Adding a Scanner for Amazon AgentCore MCP Server
Add a scanner to discover, import, and sync MCP servers from Amazon AgentCore into Exchange. Then you can govern the MCP servers and consume them in other applications.
Before You Begin
Before adding the scanner, verify that you have the permission, context, and these Amazon AgentCore credentials:
-
An active AWS account to register and host MCP servers
-
Amazon access key ID
-
Amazon secret access key
-
Amazon region
-
Exchange Administrator permission
-
An IAM user with an inline policy that allows these permissions:
-
bedrock-agentcore:ListAgentRuntimes
-
bedrock-agentcore:GetAgentRuntime
-
bedrock-agentcore:ListAgentRuntimeVersions
-
bedrock-agentcore:ListAgentRuntimeEndpoints
-
bedrock-agentcore:InvokeAgentRuntime
-
For more information, see the Amazon Bedrock documentation.
Add a Scanner for Amazon AgentCore
-
Verify that you are in the business group where you want to add the scanner.
-
From the sidebar in Exchange, click Scanners.
-
Enter a name for the scanner.
-
In Scanner Run Configuration, complete these fields or options:
Field/Option Value Run Schedule
Select a frequency and local time.
Sync Review
Select an option: Auto-resolve or Ask to review.
-
From Connection Configuration, complete these fields:
Field Value Provider
Select Amazon.
Platform
Select AWS AgentCore.
Service Type
Select MCPs.
Authentication Method
Select Access key.
Access Key ID
Enter the access key ID.
Secret Access Key
Enter the secret access key.
AWS Region
Select a region.
-
Click Test Connection.
If the connection fails, review the Connection Configuration settings. Update the settings, and then test the connection again.
-
To send email notifications:
-
Select Advanced Settings and turn on Send Email Notifications.
-
Enter an email address.
-
-
Click Add Scanner.