Serverless MCP

Overview Schema Related Servers Score Discussions

serverless-mcp
test
__snapshots__

index.test.ts.snap

index.test.ts.snap•98 kB

// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html exports[`GitHubOidc Stack > should match CDK snapshot 1`] = ` { "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value<String>", }, }, "Resources": { "CustomAWSCDKOpenIdConnectProviderCustomResourceProviderHandlerF2C543E0": { "DependsOn": [ "CustomAWSCDKOpenIdConnectProviderCustomResourceProviderRole517FED65", ], "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Handler": "__entrypoint__.handler", "MemorySize": 128, "Role": { "Fn::GetAtt": [ "CustomAWSCDKOpenIdConnectProviderCustomResourceProviderRole517FED65", "Arn", ], }, "Runtime": "nodejs22.x", "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CustomAWSCDKOpenIdConnectProviderCustomResourceProviderRole517FED65": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Sub": "arn:\${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", }, ], "Policies": [ { "PolicyDocument": { "Statement": [ { "Action": [ "iam:CreateOpenIDConnectProvider", "iam:DeleteOpenIDConnectProvider", "iam:UpdateOpenIDConnectProviderThumbprint", "iam:AddClientIDToOpenIDConnectProvider", "iam:RemoveClientIDFromOpenIDConnectProvider", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "Inline", }, ], }, "Type": "AWS::IAM::Role", }, "DeployRole885297C3": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRoleWithWebIdentity", "Condition": { "StringEquals": { "token.actions.githubusercontent.com:aud": "sts.amazonaws.com", }, "StringLike": { "token.actions.githubusercontent.com:sub": "repo:hteek/serverless-mcp:*", }, }, "Effect": "Allow", "Principal": { "Federated": { "Ref": "GithubProvider1CDE27EB", }, }, }, ], "Version": "2012-10-17", }, "Description": "GitHub Actions CDK deploy role for serverless-mcp", "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/AdministratorAccess", ], ], }, ], "MaxSessionDuration": 3600, "RoleName": "github-actions-role-serverless-mcp", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "GithubProvider1CDE27EB": { "DeletionPolicy": "Delete", "Properties": { "ClientIDList": [ "sts.amazonaws.com", ], "CodeHash": "62fa02efcaa700e1c247e1d3cc2aa0cd07a0808a9a3e3d2230e51f57a02233fb", "RejectUnauthorized": false, "ServiceToken": { "Fn::GetAtt": [ "CustomAWSCDKOpenIdConnectProviderCustomResourceProviderHandlerF2C543E0", "Arn", ], }, "Url": "https://token.actions.githubusercontent.com", }, "Type": "Custom::AWSCDKOpenIdConnectProvider", "UpdateReplacePolicy": "Delete", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `; exports[`ServerlessMcp Stack > should match CDK snapshot 1`] = ` { "Mappings": { "AWSCloudFrontPartitionHostedZoneIdMap": { "aws": { "zoneId": "Z2FDTNDATAQYW2", }, "aws-cn": { "zoneId": "Z3RFFRIM2A3IF5", }, }, "CloudwatchlambdainsightsversionMap": { "af-south-1": { "1x0x275x0xarm64": "arn:aws:lambda:af-south-1:012438385374:layer:LambdaInsightsExtension-Arm64:14", }, "ap-east-1": { "1x0x275x0xarm64": "arn:aws:lambda:ap-east-1:519774774795:layer:LambdaInsightsExtension-Arm64:14", }, "ap-northeast-1": { "1x0x275x0xarm64": "arn:aws:lambda:ap-northeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:27", }, "ap-northeast-2": { "1x0x275x0xarm64": "arn:aws:lambda:ap-northeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:15", }, "ap-northeast-3": { "1x0x275x0xarm64": "arn:aws:lambda:ap-northeast-3:194566237122:layer:LambdaInsightsExtension-Arm64:13", }, "ap-south-1": { "1x0x275x0xarm64": "arn:aws:lambda:ap-south-1:580247275435:layer:LambdaInsightsExtension-Arm64:18", }, "ap-south-2": { "1x0x275x0xarm64": "arn:aws:lambda:ap-south-2:891564319516:layer:LambdaInsightsExtension-Arm64:2", }, "ap-southeast-1": { "1x0x275x0xarm64": "arn:aws:lambda:ap-southeast-1:580247275435:layer:LambdaInsightsExtension-Arm64:16", }, "ap-southeast-2": { "1x0x275x0xarm64": "arn:aws:lambda:ap-southeast-2:580247275435:layer:LambdaInsightsExtension-Arm64:16", }, "ap-southeast-3": { "1x0x275x0xarm64": "arn:aws:lambda:ap-southeast-3:439286490199:layer:LambdaInsightsExtension-Arm64:14", }, "ca-central-1": { "1x0x275x0xarm64": "arn:aws:lambda:ca-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:14", }, "eu-central-1": { "1x0x275x0xarm64": "arn:aws:lambda:eu-central-1:580247275435:layer:LambdaInsightsExtension-Arm64:16", }, "eu-north-1": { "1x0x275x0xarm64": "arn:aws:lambda:eu-north-1:580247275435:layer:LambdaInsightsExtension-Arm64:14", }, "eu-south-1": { "1x0x275x0xarm64": "arn:aws:lambda:eu-south-1:339249233099:layer:LambdaInsightsExtension-Arm64:14", }, "eu-south-2": { "1x0x275x0xarm64": "arn:aws:lambda:eu-south-2:352183217350:layer:LambdaInsightsExtension-Arm64:2", }, "eu-west-1": { "1x0x275x0xarm64": "arn:aws:lambda:eu-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:16", }, "eu-west-2": { "1x0x275x0xarm64": "arn:aws:lambda:eu-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:16", }, "eu-west-3": { "1x0x275x0xarm64": "arn:aws:lambda:eu-west-3:580247275435:layer:LambdaInsightsExtension-Arm64:14", }, "me-south-1": { "1x0x275x0xarm64": "arn:aws:lambda:me-south-1:285320876703:layer:LambdaInsightsExtension-Arm64:14", }, "sa-east-1": { "1x0x275x0xarm64": "arn:aws:lambda:sa-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:14", }, "us-east-1": { "1x0x275x0xarm64": "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension-Arm64:16", }, "us-east-2": { "1x0x275x0xarm64": "arn:aws:lambda:us-east-2:580247275435:layer:LambdaInsightsExtension-Arm64:18", }, "us-west-1": { "1x0x275x0xarm64": "arn:aws:lambda:us-west-1:580247275435:layer:LambdaInsightsExtension-Arm64:14", }, "us-west-2": { "1x0x275x0xarm64": "arn:aws:lambda:us-west-2:580247275435:layer:LambdaInsightsExtension-Arm64:16", }, }, }, "Parameters": { "BootstrapVersion": { "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", "Type": "AWS::SSM::Parameter::Value<String>", }, }, "Resources": { "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { "DependsOn": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", ], "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, }, "Type": "AWS::Lambda::Function", }, "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "CertificateCertificateRequestorFunction5E845413": { "DependsOn": [ "CertificateCertificateRequestorFunctionServiceRoleDefaultPolicy3C8845BC", "CertificateCertificateRequestorFunctionServiceRoleC04C13DA", ], "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Handler": "index.certificateRequestHandler", "Role": { "Fn::GetAtt": [ "CertificateCertificateRequestorFunctionServiceRoleC04C13DA", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "CertificateCertificateRequestorFunctionServiceRoleC04C13DA": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "CertificateCertificateRequestorFunctionServiceRoleDefaultPolicy3C8845BC": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "acm:RequestCertificate", "acm:DescribeCertificate", "acm:DeleteCertificate", "acm:AddTagsToCertificate", ], "Effect": "Allow", "Resource": "*", }, { "Action": "route53:GetChange", "Effect": "Allow", "Resource": "*", }, { "Action": "route53:changeResourceRecordSets", "Condition": { "ForAllValues:StringEquals": { "route53:ChangeResourceRecordSetsActions": [ "UPSERT", ], "route53:ChangeResourceRecordSetsRecordTypes": [ "CNAME", ], }, "ForAllValues:StringLike": { "route53:ChangeResourceRecordSetsNormalizedRecordNames": [ "*.serverless-mcp.net", "*.serverless-mcp.net", ], }, }, "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":route53:::hostedzone/Z009892610XYPY0CAB0W5", ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "CertificateCertificateRequestorFunctionServiceRoleDefaultPolicy3C8845BC", "Roles": [ { "Ref": "CertificateCertificateRequestorFunctionServiceRoleC04C13DA", }, ], }, "Type": "AWS::IAM::Policy", }, "CertificateCertificateRequestorResource2890C6B7": { "DeletionPolicy": "Delete", "Properties": { "DomainName": "serverless-mcp.net", "HostedZoneId": "Z009892610XYPY0CAB0W5", "Region": "us-east-1", "ServiceToken": { "Fn::GetAtt": [ "CertificateCertificateRequestorFunction5E845413", "Arn", ], }, "SubjectAlternativeNames": [ "*.serverless-mcp.net", ], "Tags": { "Project": "serverless-mcp", }, }, "Type": "AWS::CloudFormation::CustomResource", "UpdateReplacePolicy": "Delete", }, "ClientFunctionEC7DE9EE": { "DependsOn": [ "ClientFunctionServiceRoleDefaultPolicyA52260F3", "ClientFunctionServiceRole479B8DD0", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "ClientFunctionRole7402435C", "Arn", ], }, "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", "TABLE": { "Ref": "TableCD117FA1", }, }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "ClientFunctionServiceRole479B8DD0", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "ClientFunctionFunctionUrl2C8617D2": { "Properties": { "AuthType": "NONE", "Cors": { "AllowCredentials": true, "AllowHeaders": [ "*", ], "AllowMethods": [ "*", ], "AllowOrigins": [ "*", ], }, "InvokeMode": "BUFFERED", "TargetFunctionArn": { "Fn::GetAtt": [ "ClientFunctionEC7DE9EE", "Arn", ], }, }, "Type": "AWS::Lambda::Url", }, "ClientFunctionLogRetention791B1AFF": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "ClientFunctionEC7DE9EE", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "ClientFunctionRole7402435C": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "ClientFunctionServiceRole479B8DD0", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "ClientFunctionRoleDefaultPolicy9FD3C590": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "dynamodb:BatchGetItem", "dynamodb:ConditionCheckItem", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", ], "Condition": { "ForAllValues:StringLike": { "dynamodb:LeadingKeys": [ "\${aws:PrincipalTag/TenantID}#*", "public#*", ], }, }, "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "TableCD117FA1", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "TableCD117FA1", "Arn", ], }, "/index/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "ClientFunctionRoleDefaultPolicy9FD3C590", "Roles": [ { "Ref": "ClientFunctionRole7402435C", }, ], }, "Type": "AWS::IAM::Policy", }, "ClientFunctionServiceRole479B8DD0": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "ClientFunctionServiceRoleDefaultPolicyA52260F3": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "ClientFunctionServiceRoleDefaultPolicyA52260F3", "Roles": [ { "Ref": "ClientFunctionServiceRole479B8DD0", }, ], }, "Type": "AWS::IAM::Policy", }, "ClientFunctioninvokefunctionA8BF01D1": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "ClientFunctionEC7DE9EE", "Arn", ], }, "InvokedViaFunctionUrl": true, "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "ClientFunctioninvokefunctionurl399766B6": { "Properties": { "Action": "lambda:InvokeFunctionUrl", "FunctionName": { "Fn::GetAtt": [ "ClientFunctionEC7DE9EE", "Arn", ], }, "FunctionUrlAuthType": "NONE", "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "ClientsFunction1C0C2EE7": { "DependsOn": [ "ClientsFunctionServiceRoleDefaultPolicyB9518D77", "ClientsFunctionServiceRoleF8C25029", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "ClientsFunctionRoleC749EEC8", "Arn", ], }, "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", "TABLE": { "Ref": "TableCD117FA1", }, "USER_POOL_ID": { "Ref": "UserPool6BA7E5F2", }, }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "ClientsFunctionServiceRoleF8C25029", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "ClientsFunctionFunctionUrlC01333B8": { "Properties": { "AuthType": "NONE", "Cors": { "AllowCredentials": true, "AllowHeaders": [ "*", ], "AllowMethods": [ "*", ], "AllowOrigins": [ "*", ], }, "InvokeMode": "BUFFERED", "TargetFunctionArn": { "Fn::GetAtt": [ "ClientsFunction1C0C2EE7", "Arn", ], }, }, "Type": "AWS::Lambda::Url", }, "ClientsFunctionLogRetention8CF70D6A": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "ClientsFunction1C0C2EE7", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "ClientsFunctionRoleC749EEC8": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "ClientsFunctionServiceRoleF8C25029", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "ClientsFunctionRoleDefaultPolicyDCE9675D": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "dynamodb:BatchWriteItem", "dynamodb:DeleteItem", "dynamodb:PutItem", "dynamodb:UpdateItem", ], "Condition": { "ForAllValues:StringLike": { "dynamodb:LeadingKeys": [ "\${aws:PrincipalTag/TenantID}#*", "public#*", ], }, }, "Effect": "Allow", "Resource": { "Fn::GetAtt": [ "TableCD117FA1", "Arn", ], }, }, { "Action": [ "dynamodb:BatchGetItem", "dynamodb:ConditionCheckItem", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", ], "Condition": { "ForAllValues:StringLike": { "dynamodb:LeadingKeys": [ "\${aws:PrincipalTag/TenantID}#*", "public#*", ], }, }, "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "TableCD117FA1", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "TableCD117FA1", "Arn", ], }, "/index/*", ], ], }, ], }, { "Action": [ "cognito-idp:CreateUserPoolClient", "cognito-idp:DescribeUserPoolClient", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:aws:cognito-idp:", { "Ref": "AWS::Region", }, ":", { "Ref": "AWS::AccountId", }, ":userpool/", { "Ref": "UserPool6BA7E5F2", }, ], ], }, }, ], "Version": "2012-10-17", }, "PolicyName": "ClientsFunctionRoleDefaultPolicyDCE9675D", "Roles": [ { "Ref": "ClientsFunctionRoleC749EEC8", }, ], }, "Type": "AWS::IAM::Policy", }, "ClientsFunctionServiceRoleDefaultPolicyB9518D77": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "ClientsFunctionServiceRoleDefaultPolicyB9518D77", "Roles": [ { "Ref": "ClientsFunctionServiceRoleF8C25029", }, ], }, "Type": "AWS::IAM::Policy", }, "ClientsFunctionServiceRoleF8C25029": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "ClientsFunctioninvokefunction14C72F5F": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "ClientsFunction1C0C2EE7", "Arn", ], }, "InvokedViaFunctionUrl": true, "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "ClientsFunctioninvokefunctionurl98F1D0F6": { "Properties": { "Action": "lambda:InvokeFunctionUrl", "FunctionName": { "Fn::GetAtt": [ "ClientsFunction1C0C2EE7", "Arn", ], }, "FunctionUrlAuthType": "NONE", "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "DefaultFunction1A91F45E": { "DependsOn": [ "DefaultFunctionServiceRoleDefaultPolicy9C59EE69", "DefaultFunctionServiceRole77A8332B", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "DefaultFunctionRoleADDFA9BE", "Arn", ], }, "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "DefaultFunctionServiceRole77A8332B", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "DefaultFunctionFunctionUrlF50C4F5E": { "Properties": { "AuthType": "NONE", "Cors": { "AllowCredentials": true, "AllowHeaders": [ "*", ], "AllowMethods": [ "*", ], "AllowOrigins": [ "*", ], }, "InvokeMode": "BUFFERED", "TargetFunctionArn": { "Fn::GetAtt": [ "DefaultFunction1A91F45E", "Arn", ], }, }, "Type": "AWS::Lambda::Url", }, "DefaultFunctionLogRetention8E8AA961": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "DefaultFunction1A91F45E", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "DefaultFunctionRoleADDFA9BE": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "DefaultFunctionServiceRole77A8332B", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "DefaultFunctionServiceRole77A8332B": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "DefaultFunctionServiceRoleDefaultPolicy9C59EE69": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "DefaultFunctionServiceRoleDefaultPolicy9C59EE69", "Roles": [ { "Ref": "DefaultFunctionServiceRole77A8332B", }, ], }, "Type": "AWS::IAM::Policy", }, "DefaultFunctioninvokefunction0331F004": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "DefaultFunction1A91F45E", "Arn", ], }, "InvokedViaFunctionUrl": true, "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "DefaultFunctioninvokefunctionurlDEE47B5C": { "Properties": { "Action": "lambda:InvokeFunctionUrl", "FunctionName": { "Fn::GetAtt": [ "DefaultFunction1A91F45E", "Arn", ], }, "FunctionUrlAuthType": "NONE", "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "Distribution830FAC52": { "Properties": { "DistributionConfig": { "Aliases": [ "serverless-mcp.net", ], "CacheBehaviors": [ { "AllowedMethods": [ "GET", "HEAD", "OPTIONS", "PUT", "PATCH", "POST", "DELETE", ], "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", "Compress": true, "OriginRequestPolicyId": "b689b0a8-53d0-40ab-baf2-68738e2966ac", "PathPattern": "/.well-known/oauth-authorization-server*", "ResponseHeadersPolicyId": "eaab4381-ed33-4a86-88ca-d9558dc6cd63", "TargetOriginId": "serverlessmcpDistributionOrigin2C79BE44F", "ViewerProtocolPolicy": "redirect-to-https", }, { "AllowedMethods": [ "GET", "HEAD", "OPTIONS", "PUT", "PATCH", "POST", "DELETE", ], "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", "Compress": true, "OriginRequestPolicyId": "b689b0a8-53d0-40ab-baf2-68738e2966ac", "PathPattern": "/.well-known/oauth-protected-resource", "ResponseHeadersPolicyId": "eaab4381-ed33-4a86-88ca-d9558dc6cd63", "TargetOriginId": "serverlessmcpDistributionOrigin3BB319DAA", "ViewerProtocolPolicy": "redirect-to-https", }, { "AllowedMethods": [ "GET", "HEAD", "OPTIONS", "PUT", "PATCH", "POST", "DELETE", ], "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", "Compress": true, "OriginRequestPolicyId": "b689b0a8-53d0-40ab-baf2-68738e2966ac", "PathPattern": "/clients", "ResponseHeadersPolicyId": "eaab4381-ed33-4a86-88ca-d9558dc6cd63", "TargetOriginId": "serverlessmcpDistributionOrigin42BFD722F", "ViewerProtocolPolicy": "redirect-to-https", }, { "AllowedMethods": [ "GET", "HEAD", "OPTIONS", "PUT", "PATCH", "POST", "DELETE", ], "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", "Compress": true, "OriginRequestPolicyId": "b689b0a8-53d0-40ab-baf2-68738e2966ac", "PathPattern": "/clients/*", "ResponseHeadersPolicyId": "eaab4381-ed33-4a86-88ca-d9558dc6cd63", "TargetOriginId": "serverlessmcpDistributionOrigin53223E6E0", "ViewerProtocolPolicy": "redirect-to-https", }, { "AllowedMethods": [ "GET", "HEAD", "OPTIONS", "PUT", "PATCH", "POST", "DELETE", ], "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", "Compress": true, "OriginRequestPolicyId": "b689b0a8-53d0-40ab-baf2-68738e2966ac", "PathPattern": "/mcp*", "ResponseHeadersPolicyId": "eaab4381-ed33-4a86-88ca-d9558dc6cd63", "TargetOriginId": "serverlessmcpDistributionOrigin67A309EB1", "ViewerProtocolPolicy": "redirect-to-https", }, { "AllowedMethods": [ "GET", "HEAD", "OPTIONS", "PUT", "PATCH", "POST", "DELETE", ], "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", "Compress": true, "OriginRequestPolicyId": "b689b0a8-53d0-40ab-baf2-68738e2966ac", "PathPattern": "/oauth/authorize", "ResponseHeadersPolicyId": "eaab4381-ed33-4a86-88ca-d9558dc6cd63", "TargetOriginId": "serverlessmcpDistributionOrigin7C8D11EEB", "ViewerProtocolPolicy": "redirect-to-https", }, ], "Comment": "CloudFront distribution for a serverless mcp server", "DefaultCacheBehavior": { "AllowedMethods": [ "GET", "HEAD", "OPTIONS", "PUT", "PATCH", "POST", "DELETE", ], "CachePolicyId": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", "Compress": true, "OriginRequestPolicyId": "b689b0a8-53d0-40ab-baf2-68738e2966ac", "ResponseHeadersPolicyId": "eaab4381-ed33-4a86-88ca-d9558dc6cd63", "TargetOriginId": "serverlessmcpDistributionOrigin1BF8173FA", "ViewerProtocolPolicy": "redirect-to-https", }, "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, "Origins": [ { "CustomOriginConfig": { "OriginProtocolPolicy": "https-only", "OriginSSLProtocols": [ "TLSv1.2", ], }, "DomainName": { "Fn::Select": [ 2, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "DefaultFunctionFunctionUrlF50C4F5E", "FunctionUrl", ], }, ], }, ], }, "Id": "serverlessmcpDistributionOrigin1BF8173FA", }, { "CustomOriginConfig": { "OriginProtocolPolicy": "https-only", "OriginSSLProtocols": [ "TLSv1.2", ], }, "DomainName": { "Fn::Select": [ 2, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "OauthAuthorizationServerFunctionFunctionUrl024EA36D", "FunctionUrl", ], }, ], }, ], }, "Id": "serverlessmcpDistributionOrigin2C79BE44F", }, { "CustomOriginConfig": { "OriginProtocolPolicy": "https-only", "OriginSSLProtocols": [ "TLSv1.2", ], }, "DomainName": { "Fn::Select": [ 2, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "OauthProtectedResourceFunctionFunctionUrlF20FB7A5", "FunctionUrl", ], }, ], }, ], }, "Id": "serverlessmcpDistributionOrigin3BB319DAA", }, { "CustomOriginConfig": { "OriginProtocolPolicy": "https-only", "OriginSSLProtocols": [ "TLSv1.2", ], }, "DomainName": { "Fn::Select": [ 2, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ClientsFunctionFunctionUrlC01333B8", "FunctionUrl", ], }, ], }, ], }, "Id": "serverlessmcpDistributionOrigin42BFD722F", }, { "CustomOriginConfig": { "OriginProtocolPolicy": "https-only", "OriginSSLProtocols": [ "TLSv1.2", ], }, "DomainName": { "Fn::Select": [ 2, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "ClientFunctionFunctionUrl2C8617D2", "FunctionUrl", ], }, ], }, ], }, "Id": "serverlessmcpDistributionOrigin53223E6E0", }, { "CustomOriginConfig": { "OriginProtocolPolicy": "https-only", "OriginSSLProtocols": [ "TLSv1.2", ], }, "DomainName": { "Fn::Select": [ 2, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "McpFunctionFunctionUrl5385C13A", "FunctionUrl", ], }, ], }, ], }, "Id": "serverlessmcpDistributionOrigin67A309EB1", }, { "CustomOriginConfig": { "OriginProtocolPolicy": "https-only", "OriginSSLProtocols": [ "TLSv1.2", ], }, "DomainName": { "Fn::Select": [ 2, { "Fn::Split": [ "/", { "Fn::GetAtt": [ "OauthAuthorizeFunctionFunctionUrl49740559", "FunctionUrl", ], }, ], }, ], }, "Id": "serverlessmcpDistributionOrigin7C8D11EEB", }, ], "ViewerCertificate": { "AcmCertificateArn": { "Fn::GetAtt": [ "CertificateCertificateRequestorResource2890C6B7", "Arn", ], }, "MinimumProtocolVersion": "TLSv1.2_2021", "SslSupportMethod": "sni-only", }, }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::CloudFront::Distribution", }, "DistributionARecordAF2FC781": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ "Distribution830FAC52", "DomainName", ], }, "HostedZoneId": { "Fn::FindInMap": [ "AWSCloudFrontPartitionHostedZoneIdMap", { "Ref": "AWS::Partition", }, "zoneId", ], }, }, "HostedZoneId": "Z009892610XYPY0CAB0W5", "Name": "serverless-mcp.net.", "Type": "A", }, "Type": "AWS::Route53::RecordSet", }, "DistributionAaaaRecord0E3A4935": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ "Distribution830FAC52", "DomainName", ], }, "HostedZoneId": { "Fn::FindInMap": [ "AWSCloudFrontPartitionHostedZoneIdMap", { "Ref": "AWS::Partition", }, "zoneId", ], }, }, "HostedZoneId": "Z009892610XYPY0CAB0W5", "Name": "serverless-mcp.net.", "Type": "AAAA", }, "Type": "AWS::Route53::RecordSet", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A": { "DependsOn": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", ], "Properties": { "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 900, }, "Type": "AWS::Lambda::Function", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "logs:PutRetentionPolicy", "logs:DeleteRetentionPolicy", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB", "Roles": [ { "Ref": "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRole9741ECFB", }, ], }, "Type": "AWS::IAM::Policy", }, "McpFunctionF370A1F8": { "DependsOn": [ "McpFunctionServiceRoleDefaultPolicy29310C43", "McpFunctionServiceRoleF37F17FC", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "McpFunctionRoleD0FEB59A", "Arn", ], }, "DOMAIN_NAME": "serverless-mcp.net", "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "McpFunctionServiceRoleF37F17FC", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "McpFunctionFunctionUrl5385C13A": { "Properties": { "AuthType": "NONE", "Cors": { "AllowCredentials": true, "AllowHeaders": [ "*", ], "AllowMethods": [ "*", ], "AllowOrigins": [ "*", ], }, "InvokeMode": "RESPONSE_STREAM", "TargetFunctionArn": { "Fn::GetAtt": [ "McpFunctionF370A1F8", "Arn", ], }, }, "Type": "AWS::Lambda::Url", }, "McpFunctionLogRetention644686C8": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "McpFunctionF370A1F8", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "McpFunctionRoleD0FEB59A": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "McpFunctionServiceRoleF37F17FC", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "McpFunctionServiceRoleDefaultPolicy29310C43": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, { "Action": [ "ce:GetCostAndUsage", "ce:GetCostForecast", "ce:GetDimensionValues", ], "Effect": "Allow", "Resource": { "Fn::Join": [ "", [ "arn:aws:ce:us-east-1:", { "Ref": "AWS::AccountId", }, ":*", ], ], }, }, { "Action": "pricing:*", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "McpFunctionServiceRoleDefaultPolicy29310C43", "Roles": [ { "Ref": "McpFunctionServiceRoleF37F17FC", }, ], }, "Type": "AWS::IAM::Policy", }, "McpFunctionServiceRoleF37F17FC": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "McpFunctioninvokefunction4C86CDA7": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "McpFunctionF370A1F8", "Arn", ], }, "InvokedViaFunctionUrl": true, "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "McpFunctioninvokefunctionurl23F250C5": { "Properties": { "Action": "lambda:InvokeFunctionUrl", "FunctionName": { "Fn::GetAtt": [ "McpFunctionF370A1F8", "Arn", ], }, "FunctionUrlAuthType": "NONE", "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "OauthAuthorizationServerFunctionAE94DB0C": { "DependsOn": [ "OauthAuthorizationServerFunctionServiceRoleDefaultPolicy4A6CEA69", "OauthAuthorizationServerFunctionServiceRole7698E8F6", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "OauthAuthorizationServerFunctionRoleA539208A", "Arn", ], }, "DOMAIN_NAME": "serverless-mcp.net", "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", "USER_POOL_ID": { "Ref": "UserPool6BA7E5F2", }, }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "OauthAuthorizationServerFunctionServiceRole7698E8F6", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "OauthAuthorizationServerFunctionFunctionUrl024EA36D": { "Properties": { "AuthType": "NONE", "Cors": { "AllowCredentials": true, "AllowHeaders": [ "*", ], "AllowMethods": [ "*", ], "AllowOrigins": [ "*", ], }, "InvokeMode": "BUFFERED", "TargetFunctionArn": { "Fn::GetAtt": [ "OauthAuthorizationServerFunctionAE94DB0C", "Arn", ], }, }, "Type": "AWS::Lambda::Url", }, "OauthAuthorizationServerFunctionLogRetentionC441A70D": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "OauthAuthorizationServerFunctionAE94DB0C", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "OauthAuthorizationServerFunctionRoleA539208A": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "OauthAuthorizationServerFunctionServiceRole7698E8F6", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "OauthAuthorizationServerFunctionServiceRole7698E8F6": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "OauthAuthorizationServerFunctionServiceRoleDefaultPolicy4A6CEA69": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "OauthAuthorizationServerFunctionServiceRoleDefaultPolicy4A6CEA69", "Roles": [ { "Ref": "OauthAuthorizationServerFunctionServiceRole7698E8F6", }, ], }, "Type": "AWS::IAM::Policy", }, "OauthAuthorizationServerFunctioninvokefunctionA5700969": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "OauthAuthorizationServerFunctionAE94DB0C", "Arn", ], }, "InvokedViaFunctionUrl": true, "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "OauthAuthorizationServerFunctioninvokefunctionurlDD92F789": { "Properties": { "Action": "lambda:InvokeFunctionUrl", "FunctionName": { "Fn::GetAtt": [ "OauthAuthorizationServerFunctionAE94DB0C", "Arn", ], }, "FunctionUrlAuthType": "NONE", "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "OauthAuthorizeFunction7283CCA7": { "DependsOn": [ "OauthAuthorizeFunctionServiceRoleDefaultPolicy006B7DAD", "OauthAuthorizeFunctionServiceRoleE9FC2DA5", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "OauthAuthorizeFunctionRole5A3E2D92", "Arn", ], }, "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", "USER_POOL_ID": { "Ref": "UserPool6BA7E5F2", }, }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "OauthAuthorizeFunctionServiceRoleE9FC2DA5", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "OauthAuthorizeFunctionFunctionUrl49740559": { "Properties": { "AuthType": "NONE", "Cors": { "AllowCredentials": true, "AllowHeaders": [ "*", ], "AllowMethods": [ "*", ], "AllowOrigins": [ "*", ], }, "InvokeMode": "BUFFERED", "TargetFunctionArn": { "Fn::GetAtt": [ "OauthAuthorizeFunction7283CCA7", "Arn", ], }, }, "Type": "AWS::Lambda::Url", }, "OauthAuthorizeFunctionLogRetention9908CED7": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "OauthAuthorizeFunction7283CCA7", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "OauthAuthorizeFunctionRole5A3E2D92": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "OauthAuthorizeFunctionServiceRoleE9FC2DA5", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "OauthAuthorizeFunctionServiceRoleDefaultPolicy006B7DAD": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "OauthAuthorizeFunctionServiceRoleDefaultPolicy006B7DAD", "Roles": [ { "Ref": "OauthAuthorizeFunctionServiceRoleE9FC2DA5", }, ], }, "Type": "AWS::IAM::Policy", }, "OauthAuthorizeFunctionServiceRoleE9FC2DA5": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "OauthAuthorizeFunctioninvokefunction320EAC19": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "OauthAuthorizeFunction7283CCA7", "Arn", ], }, "InvokedViaFunctionUrl": true, "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "OauthAuthorizeFunctioninvokefunctionurl69EBE925": { "Properties": { "Action": "lambda:InvokeFunctionUrl", "FunctionName": { "Fn::GetAtt": [ "OauthAuthorizeFunction7283CCA7", "Arn", ], }, "FunctionUrlAuthType": "NONE", "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "OauthProtectedResourceFunction892DDE57": { "DependsOn": [ "OauthProtectedResourceFunctionServiceRoleDefaultPolicy70D64D87", "OauthProtectedResourceFunctionServiceRole39D2DDFA", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "OauthProtectedResourceFunctionRole67A211EF", "Arn", ], }, "DOMAIN_NAME": "serverless-mcp.net", "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "OauthProtectedResourceFunctionServiceRole39D2DDFA", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "OauthProtectedResourceFunctionFunctionUrlF20FB7A5": { "Properties": { "AuthType": "NONE", "Cors": { "AllowCredentials": true, "AllowHeaders": [ "*", ], "AllowMethods": [ "*", ], "AllowOrigins": [ "*", ], }, "InvokeMode": "BUFFERED", "TargetFunctionArn": { "Fn::GetAtt": [ "OauthProtectedResourceFunction892DDE57", "Arn", ], }, }, "Type": "AWS::Lambda::Url", }, "OauthProtectedResourceFunctionLogRetention2D2DCC83": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "OauthProtectedResourceFunction892DDE57", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "OauthProtectedResourceFunctionRole67A211EF": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "OauthProtectedResourceFunctionServiceRole39D2DDFA", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "OauthProtectedResourceFunctionServiceRole39D2DDFA": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "OauthProtectedResourceFunctionServiceRoleDefaultPolicy70D64D87": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "OauthProtectedResourceFunctionServiceRoleDefaultPolicy70D64D87", "Roles": [ { "Ref": "OauthProtectedResourceFunctionServiceRole39D2DDFA", }, ], }, "Type": "AWS::IAM::Policy", }, "OauthProtectedResourceFunctioninvokefunction7E6CC36F": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "OauthProtectedResourceFunction892DDE57", "Arn", ], }, "InvokedViaFunctionUrl": true, "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "OauthProtectedResourceFunctioninvokefunctionurl87D90FDE": { "Properties": { "Action": "lambda:InvokeFunctionUrl", "FunctionName": { "Fn::GetAtt": [ "OauthProtectedResourceFunction892DDE57", "Arn", ], }, "FunctionUrlAuthType": "NONE", "Principal": "*", }, "Type": "AWS::Lambda::Permission", }, "TableCD117FA1": { "DeletionPolicy": "Retain", "Properties": { "AttributeDefinitions": [ { "AttributeName": "pk", "AttributeType": "S", }, { "AttributeName": "sk", "AttributeType": "S", }, ], "BillingMode": "PAY_PER_REQUEST", "KeySchema": [ { "AttributeName": "pk", "KeyType": "HASH", }, { "AttributeName": "sk", "KeyType": "RANGE", }, ], "PointInTimeRecoverySpecification": { "PointInTimeRecoveryEnabled": true, }, "TableName": "serverless-mcp", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "TimeToLiveSpecification": { "AttributeName": "expires", "Enabled": true, }, }, "Type": "AWS::DynamoDB::Table", "UpdateReplacePolicy": "Retain", }, "UserPool6BA7E5F2": { "DeletionPolicy": "Retain", "Properties": { "AccountRecoverySetting": { "RecoveryMechanisms": [ { "Name": "verified_email", "Priority": 1, }, ], }, "AdminCreateUserConfig": { "AllowAdminCreateUserOnly": false, }, "AutoVerifiedAttributes": [ "email", ], "LambdaConfig": { "PreTokenGenerationConfig": { "LambdaArn": { "Fn::GetAtt": [ "UserPoolPreTokenGenerationFunctionFB8D113A", "Arn", ], }, "LambdaVersion": "V3_0", }, }, "Policies": { "PasswordPolicy": { "MinimumLength": 12, "RequireLowercase": true, "RequireNumbers": true, "RequireSymbols": true, "RequireUppercase": true, }, "SignInPolicy": { "AllowedFirstAuthFactors": [ "PASSWORD", ], }, }, "SmsVerificationMessage": "The verification code to your new account is {####}", "UserPoolName": "serverless-mcp", "UserPoolTags": { "Project": "serverless-mcp", }, "UserPoolTier": "ESSENTIALS", "UsernameAttributes": [ "email", ], "UsernameConfiguration": { "CaseSensitive": false, }, "VerificationMessageTemplate": { "DefaultEmailOption": "CONFIRM_WITH_LINK", "EmailMessageByLink": "You have been invited to join the Serverless MCP server! {##Verify Your Email##}", "EmailSubjectByLink": "Serverless MCP - Invite to join!", "SmsMessage": "The verification code to your new account is {####}", }, }, "Type": "AWS::Cognito::UserPool", "UpdateReplacePolicy": "Retain", }, "UserPoolARecordA508EF46": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ "UserPoolCognitoDomainWithManagedLoginCloudFrontDomainNameA8F8D54B", "DomainDescription.CloudFrontDistribution", ], }, "HostedZoneId": { "Fn::FindInMap": [ "AWSCloudFrontPartitionHostedZoneIdMap", { "Ref": "AWS::Partition", }, "zoneId", ], }, }, "HostedZoneId": "Z009892610XYPY0CAB0W5", "Name": "auth.serverless-mcp.net.", "Type": "A", }, "Type": "AWS::Route53::RecordSet", }, "UserPoolAaaaRecord55DEF5B4": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ "UserPoolCognitoDomainWithManagedLoginCloudFrontDomainNameA8F8D54B", "DomainDescription.CloudFrontDistribution", ], }, "HostedZoneId": { "Fn::FindInMap": [ "AWSCloudFrontPartitionHostedZoneIdMap", { "Ref": "AWS::Partition", }, "zoneId", ], }, }, "HostedZoneId": "Z009892610XYPY0CAB0W5", "Name": "auth.serverless-mcp.net.", "Type": "AAAA", }, "Type": "AWS::Route53::RecordSet", }, "UserPoolCognitoDomainWithManagedLoginB408EE87": { "DependsOn": [ "DistributionARecordAF2FC781", ], "Properties": { "CustomDomainConfig": { "CertificateArn": { "Fn::GetAtt": [ "CertificateCertificateRequestorResource2890C6B7", "Arn", ], }, }, "Domain": "auth.serverless-mcp.net", "ManagedLoginVersion": 1, "UserPoolId": { "Ref": "UserPool6BA7E5F2", }, }, "Type": "AWS::Cognito::UserPoolDomain", }, "UserPoolCognitoDomainWithManagedLoginCloudFrontDomainNameA8F8D54B": { "DeletionPolicy": "Delete", "DependsOn": [ "DistributionARecordAF2FC781", "UserPoolCognitoDomainWithManagedLoginCloudFrontDomainNameCustomResourcePolicyE5F8E543", ], "Properties": { "Create": { "Fn::Join": [ "", [ "{"service":"CognitoIdentityServiceProvider","action":"describeUserPoolDomain","parameters":{"Domain":"", { "Ref": "UserPoolCognitoDomainWithManagedLoginB408EE87", }, ""},"physicalResourceId":{"id":"", { "Ref": "UserPoolCognitoDomainWithManagedLoginB408EE87", }, ""}}", ], ], }, "InstallLatestAwsSdk": false, "ServiceToken": { "Fn::GetAtt": [ "AWS679f53fac002430cb0da5b7982bd22872D164C4C", "Arn", ], }, "Update": { "Fn::Join": [ "", [ "{"service":"CognitoIdentityServiceProvider","action":"describeUserPoolDomain","parameters":{"Domain":"", { "Ref": "UserPoolCognitoDomainWithManagedLoginB408EE87", }, ""},"physicalResourceId":{"id":"", { "Ref": "UserPoolCognitoDomainWithManagedLoginB408EE87", }, ""}}", ], ], }, }, "Type": "Custom::UserPoolCloudFrontDomainName", "UpdateReplacePolicy": "Delete", }, "UserPoolCognitoDomainWithManagedLoginCloudFrontDomainNameCustomResourcePolicyE5F8E543": { "DependsOn": [ "DistributionARecordAF2FC781", ], "Properties": { "PolicyDocument": { "Statement": [ { "Action": "cognito-idp:DescribeUserPoolDomain", "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "UserPoolCognitoDomainWithManagedLoginCloudFrontDomainNameCustomResourcePolicyE5F8E543", "Roles": [ { "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", }, ], }, "Type": "AWS::IAM::Policy", }, "UserPoolPreTokenGenerationConfigCognito695EA156": { "Properties": { "Action": "lambda:InvokeFunction", "FunctionName": { "Fn::GetAtt": [ "UserPoolPreTokenGenerationFunctionFB8D113A", "Arn", ], }, "Principal": "cognito-idp.amazonaws.com", "SourceArn": { "Fn::GetAtt": [ "UserPool6BA7E5F2", "Arn", ], }, }, "Type": "AWS::Lambda::Permission", }, "UserPoolPreTokenGenerationFunctionFB8D113A": { "DependsOn": [ "UserPoolPreTokenGenerationFunctionServiceRoleDefaultPolicyB39A6EC8", "UserPoolPreTokenGenerationFunctionServiceRoleC3BB9677", ], "Properties": { "Architectures": [ "arm64", ], "Code": { "S3Bucket": { "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", }, "S3Key": "[FILENAME REMOVED]", }, "Environment": { "Variables": { "ASSUMED_ROLE_ARN": { "Fn::GetAtt": [ "UserPoolPreTokenGenerationFunctionRoleD1210B80", "Arn", ], }, "NODE_OPTIONS": "--enable-source-maps", "POWERTOOLS_LOGGER_LOG_EVENT": "true", "POWERTOOLS_LOGGER_SAMPLE_RATE": "0", "POWERTOOLS_LOG_LEVEL": "DEBUG", "POWERTOOLS_TRACER_CAPTURE_ERROR": "true", "POWERTOOLS_TRACER_CAPTURE_HTTPS_REQUESTS": "true", "POWERTOOLS_TRACER_CAPTURE_RESPONSE": "true", "POWERTOOLS_TRACE_ENABLED": "true", "TABLE": { "Ref": "TableCD117FA1", }, }, }, "Handler": "index.handler", "Layers": [ { "Fn::FindInMap": [ "CloudwatchlambdainsightsversionMap", { "Ref": "AWS::Region", }, "1x0x275x0xarm64", ], }, ], "MemorySize": 3008, "Role": { "Fn::GetAtt": [ "UserPoolPreTokenGenerationFunctionServiceRoleC3BB9677", "Arn", ], }, "Runtime": "nodejs22.x", "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], "Timeout": 120, "TracingConfig": { "Mode": "Active", }, }, "Type": "AWS::Lambda::Function", }, "UserPoolPreTokenGenerationFunctionLogRetention6935923E": { "Properties": { "LogGroupName": { "Fn::Join": [ "", [ "/aws/lambda/", { "Ref": "UserPoolPreTokenGenerationFunctionFB8D113A", }, ], ], }, "RetentionInDays": 14, "ServiceToken": { "Fn::GetAtt": [ "LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aFD4BFC8A", "Arn", ], }, }, "Type": "Custom::LogRetention", }, "UserPoolPreTokenGenerationFunctionRoleD1210B80": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": [ "sts:AssumeRole", "sts:TagSession", ], "Condition": { "StringLike": { "aws:RequestTag/TenantID": "*", }, }, "Effect": "Allow", "Principal": { "AWS": { "Fn::GetAtt": [ "UserPoolPreTokenGenerationFunctionServiceRoleC3BB9677", "Arn", ], }, }, }, ], "Version": "2012-10-17", }, "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "UserPoolPreTokenGenerationFunctionRoleDefaultPolicy6F2485D8": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "dynamodb:BatchGetItem", "dynamodb:ConditionCheckItem", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:GetRecords", "dynamodb:GetShardIterator", "dynamodb:Query", ], "Condition": { "ForAllValues:StringLike": { "dynamodb:LeadingKeys": [ "\${aws:PrincipalTag/TenantID}#*", "public#*", ], }, }, "Effect": "Allow", "Resource": [ { "Fn::GetAtt": [ "TableCD117FA1", "Arn", ], }, { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "TableCD117FA1", "Arn", ], }, "/index/*", ], ], }, ], }, ], "Version": "2012-10-17", }, "PolicyName": "UserPoolPreTokenGenerationFunctionRoleDefaultPolicy6F2485D8", "Roles": [ { "Ref": "UserPoolPreTokenGenerationFunctionRoleD1210B80", }, ], }, "Type": "AWS::IAM::Policy", }, "UserPoolPreTokenGenerationFunctionServiceRoleC3BB9677": { "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com", }, }, ], "Version": "2012-10-17", }, "ManagedPolicyArns": [ { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", ], ], }, { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition", }, ":iam::aws:policy/CloudWatchLambdaInsightsExecutionRolePolicy", ], ], }, ], "Tags": [ { "Key": "Project", "Value": "serverless-mcp", }, ], }, "Type": "AWS::IAM::Role", }, "UserPoolPreTokenGenerationFunctionServiceRoleDefaultPolicyB39A6EC8": { "Properties": { "PolicyDocument": { "Statement": [ { "Action": [ "xray:PutTraceSegments", "xray:PutTelemetryRecords", ], "Effect": "Allow", "Resource": "*", }, ], "Version": "2012-10-17", }, "PolicyName": "UserPoolPreTokenGenerationFunctionServiceRoleDefaultPolicyB39A6EC8", "Roles": [ { "Ref": "UserPoolPreTokenGenerationFunctionServiceRoleC3BB9677", }, ], }, "Type": "AWS::IAM::Policy", }, }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5", ], { "Ref": "BootstrapVersion", }, ], }, ], }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", }, ], }, }, } `;

Latest Blog Posts

What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation
Code Execution with MCP: Architecting Agentic Efficiency
By Om-Shree-0709 on December 14, 2025.
mcp
Token bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/hteek/serverless-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server