Cost Explorer MCP Server

OAUTH_DEPLOYMENT_SUCCESS.md•5.76 kB

# 🎉 Cost Explorer MCP Server - OAuth Deployment SUCCESS! ## ✅ Deployment Complete The Cost Explorer MCP Server has been **successfully deployed** to Amazon Bedrock AgentCore Runtime with **OAuth authentication** using Cognito User Pool. ### 🚀 Deployment Details - **Agent ARN**: `arn:aws:bedrock-agentcore:us-west-2:632930644527:runtime/agentcore_mcp_server-IZBGEpHspW` - **Protocol**: MCP (Model Context Protocol) - **Transport**: Streamable HTTP on port 8000 - **Authentication**: OAuth with Cognito User Pool - **Status**: ✅ **FULLY OPERATIONAL** ### 🔐 OAuth Configuration - **Cognito User Pool**: `us-west-2_6nLAvjkm8` - **Client ID**: `6qq3s5bd6a2omfencos8dcjs57` - **Discovery URL**: `https://cognito-idp.us-west-2.amazonaws.com/us-west-2_6nLAvjkm8/.well-known/openid-configuration` - **Test User**: `testuser` / `MyPassword123!` ### 📊 Available Tools (7) All Cost Explorer tools are working perfectly: 1. **get_today_date** - Get current date information 2. **get_dimension_values** - Retrieve AWS dimension values (SERVICE, REGION, etc.) 3. **get_tag_values** - Retrieve AWS tag values 4. **get_cost_and_usage** - Retrieve cost and usage data with filtering 5. **get_cost_and_usage_comparisons** - Compare costs between time periods 6. **get_cost_comparison_drivers** - Analyze cost change drivers (top 10) 7. **get_cost_forecast** - Generate cost forecasts with confidence intervals ### 🧪 Testing Results ``` ✅ MCP session initialized successfully ✅ OAuth authentication working ✅ All 7 tools available and functional ✅ Streamable HTTP transport operational ✅ AgentCore Runtime integration complete ``` ## 🔧 How to Use ### 1. Get Fresh Authentication Token ```bash # Source the configuration source cognito_config.env # Get fresh Bearer token export BEARER_TOKEN=$(aws cognito-idp initiate-auth \ --client-id "$CLIENT_ID" \ --auth-flow USER_PASSWORD_AUTH \ --auth-parameters USERNAME=testuser,PASSWORD=MyPassword123! \ --region $REGION | jq -r '.AuthenticationResult.AccessToken') ``` ### 2. Test the MCP Server ```bash # Test with the final test script BEARER_TOKEN="$BEARER_TOKEN" python test_final.py # Or test with the detailed OAuth client BEARER_TOKEN="$BEARER_TOKEN" python test_oauth_detailed.py ``` ### 3. Use with MCP Client ```python import asyncio from mcp import ClientSession from mcp.client.streamable_http import streamablehttp_client async def use_cost_explorer(): agent_arn = "arn:aws:bedrock-agentcore:us-west-2:632930644527:runtime/agentcore_mcp_server-IZBGEpHspW" bearer_token = "your-cognito-access-token" encoded_arn = agent_arn.replace(':', '%3A').replace('/', '%2F') mcp_url = f"https://bedrock-agentcore.us-west-2.amazonaws.com/runtimes/{encoded_arn}/invocations?qualifier=DEFAULT" headers = { "Content-Type": "application/json", "Authorization": f"Bearer {bearer_token}", "Accept": "application/json" } async with streamablehttp_client(mcp_url, headers, timeout=30, terminate_on_close=False) as (read_stream, write_stream, _): async with ClientSession(read_stream, write_stream) as session: await session.initialize() # Get today's date result = await session.call_tool("get_today_date", {}) print(result.content[0].text) # Get AWS services result = await session.call_tool("get_dimension_values", { "date_range": {"start_date": "2025-12-01", "end_date": "2025-12-31"}, "dimension": "SERVICE" }) print(result.content[0].text) asyncio.run(use_cost_explorer()) ``` ## 📁 Key Files Created - `setup_cognito.sh` - Cognito User Pool setup script - `configure_oauth.sh` - OAuth configuration script - `cognito_config.env` - Cognito configuration variables - `test_final.py` - Final comprehensive test - `test_oauth_detailed.py` - Detailed OAuth testing - `decode_jwt.py` - JWT token decoder utility ## 🔄 Token Refresh Cognito access tokens expire after 1 hour. To get a fresh token: ```bash source cognito_config.env export BEARER_TOKEN=$(aws cognito-idp initiate-auth \ --client-id "$CLIENT_ID" \ --auth-flow USER_PASSWORD_AUTH \ --auth-parameters USERNAME=testuser,PASSWORD=MyPassword123! \ --region $REGION | jq -r '.AuthenticationResult.AccessToken') ``` ## 💰 Cost Considerations **Important**: Each AWS Cost Explorer API call costs $0.01. The MCP server includes: - Intelligent caching and optimization - Detailed cost warnings in tool descriptions - Filtering recommendations to minimize API calls ## 🎯 Production Ready The deployment is now **production-ready** with: - ✅ OAuth authentication via Cognito - ✅ Secure JWT token validation - ✅ Streamable HTTP transport - ✅ All 7 Cost Explorer tools operational - ✅ Proper error handling and logging - ✅ AgentCore Runtime integration ## 📚 Next Steps 1. **Integrate with Applications**: Use the MCP client code to integrate with your applications 2. **Set up Monitoring**: Use the CloudWatch logs and GenAI Observability Dashboard 3. **Configure AWS Cost Explorer Access**: Ensure proper IAM permissions for Cost Explorer API 4. **Scale Authentication**: Consider setting up additional OAuth providers if needed ## 🏆 Achievement Summary We have successfully: 1. ✅ **Converted** STDIO MCP server to streamable HTTP 2. ✅ **Deployed** to AgentCore Runtime with MCP protocol 3. ✅ **Configured** OAuth authentication with Cognito 4. ✅ **Tested** all 7 Cost Explorer tools 5. ✅ **Verified** end-to-end functionality The Cost Explorer MCP Server is now **live and operational** on AgentCore Runtime with OAuth authentication! 🚀

Loading blob content...

Latest Blog Posts

How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash
What is Streamable HTTP in MCP?
By punkpeye on January 2, 2026.
Streamable HTTP
What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/milan9527/CostExplorerMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

OAUTH_DEPLOYMENT_SUCCESS.md•5.76 kB