP tool servers.
This setup has worked well so far, but as we've built more complex tools, we've encountered limitations. Specifically, we’re hitting the API Gateway's 30-second timeout limit while trying to manage long-running requests that utilize the full 15-minute Lambda execution time.
I’m curious to hear how others are securing their Lambdas and enabling agents in different AWS accounts to engage with long-running tool requests. Any insights or best practices would be greatly appreciated!
Thank you!
Chris
Beta Was this translation helpful? Give feedback.
All reactions