sample-aws -rca

This MCP server provides an automated AWS Root Cause Analysis (RCA) workflow that leverages Amazon Bedrock AI capabilities. Integrated with MCP via Kiro IDE, it ingests incident data from multiple AWS sources (CloudWatch Logs, CloudTrail, and AWS Health), runs AI-powered analysis, and returns structured RCA guidance and remediation recommendations directly inside the IDE. Use the MCP client tools in Kiro to authenticate, route incident inquiries, and view AI-generated insights alongside your code and logs. The system is designed to scale with serverless components and provides secure access through IAM authentication via API Gateway.

To use the server, connect your Kiro IDE workspace to the MCP server using the MCP configuration. Submit incident data or inquiry payloads (e.g., a set of AWS service events, logs, and health checks). The server will route requests to Lambda-backed processing that calls Amazon Bedrock for AI analysis, correlates events across CloudWatch Logs, CloudTrail, and AWS Health, and returns a structured RCA narrative, potential root causes, and recommended remediation steps. You can inspect results in the MCP panel, and iterate on inputs to refine the AI analysis.

Prerequisites:

• AWS account with permissions to deploy and access CloudWatch Logs, CloudTrail, AWS Health, and API Gateway.
• Docker installed and running on your development machine or CI environment.
• Access to an endpoint or image for the MCP server (docker image named aws-sample-rca).
• Optional: IAM role or credentials configured for AWS access from your environment.

Installation steps:

1. Install Docker:

# macOS
brew install --cask docker
# Windows: install Docker Desktop from https://www.docker.com/products/docker-desktop
# Linux (example for apt-based distros)
sudo apt-get update && sudo apt-get install -y docker.io

2. Authenticate with AWS (if needed for your environment):

aws configure

3. Pull and run the MCP server docker image (from the official source for this project):

docker pull aws-sample-rca:latest

To start the server container with necessary environment variables:

docker run -d --name sample-aws-rca \
  -e AWS_REGION=us-east-1 \
  -e BEDROCK_API_ENDPOINT=https://bedrock.aws.amazon.com \
  -e IAM_ROLE_ARN=arn:aws:iam::<account-id>:role/<role-name> \
  aws-sample-rca

4. Configure MCP client (Kiro IDE):

• In Kiro IDE, add a new MCP server entry using the provided mcp_config format from the repository documentation.
• Point the client to the running container or its exposed endpoint, depending on your networking setup.

5. Deploy supporting AWS resources (if not already present):

• Ensure CloudWatch Logs, CloudTrail, and AWS Health are enabled and their data can be accessed by the Lambda functions.
• Ensure the API Gateway and IAM permissions are configured as described in the deployment guide.

6. Verify deployment:

• Use the MCP client to submit a sample incident payload and confirm you receive an RCA response with AI-generated insights.

Tips and caveats:

• Ensure your AWS IAM permissions align with the Lambda functions and Bedrock integration used by this MCP server (read access to CloudWatch Logs, CloudTrail, and AWS Health, plus appropriate Bedrock access).
• If you encounter networking issues, verify that the Docker container can reach AWS services and Bedrock endpoints from your environment.
• The environment variable BEDROCK_API_ENDPOINT is the endpoint for Bedrock access; adjust if your deployment uses a different region or endpoint.
• For production use, consider securing endpoints with proper IAM roles, API keys, and network restrictions to prevent unauthorized MCP requests.
• Monitor Lambda/API Gateway quotas and enable retries/backoff in client-side logic to handle transient AWS service limits gracefully.