# AI agent products
## What are AI agent products?
AI agents are software systems that leverage artificial intelligence to reason, plan, and complete tasks on behalf of humans or systems. Unlike traditional software that follows fixed rules, AI agents operate independently, adapting through multi-step processes to achieve specific goals.
AI agents combine foundation models for reasoning and planning with discrete agentic tools (like guardrails, knowledge bases, and business logic) to process requests, retrieve information, and execute tasks. They can search knowledge bases, call APIs, update systems, and make decisions based on user needs and environmental context.
Agentic tools are specialized components that enhance AI agent capabilities, including:
+ Knowledge bases for domain-specific information
+ Guardrails for safety and compliance
+ Integration protocols like AWS MCP Server (MCP)
+ Specialized APIs and microservices
+ Business logic components and workflows
## Types of AI agents and tools suitable for AWS Marketplace
AWS Marketplace supports a wide variety of AI agents and tools across different industries and use cases. Common types include the following, though this is not an exhaustive list:
**Content-creation agents**
Agents that generate, edit, or optimize content including text, images, videos, and multimedia. Examples include writing assistants, social media content generators, and marketing automation agents.
**Data-analysis agents**
Agents that process, analyze, and derive insights from data. Examples include business intelligence agents, financial analysis tools, and predictive analytics systems.
**Customer-service agents**
Agents that handle customer interactions, support requests, and service automation. Examples include chatbots, ticket routing systems, and customer experience optimization tools.
**Business-process-automation agents**
Agents that automate complex business workflows and processes. Examples include document processing agents, approval workflow systems, and compliance automation tools.
**Security and compliance agents**
Agents that monitor, detect, and respond to security threats or compliance requirements. Examples include threat detection systems, audit automation tools, and risk assessment agents.
**Developer-tools agents**
Agents that assist with software development, testing, and deployment. Examples include code generation assistants, testing automation agents, and deployment optimization tools.
**Agentic tools**
Specialized components that enhance other AI agents, including knowledge bases, guardrails, and integration protocols such as AWS MCP Server (MCP).
## Deployment options for AI agent products
AWS Marketplace supports multiple deployment options for AI agents, allowing you to choose the approach that best fits your architecture and customer needs:
+ **API deployment option** – The API deployment option allows customers to access your AI agent through vendor-hosted endpoints. This option is ideal for agents and agent tools that require specialized infrastructure or proprietary models that you want to keep in your own environment.
+ **Container deployment** – Package your AI agent and agentic tools as containerized applications that customers can run in their own AWS environments. This option provides customers with greater control over their data and infrastructure.
## Choosing the right deployment option
When selecting a deployment option for your AI agent or tool, consider the following factors:
+ **Data sensitivity** – If your customers work with highly sensitive data that cannot leave their environment, container deployment may be the best option.
+ **Model complexity** – For large or complex models that require specialized hardware, API deployment might be more practical.
+ **Operational overhead** – Consider the resources required to maintain and update your solution across different deployment models.
Here is a quick feature comparison between the deployment options:
| Feature | API Deployment | Container Deployment |
| --- | --- | --- |
| Hosting | Vendor-hosted endpoints | Customer's own AWS environment |
| Data control | Data processed on vendor servers | Greater customer control over data |
| Infrastructure requirements | Minimal - uses vendor infrastructure | Requires customer to manage infrastructure |
| Scalability | Managed by vendor | Customer controlled, potentially more flexible |
| Customization | Limited - based on API capabilities | High - full control over the environment |
| Maintenance | Handled by vendor | Customer responsible for updates and maintenance |
| Security | Dependent on vendor's security measures | Customizable security based on customer needs |
| Updates and improvements | Automatically provided by vendor | Manual updates required, but on customer's schedule |
| Regulatory compliance | May be limited by vendor's certifications | Easier to adapt to specific regulatory requirements |
# Listing SaaS API-based AI agent products
As an AWS Marketplace seller, you can add your software as a service (SaaS) API-based AI agent or tools product to AWS Marketplace. This includes creating your product and integrating it with the appropriate AWS Marketplace API operations, based on your billing model.
To sell software as a SaaS API-based AI agent or tools products in AWS Marketplace, follow these steps:
+ Create the SaaS API-based AI agent or tools product in AWS Marketplace.
+ Integrate your product with AWS Marketplace based on your pricing model:
+ For information about subscription-based products, see [Integrating your SaaS subscription or Pay-As-You-Go product with AWS Marketplace](saas-integrate-subscription.md).
+ For information about contract-based products, see [Integrating your SaaS contract product with AWS Marketplace](saas-integrate-contract.md).
+ For information about contract with pay-as-you-go products, see [Integrating your SaaS contract-based product with AWS Marketplace](saas-integrate-contract-with-pay.md).
+ Test your product's integration:
+ For information about testing subscription-based products, see [Testing your SaaS subscription product integration](saas-integrate-subscription.md#saas-subscription-integration-testing).
+ For information about testing contract-based products, see [Testing your SaaS contract product integration](saas-integrate-contract.md#saas-contract-integration-testing).
+ For information about testing contract with pay-as-you-go products, see [Testing your SaaS contract with pay-as-you-go integration](saas-integrate-contract-with-pay.md#saas-contract-consumption-integration-testing).
+ Submit your product for launch.
## Prerequisites
Before beginning, ensure that you have the following:
+ Clear understanding of your AI agent capabilities and target use cases
+ Appropriate security measures and compliance certifications
+ Technical documentation for integration and deployment
+ Pricing strategy aligned with your business model
+ For information about pricing strategy, see [SaaS product pricing in AWS Marketplace](saas-pricing-models.md).
## Managing SaaS API-based AI agents and tools
All SaaS API-based AI agents and tools can be managed through the unified **AI agents and tools** products page or the **SaaS** products page in the AWS Marketplace Management Console.
## Start the listing wizard
1. Sign in to the [AWS Marketplace Management Portal](https://aws.amazon.com/marketplace/management/).
1. In the navigation bar, select **Products**, then choose **AI agents and tools**.
1. From the **Create AI Agents & Tools product** menu, choose **API-based AI agents & tools**.
1. Enter a product title.
1. Choose **Generate product ID and product code**.
1. (Optional) Add tags to support tag-based authorization.
1. Choose **Continue to wizard**.
**Note**
For information about tag-based authorization, see [Controlling access to AWS resources using tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html#access_tags_control-resources) in the AWS Identity and Access Management User Guide.
## Step 1: Provide product information
The information you provide in this step communicates the value proposition of your product.
1. Provide details for Product information tab:
+ **Product title**
+ **SKU** (optional)
+ **Product logo S3 URL**
+ **Short description**
+ **Long description**
+ **Product video URL** (optional)
+ **Highlights** (1-3)
1. Enter support details and add optional learning resources by choosing **Add resource**.
1. In the **Product categories** menu, choose 1-3 categories.
+ We recommend that you choose at least one category from the **AI Agents & Tools** business categories.
1. Enter keywords to improve search discoverability.
1. (Optional) Add video and image assets according to the guidelines.
1. Choose **Next**.
## Step 2: Configure fulfillment options
1. Choose a fulfillment method:
+ **Quick Launch** (Recommended) - Sellers integrate with the [AWS Marketplace Deployment API](https://docs.aws.amazon.com/marketplace/latest/APIReference/API_Operations_AWS_Marketplace_Deployment_Service.html) and provides API keys directly to customers' AWS account upon subscription.
+ **Redirect to your website** - Customers will be redirected to your website to obtain API keys or OAuth tokens.
**Note**
You cannot change the fulfillment method after you publish the product.
1. Enter the fulfillment URL. This is the URL where users sign in or create an account.
1. Choose your AI agent or tool details:
+ **AI Agent** - Software that uses AI to process requests and completes tasks through reasoning and decision-making.
+ **AI tools**:
+ **MCP Server** - A server that manages communication and context exchange between AI models and applications.
+ **Knowledge base** - A structured collection of information that AI agents use to inform decision and responses.
+ **Guardrail** - Rules and controls that define boundaries for AI agent behavior and operations.
+ **Other** - Additional tools that enhance AI agent capabilities.
1. Enter the endpoint URL. This is the URL where your API receives requests. For MCP servers, list the MCP endpoint.
1. Add usage instructions:
+ Provide detailed instructions for buyers to use your API such as API schema, rate limits, and usage examples.
+ You can also provide additional links to your documentation.
1. Choose an authorization method:
+ **API Keys** – Customers authenticate using API keys that you provide.
+ **OAuth** – Customers authenticate using OAuth 2.0 authorization flow. If you choose OAuth, provide clear usage instructions for customers, including:
+ OAuth authorization URL and token endpoint
+ Required scopes and permissions
+ Step-by-step authentication flow instructions
+ Example API calls with proper authentication headers
+ Troubleshooting common authentication issues
1. (Optional) Amazon Bedrock AgentCore integration
+ If you list an MCP server that supports two-legged OAuth authentication, you can enable integration with Amazon Bedrock AgentCore Gateway using your MCP server endpoint as the target. For more information, see [MCP server targets](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-target-MCPservers.html). In this case, OpenAPI spec is not required.
+ If you list any other API-based product or MCP servers with API Key authentication, you can enable integration with Amazon Bedrock AgentCore by providing OpenAPI spec.
+ To learn more about AgentCore's capabilities for deploying and scaling AI agents, see [What is Amazon Bedrock AgentCore?](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/what-is-bedrock-agentcore.html)
1. (Optional) - Choose API integration protocols and provide usage instructions:
+ **MCP** - Model Context Protocol (MCP) standardizes access to external tools, data, and services for enhanced functionality.
+ **A2A** - Agent2Agent (A2A) enables direct communication and task delegation across different platforms.
1. If you selected an AI agent tool type, confirm that your agent uses reasoning LLMs and demonstrates autonomous capabilities. These requirements help ensure that agents offered on AWS Marketplace meet a high quality bar. If your agent does not meet both requirements, choose a different tool type.
## Step 3: Configure product pricing
To make your product available on AWS Marketplace, decide on a pricing model and define your product's pricing dimensions. For more information about available pricing options, see [SaaS product pricing in AWS Marketplace](saas-pricing-models.md).
Each dimension is a feature, service, or other aspect of your product for which you can set a per-unit price.
1. Choose a pricing model.
1. Choose **Next**.
## Step 4: Review prices
1. Review Product Pricing.
1. Choose **Next**.
**Note**
For testing purposes, we set the price to \$10.001 or \$10.00000001. You don't need to change the price now. This allows both your team and AWS Marketplace Seller Operations team to test the product at a reduced price and not incur a large bill for testing. You will provide actual pricing when you request product visibility for the product to go public.
## Step 5: Specify refund policy
1. Enter refund policy for your product.
1. Choose **Next**.
## Step 6: Configure End-User License Agreement (EULA)
1. Choose **Standard Contract for AWS Marketplace** or provide a S3 URL to your **Custom EULA**.
+ For more information about using the Standard Contract, see [Using standardized contracts in AWS Marketplace](standardized-license-terms.md).
1. Choose **Next**.
## Step 7: Configure offer availability
By default, products listed on AWS Marketplace are available for purchase in all countries that AWS supports. You have the option to enable country-specific availability by identifying countries where buyers can or cannot purchase your product from.
1. Choose your offer availability by country.
1. Choose **Next**.
## (Optional) Step 8: Configure allowlist
All new product listings published to AWS Marketplace start out with limited visibility. You can control which accounts have access to your limited product, including limited versions of your product, by adding select AWS account IDs to an allowlist.
To add AWS accounts to the allowlist:
1. Enter comma-separated AWS account IDs that you need to add to the allowlist.
1. Choose **Submit**.
**Note**
Only add test accounts to the allowlist for the purpose of testing.
## Modifying SaaS API-based AI agent products settings in AWS Marketplace
After you create a **SaaS API-Based Agent & Tool Product** in AWS Marketplace, you can modify many of the product settings. For information about submitting change requests and modifying product settings, see the following topics:
### Product changes and requests
+ For information about managing change requests, see [Manage change requests](saas-product-settings.md#create-change-request).
+ For information about updating product information, see [Update product information](saas-product-settings.md#update-product-information).
+ For information about updating architecture details, see [Update architecture details](saas-product-settings.md#updating-architecture-details).
### Access and visibility
+ For information about updating the allowlist, see [Update the allowlist of AWS account IDs](saas-product-settings.md#update-allowlist).
+ For information about changing product visibility, see [Update product visibility](saas-product-settings.md#saas-update-visibility).
+ For information about managing buyer access, see [Update pricing terms](saas-product-settings.md#saas-update-pricing-terms).
+ For information about country availability, see [Update availability by country](saas-product-settings.md#saas-availability-by-country).
### Pricing and terms
+ For information about updating pricing terms, see [Update pricing terms](saas-product-settings.md#saas-update-pricing-terms).
+ For information about adding pricing dimensions, see [Add pricing dimensions](saas-product-settings.md#saas-add-pricing-dimensions).
+ For information about updating pricing dimensions, see [Update pricing dimensions](saas-product-settings.md#saas-update-dimension).
+ For information about restricting pricing dimensions, see [Restrict pricing dimensions](saas-product-settings.md#restrict-pricing-dimensions).
### Legal and licensing
+ For information about updating the refund policy, see [Update the refund policy of a product](saas-product-settings.md#update-refund-policy).
+ For information about updating the EULA, see [Update the end user license agreement (EULA)](saas-product-settings.md#saas-update-eula).
### To provide a free product
If your product has limited visibility:
+ Submit a request to change visibility from limited to public.
+ Enter \$10 for all pricing dimensions.
If your product is already public:
+ Submit an **Update Pricing Terms** change request.
+ Enter \$10 for all pricing dimensions.
**Note**
After a product is set as free, you cannot convert it to a paid product.
# Integrating API-based AI agent products
## API-based AI agent products guidelines
AWS Marketplace provides guidelines for all software as a service (SaaS) API-based AI agent products. These guidelines ensure a secure and trustworthy experience for customers.
**Topics**
+ [Product review process](#product-review-process)
+ [Maintaining compliance](#maintaining-compliance)
### Product review process
When you submit a product, AWS Marketplace reviews the product and its metadata to verify that it meets current guidelines. We regularly update these guidelines to address evolving security requirements.
### Maintaining compliance
AWS Marketplace continuously monitors products to verify compliance. If your product doesn't meet current guidelines:
+ Your product might be unavailable to new subscribers until you resolve the issues
+ You must update your product to meet the new requirements
| Category | Guidelines |
| --- | --- |
| API and agent functionality | All the APIs should be functional and respond back appropriately. If you are listing an Agent, the solution must demonstrate autonomous capabilities by operating without explicit external commands or constant human inputs. |
| API access and authentication | The customer should be able to subscribe to your listing and retrieve API Keys or follow the steps to generate the OAuth token. |
| Architecture guidelines | [Follow Architecture guidelines for more details.](https://docs.aws.amazon.com/marketplace/latest/userguide/saas-guidelines.html#saas-architecture) |
| Customer information requirements | [Follow Customer information requirements for more details.](https://docs.aws.amazon.com/marketplace/latest/userguide/saas-guidelines.html#saas-customer-information) |
| Key management | Vendors should provide the customers ability to invalidate/rotate keys. Vendors should also have an mechanism to invalidate keys once the customer unsubscribes from the listing. |
| MCP server requirements (if applicable) | For MCP Server, vendors should provide remote MCP configuration details alongside any prerequisite or environment variables for set up. |
| Product setup | [Follow Product setup guidelines for more details.](https://docs.aws.amazon.com/marketplace/latest/userguide/saas-guidelines.html#saas-guidelines-setup) |
| Product usage | [Follow Product usage guidelines for more details.](https://docs.aws.amazon.com/marketplace/latest/userguide/saas-guidelines.html#saas-product-usage) |
| Usage instructions | The usage Instructions should clearly state prerequisites, authentication setup, supported endpoints, request/response schema, tool description, error codes, and additional resources. |
## Integrating API-based AI agent products
### Integrating based on product pricing
Integrating your product with AWS Marketplace is one step in listing an API-based AI agent product. To integrate your API-based AI agent product with AWS Marketplace, you must write code and demonstrate that it can respond successfully to several customer scenarios.
For information about integrating your product based on different pricing models, see the following topics:
+ For information about subscription-based products, see [Integrating your SaaS subscription or Pay-As-You-Go product with AWS Marketplace](saas-integrate-subscription.md).
+ For information about contract-based products, see [Integrating your SaaS contract product with AWS Marketplace](saas-integrate-contract.md).
+ For information about contract with pay-as-you-go products, see [Integrating your SaaS contract-based product with AWS Marketplace](saas-integrate-contract-with-pay.md).
### Customer onboarding
#### Redirect to Website fulfillment
When customers subscribe to your product through AWS Marketplace, they access the product in your AWS environment. After subscribing, we direct customers to your product's website to register their account and configure the product.
+ Learn about onboarding customers using Redirect to Website fulfillment in [Onboarding customers to your SaaS product through AWS Marketplace](saas-product-customer-setup.md).
#### QuickLaunch fulfillment
When customers subscribe to your product through AWS Marketplace, they receive an API key or OAuth credentials to make calls to your API endpoint or MCP server. The process works as follows:
+ Customer subscribes to the product.
+ Customer signs up or signs in to an account on your website.
+ You use the **PutDeploymentParameter** API to store the API key or OAuth credentials in the customer's AWS Secrets Manager.
+ If you store one parameter in the case of API keys, call the `PutDeploymentParameter` API with the `secretString` parameter being a string. If you store more than one parameter in the case of OAuth credentials, provide a JSON string with key-value pairs in the `secretString` parameter as shown below:
```
{
"Client Id": "12345",
"Client Secret": "12345",
"Discovery URL" : "https://auth.example.com/.well-known/openid-configuration"
}
```
Learn more about QuickLaunch fulfillment in these resources:
+ Learn about **PutDeploymentParameter** API in [AWS Marketplace Deployment API](https://docs.aws.amazon.com/marketplace/latest/APIReference/API_Operations_AWS_Marketplace_Deployment_Service.html)
+ Find customer onboarding instructions in [Onboarding customers to your SaaS product through AWS Marketplace](saas-product-customer-setup.md)
### Accessing AWS Marketplace APIs
This following section outlines the process of integrating with the AWS Marketplace Metering Service or AWS Marketplace Entitlement Service, used to ensure that your billing and reporting for customer usage of your products is accurate.
+ To learn more about accessing AWS Marketplace APIs, see [Accessing the AWS Marketplace Metering and Entitlement Service APIs](saas-integration-metering-and-entitlement-apis.md).
### SNS notifications
Subscribe to Amazon Simple Notification Service (Amazon SNS) topics to receive notifications about customer subscription changes and contract entitlements for your products. AWS Marketplace provides these topics during product creation to help you manage customer access.
The following Amazon SNS topics are available for SaaS API-based products:
+ [Amazon SNS topic: `aws-mp-entitlement-notification`](saas-notification.md#saas-sns-message-body) – Notifies you when customers create, upgrade, or renew contracts, or when contracts expires. This is only available for products with pricing models that include a contract.
+ [Amazon SNS topic: `aws-mp-subscription-notification`](saas-notification.md#saas-sns-subscription-message-body) – Notifies you when customers subscribe or unsubscribe from your product and includes the `offer-identifier` for private offers and a free trials flag for SaaS free trials. This is available for all pricing models, including contracts and subscriptions.
## Usage instructions templates
### MCP server usage instructions template
The following example demonstrates usage instructions for an MCP server, including tool descriptions, prerequisites, authentication setup, configuration for popular clients, rate limits, and additional resources:
```
To get started using the remove MCP server, follow the instructions below:
**Availble Tools**
This MCP server support the following tools:
- Search - Performs a web search
- Summarize Website - Summarizes a webpage
**Prerequisites**
- Install **Node.js** and **npm**
**Authentication**
Replace `YOUR_API_KEY` with your actual key below.
**Claude Desktop**
Edit the configuration file at:
- macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
- Windows: %APPDATA%\Claude\claude_desktop_config.json
Add the below code:
```
{
"mcpServers": {
"demo-example": {
"command": "npx",
"args": [
"mcp-remote",
"https://remote.mcp.server/sse",
"--header",
"Authorization: Bearer "
]
},
}
}
```
**Cline**
Cline stores MCP server configurations in a JSON file that can be modified.
In the "Installed" tab, click "Configure MCP Servers" to access the settings file.
Add the following:
```
{
"mcpServers": {
"demoServer": {
"url": "https://remote.mcp.server/sse",
"disabled": false,
"autoApprove": ["searchWeb", "summarizeWebsite"],
"timeout": 30
}
}
}
```
**Rate Limits**
- 60 requests per minute per API key.
- Exceeding returns HTTP 429 Too Many Requests.
- Use retry and exponential backoff to handle limits.
**Learn More**
MCP Docs: https://mcp.search.demoproduct.com
```
### AI Agent and Agent & Tools usage instructions template
The following example demonstrates usage instructions for an Agent or Agent tools, including prerequisites, authentication setup, supported endpoints, request/response schema, error codes, and additional resources:
```
To get started follow the instructions below:
**Authentication**
All API requests require this HTTP header:
Authorization: Bearer `YOUR_API_KEY`
Replace `YOUR_API_KEY` with your actual key.
**Search Endpoint**
**Endpoint:** `GET /web/search`
Performs a web search.
**Query Parameters:**
| Param | Type | Description |
|------------|--------|-------------------------------------|
| `q` | string | Your search query (required) |
| `count` | int | Number of results (default: 10) |
| `offset` | int | Offset for pagination |
| `country` | string | Country code (e.g. `us`, `de`) |
| `safesearch` | string | `off`, `moderate`, or `strict` |
**Example Request:**
```bash
curl -X GET "https://api.search.demo.com/res/v1/web/search?q=searchtool" \
-H "Authorization: Bearer YOUR_API_KEY"
```
**Response Schema:**
```
{
"results": [{
"title": "string",
"url": "string",
"description": "string"
}],
"query" :"string",
"total" :"number"
}
```
**Example Response:**
```
{
"results": [
{
"title": "DemoProductAPI",
"url": "https://demo.com",
"description": "Demo Product API is a search tool for..."
}
],
"query": "searchtool",
"total": 1
}
```
**Additional Search Types**
DemoProduct also supports:
- `GET /news/search – News articles`
- `GET /images/search – Image results`
- `GET /videos/search – Video results`
These endpoints follow the same format as /web/search.
**Summarize Endpoint**
**Endpoint:** `POST /summarize`
Summarizes a webpage
**Request Headers:**
Content Type: application/json
**Request Body:**
```
{
"input": "string" // URL or plain text
}
```
**Example Request:**
```
{
"input": "https://example.com/article"
}
```
**Response Schema**
```
{
"summary": "string"
}
```
**Example Response**
```
{
"summary": "This article explains our commitment to user privacy."
}
```
**Error Codes**
| Status | Meaning |
| ------ | ------------------------------ |
| `401` | Unauthorized (check your key) |
| `429` | Too many requests (rate limit) |
| `500` | Server error |
All error responses follow this structure:
```
{
"error": {
"code": 401,
"message": "Unauthorized"
}
}
```
**Rate Limits**
- 60 requests per minute per API key.
- Exceeding returns HTTP 429 Too Many Requests.
- Use retry and exponential backoff to handle limits.
**Learn More**
API Docs: https://api.search.demoproduct.com
```
# Amazon Bedrock AgentCore Gateway
This document provides information for AWS Marketplace sellers who want to list API-based AI agent products or tools that can be integrated with Amazon Bedrock AgentCore Gateway.
**Topics**
+ [Overview](#agentcore-overview)
+ [Integration with Bedrock AgentCore Gateway](#bedrock-agentcore-integration)
## Overview
Amazon Bedrock AgentCore Gateway helps developers build, deploy, discover, and connect to tools at scale. The service enables you to:
+ Convert APIs, Lambda functions, and existing services into Model Context Protocol (MCP)-compatible tools
+ Make tools available to agents through Gateway endpoints
+ Use comprehensive ingress and egress authentication in a fully managed service
AI agents use these tools to perform tasks such as:
+ Querying databases
+ Sending messages
+ Analyzing documents
For more information, see [Amazon Bedrock AgentCore Developer Guide](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway.html).
## Integration with Bedrock AgentCore Gateway
You can enable Amazon Bedrock AgentCore Gateway integration for your SaaS API-based AI agent products in one of the following ways, depending on your product:
+ If you list an MCP server that supports two-legged OAuth authentication, you can opt-in to offer your buyers the integration with no additional requirements. The MCP server endpoint you provide as part of your listing process will be used for the integration. However, you must ensure your MCP server meets the requirements listed below. For more information, see [MCP servers targets](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-target-MCPservers.html).
+ For all other agents or tools, you can provide an OpenAPI specification to enable the integration.
### MCP server requirements
Your MCP server must meet the following requirements:
+ Two-legged OAuth authentication with one of following configurations:
+ client id, client secret, and discovery URL
+ client id, client secret, issuer, authorization endpoint and token endpoint.
+ The MCP server must have tool capabilities.
+ Supported MCP protocol versions: **2025-06-18** and **2025-03-26**.
+ For the provided URL or endpoint of the server, the URL should be encoded. The Gateway uses the same URL to invoke the server.
### OpenAPI specification requirements
Your OpenAPI specification must:
+ Include `operationId` fields for all operations
+ Be free of semantic errors
+ Include a valid secure (https) endpoint URL in the server attribute
The following table shows supported and unsupported OpenAPI features:
| Category | Supported | Not Supported |
| --- | --- | --- |
| Version | 3.0 and 3.1 | 2 |
| Schema definitions | Basic data types (string, number, boolean, etc.) | oneOf specifications |
| | Required field validation | anyOf specifications |
| | Nested objects | |
| | Arrays with item specs | |
| | Standard HTTP methods | |
| Media types | application/json | Custom media types |
| | application/xml | Binary media types |
| | multipart/form-data | |
| | x-www-form-urlencoded | |
| Parameters | Simple path parameters and basic query parameters such as string/number/boolean types | Complex path parameter serialization |
| | | Complex query parameter arrays |
| | | Header parameter serialization |
| | | Cookie parameter serialization |
| Request and response | JSON bodies | |
| | XML bodies | |
| | Standard HTTP status codes | |
| Validation | Basic field validation | Regex pattern validation |
| | | Min/max value validation |
| Security | N/A | Security schemes at spec level |
| | | Multiple security schemes |
| | | OAuth 2.0 at spec level |
| | | API Key at spec level |
| | | HTTP Basic auth at spec level |
| Server configuration | Basic URL | |
| | URL with placeholders | |
### Enabling Bedrock AgentCore Gateway
Before you enable Gateway integration, test your OpenAPI specification or MCP server with Amazon Bedrock AgentCore Gateway by completing these tasks:
+ [Create a gateway](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-building.html)
+ [Attach a Target](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-building-adding-targets.html)
+ [Test your Gateway](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-building-testing.html)
**To enable Gateway integration**
1. Sign in to the [AWS Marketplace Management Portal](https://aws.amazon.com/marketplace/management).
1. Open the [AI agents and tools](https://aws.amazon.com/marketplace/management/products/aiagents) page.
1. On the **AI agents and tools products** tab, select the product to modify.
1. From the **Request changes** dropdown list, select **Update fulfillment options**.
1. Choose **Enable tool for Amazon Bedrock AgentCore integration**.
1. Upload your OpenAPI specification. For two-legged OAuth enabled MCP Server products this is not required and only the MCP endpoint is required.
1. Choose **Submit**.
After you submit, the request status appears as **Under review** in the **Requests** tab. When processing completes, the status changes to **Succeeded**.
# Listing Container-based AI agent products
## Managing container-based AI agents and tools
Container-based AI agents and tools running on Amazon Bedrock AgentCore Runtime can be managed through the unified **AI agents and tools** products page or the **Server** products page in the AWS Marketplace Management Console. Only products with versions that support Amazon Bedrock AgentCore Runtime will be visible in the **AI agents and tools** product page.
## Start the listing wizard
1. Sign in to the [AWS Marketplace Management Portal](https://aws.amazon.com/marketplace/management/homepage/) with your AWS seller account.
1. Select **Products** and then select **AI Agents and Tools** in the navigation bar.
1. Select the **Create AI Agents and Tools product** menu, then choose **Container-based AI agents & tools**.
1. Select **Generate product ID and product code**.
1. (Optional) Add tags to support tag-based authorization.
1. Select **Continue**.
## Step 1: Provide product Information
1. In **Product information**, enter:
+ **Product title**
+ **Product logo S3 URL**
+ **Short description**
+ **Long description**
+ **Highlight (1-3)**
1. Enter support details and add optional learning resources by choosing Add resource.
1. In the **Product categories** menu, choose 1-3 categories. We recommend that you choose at least one category from the **AI Agents & Tools** business categories.
1. Enter keywords to improve search discoverability.
1. (Optional) Add video and image assets according to the guidelines.
1. Choose **Next**.
## Step 2: Configure AI Agent Container pricing
1. Choose pricing model.
**AgentCore pricing limitations**
If the container image utilizes AgentCore, the **Hourly** and **Usage with long-term contract** pricing models are not supported. To learn more about contract pricing, see [Contract pricing for container products with AWS License Manager](container-license-manager-integration.md). To learn more about custom metering for usage-based pricing, see [Configuring custom metering for container products with AWS Marketplace Metering Service](container-metering-meterusage.md).
1. Select **Next**.
1. In **Set prices**.
1. Select **Next**.
## Step 3: Specify refund policy
1. Enter a refund policy.
1. Select **Next**.
**Note**
If you chose the free product pricing model, you do not have to enter a refund policy.
## Step 4: Configure EULA
1. Choose **Standard Contract for AWS Marketplace** or **Custom EULA**.
**Note**
If you choose Custom EULA, enter a URL for the end-user license agreement.
1. Select **Next**.
## Step 5: Add repositories
1. Add an initial repository for your container product.
**Note**
Repository names must be unique across all products in your seller account. You can create up to 50 repositories per product.
1. Select **Next**.
## Step 6: Configure offer availability / Allow list
1. In **Configure offer availability**, choose your geographic availability settings.
1. Select **Next**.
1. In **Configure allowlist**, list any AWS accounts that should have access to the listing while in the limited state.
1. Select **Submit** to create a new change request for limited visibility testing.
Wait 10-15 minutes until your request status is in the *Succeeded* state.
## Step 7: Upload Container images and artifacts to repository
**Note**
See [Amazon Bedrock AgentCore Runtime for AWS Marketplace](bedrock-agentcore-runtime.md) on how to integrate AgentCore with your Container Image.
1. Locate the URL for the ECR repository:
+ Open the Server products page in AWS Marketplace Management Portal.
+ Select your container product to view the details.
+ Select the Repositories tab to copy the URL of the repository.
1. Select **View push commands** to open a list of instructions, including commands you can use to push Docker container images and Helm charts to that repository. For general information about how to push container images and other artifacts to repositories, see [Pushing an image](https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-push-ecr-image.html) in the Amazon Elastic Container Registry User Guide.
**Note**
You can use the following Amazon Elastic Container Registry (Amazon ECR) API operations when calling docker pull or docker push:
DescribeImages - Use this to review the metadata about the images in a repository.
GetAuthorizationToken - Use to authenticate before uploading artifacts to the repository, then use docker pull or docker push commands.
ListImages - Use to view a list of images you pushed.
1. Use the commands listed to push any needed artifacts from your local repository to the AWS Marketplace repository for your product.
**Note**
The tag that you provide in the push commands is used to differentiate the version of the artifact that you are uploading to the repository. Use a tag that makes sense for the version the artifacts are a part of.
1. Repeat for each container image or artifact you need in your version.
**Note**
Your version can include up to 50 container images or artifacts in each delivery option. Refer to the following procedure for more information about delivery options.
1. After you upload your artifacts, you're ready to create the version of your product.
**Note**
Your container images are scanned automatically to see if they meet the [Container-based product requirements for AWS Marketplace](container-product-policies.md). For more information, see [Container product scans for security issues](container-product-getting-started.md#container-security).
## Step 8: Add New Product Version with Assets
1. Open the **AI Agents and Tools** products page in the AWS Marketplace Management Portal.
**Note**
Only container products with versions that support Amazon Bedrock AgentCore Runtime are visible in the **AI Agents and Tools** products page. Before adding the first version, you will only find your product within the **Server** products page in the AWS Marketplace Management Portal. Once you've created the version for Amazon Bedrock AgentCore Runtime, you will find your container product within the **AI Agents and Tools** products page.
1. Select your container product and click the **Request changes** dropdown menu, select **Update versions**, and select **Add new version**.
1. In **Delivery options**, enter:
+ **Version title**
+ **Release notes**
1. Select **Add delivery option**.
1. For **Delivery method**, select **Container image** and fill in:
+ **Supported services**: select the environment that buyers can launch the software in.
+ For **Bedrock AgentCore** service, select **AI Agent, MCP Server, or A2A Server** in the **Type** field.
+ **Container image**: *Repository URL* and *version tag* you specified previously.
+ **Delivery option title** and **Deployment option description**: Enter a title and description for this delivery option.
+ **Usage instructions**: Enter detailed information to help your buyers use your software after launching it.
+ **Environment Variables**: Specify the environment variables buyers must provide to configure the runtime behavior of the agent. These variables can be used to pass settings, credentials, or custom flags to the container at startup. For each variable, provide the name as expected by your container, a description, and an optional default value. For variables such as credentials or API keys that are unique, do not provide a default value. You can use the description to specify details about the variable as well as possible values. All of the provided variables with their default values will be pre-populated when buyers launch your product.
1. If you selected an **AI agent** or **A2A Server** tool type, confirm that your agent uses reasoning LLMs and demonstrates autonomous capabilities. These requirements help ensure that agents offered on AWS Marketplace meet a high quality bar. If your agent does not meet both requirements, choose a different tool type.
1. Select **Add version**.
Wait and refresh the page until the request status shows *Succeeded*.
Adding a new version automatically scans the container images for vulnerabilities.
## Step 9: Review Product Listing and Publish to Public
1. Open the **AI Agent and Tools** products page in the AWS Marketplace Management Portal.
1. Select your container product in the list.
1. Select **View on AWS Marketplace**.
1. Review your product detail page for accuracy. Ensure the usage instructions sufficiently guide the buyer through the necessary steps to launch your product.
1. Submit an Update visibility request to public:
+ From the **Server products** page, on the **Current server product** tab, select the container-based product that you want to modify. From the **Request changes** dropdown, choose **Update visibility**.
## Container deployment details
Container deployment packages your AI agent or tool as a containerized application that customers can run in their own AWS environments. This approach provides the following benefits:
+ Data remains within the customer's environment
+ Customizable deployment configurations
+ Supported integration with Bedrock AgentCore Runtime and customer's existing infrastructure
When listing a containerized agent, provide clear deployment instructions, resource requirements, and configuration options to ensure successful customer implementation.
### Technical requirements for Bedrock AgentCore Runtime Containers
**Note**
See [Amazon Bedrock AgentCore Runtime for AWS Marketplace](bedrock-agentcore-runtime.md) for more details.
When creating container-based AI agent products for AWS Marketplace, follow these requirements:
MCP Server Requirements
+ **Transport**: Stateless streamable-http only
+ **Session Management**: Platform automatically adds `Mcp-Session-Id` header for session isolation
+ **Host**: Container must listen on `0.0.0.0`
+ **Port**: Container must expose port `8000` for MCP server communication
+ **Path**: `/mcp` - POST endpoint for receiving MCP RPC messages. InvokeAgentRuntime for MCP servers will pass through requests to this path.
+ **Protocol**: The MCP server must support the MCP protocol including protocol messages 'tools/list' and 'tools/call' (supported by common framework such as FastMCP).
Agent Requirements
+ **/ping** Endpoint: GET endpoint for health checks
+ **/invocations** Endpoint: POST endpoint for agent interactions
+ **Docker Container**: ARM64 containerized deployment package
+ **Port**: Container must expose port `8080` for HTTP-based agent communication
+ No hardcoded credentials
+ Free of Common Vulnerabilities and Exposures (CVEs)
A2A Server Requirements
+ **Port**: A2A servers run on port 9000 (vs 8080 for HTTP, 8000 for MCP)
+ **Host**: Container must listen on `0.0.0.0`
+ **Path**: A2A servers are mounted at `/` (vs `/invocations` for HTTP, `/mcp` for MCP)
+ **Agent Cards**: A2A provides built-in agent discovery through Agent Cards at `/.well-known/agent-card.json`
+ **Protocol**: Uses JSON-RPC for agent-to-agent communication
+ **Authentication**: Supports both SigV4 and OAuth 2.0 authentication schemes
Usage instructions
Ensure instructions thoroughly guides customers through launching and configuring the product. Refer to [Creating AMI and container product usage instructions for AWS Marketplace](ami-container-product-usage-instructions.md).
## Testing and validation
Prior to publishing your MCP-compatible agent or tool to public, thoroughly test your implementation:
+ Verify usage instructions provides necessary information to launch and configure the product.
+ Test authentication flows and error handling
+ Validate performance under various load conditions
+ Ensure compatibility with popular MCP clients
+ Document any client-specific configuration requirements
## Best Practices and Recommendations
### Documentation Requirements
When listing an Model Context Protocol-compatible agent or tool on AWS Marketplace, include comprehensive documentation:
+ Detailed capability descriptions and examples
+ Authentication and configuration instructions
+ Sample code for common integration scenarios
+ Troubleshooting guides and error reference
+ Performance considerations and best practices
### Additional resources
For more information about implementing Model Context Protocol in your AI agent or tool, refer to these resources:
+ [Amazon Bedrock AgentCore Documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/what-is-bedrock-agentcore.html)
+ [Amazon Bedrock AgentCore Runtime for AWS Marketplace](bedrock-agentcore-runtime.md)
+ [Container Technical Requirements](https://docs.aws.amazon.com/marketplace/latest/userguide/container-product-getting-started.html)
# Amazon Bedrock AgentCore Runtime for AWS Marketplace
This document provides information for AWS Marketplace sellers who want to list AI agents or tools that can be deployed on Amazon Bedrock AgentCore Runtime. It outlines the technical requirements, configuration guidelines, and best practices for preparing your Bedrock AgentCore Runtime supported container for AWS Marketplace.
**Topics**
+ [Overview](#agentcore-runtime-overview)
+ [Bedrock AgentCore container technical requirements](#agentcore-container-requirements)
+ [Testing your Bedrock AgentCore Runtime container](#testing-agentcore-container)
+ [Best practices for container configuration](#container-best-practices)
+ [Requirements for AWS Marketplace submission](#marketplace-submission-requirements)
+ [Additional Resources](#agentcore-additional-resources)
+ [Support for AgentCore Runtime on AWS Marketplace](#agentcore-support)
## Overview
Amazon Bedrock AgentCore Runtime provides a secure, serverless and purpose-built hosting environment for deploying and running AI agents or tools. When listing your Bedrock AgentCore Runtime container on AWS Marketplace, you need to ensure it meets specific requirements to function properly within the Bedrock AgentCore environment.
**Note**
To learn more see the [Getting started with Amazon Bedrock AgentCore Runtime](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/runtime-getting-started.html).
## Bedrock AgentCore container technical requirements
Amazon Bedrock AgentCore Runtime has different technical requirements for listing AI agents, MCP servers, and A2A servers.
+ **Agent requirements**
+ **MCP server requirements**
+ **A2A server requirements**
### Agent requirements
Your containerized agent must fulfill the following core requirements:
+ **/ping** Endpoint: GET endpoint for health checks
+ **/invocations** Endpoint: POST endpoint for agent interactions
+ **Docker Container**: ARM64 containerized deployment package
+ **Port**: Container must expose port `8080` for HTTP-based agent communication
#### `/ping` - GET
This endpoint verifies that your agent is operational and ready to handle requests.
**Example Response:**
```
{
"status": "Healthy"
}
```
#### `/invocations` - POST
This is the primary agent interaction endpoint when customers call the agent with InvokeAgentRuntime action with the payload in JSON format. InvokeAgentRuntime supports streaming responses, allowing customers to receive partial responses as they become available.
**Example Request:**
```
Content-Type: application/json
{
"prompt": "What's the weather today?"
}
```
**Example Responses:**
+ JSON response (non-streaming):
```
Content-Type: application/json
{
"response": "Your agent's response here",
"status": "success"
}
```
+ SSE response (streaming):
```
Content-Type: text/event-stream
data: {"event": "partial response 1"}
data: {"event": "partial response 2"}
data: {"event": "final response"}
```
### MCP server requirements
Amazon Bedrock AgentCore Runtime enables you to deploy and run Model Context Protocol (MCP) servers. When you configure Amazon Bedrock AgentCore Runtime with the MCP protocol, the service expects MCP server containers at the path `0.0.0.0:8000/mcp`. This is the default path that most official MCP server SDKs support.
Because Amazon Bedrock AgentCore Runtime provides session isolation by default, it requires stateless streamable-HTTP servers. The runtime automatically adds an `Mcp-Session-Id` header for any request that doesn't include one. This allows MCP clients to maintain connection continuity to the same Amazon Bedrock AgentCore Runtime session.
The `InvokeAgentRuntime` API passes through payload data directly, which enables easy proxying of RPC messages for protocols like MCP.
Requirements:
+ **Transport** - Must use stateless streamable-http only
+ **Session Management** - Platform automatically adds `Mcp-Session-Id` header for session isolation
+ **Host** - Container must listen on `0.0.0.0`
+ **Port** - Container must expose port `8000` for MCP server communication
+ **Path** - Must expose `/mcp` as a POST endpoint to receive MCP RPC messages. The `InvokeAgentRuntime` API passes through requests to this path for MCP servers.
+ **Protocol** - MCP server must support the MCP protocol, including the following protocol messages:
+ `tools/list`
+ `tools/call` (supported by common frameworks like FastMCP)
To learn more about MCP server requirements, see [Deploy MCP servers in AgentCore Runtime](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/runtime-mcp.html).
#### `/mcp` - POST
This is the primary agent interaction endpoint when customers call the MCP server with InvokeAgentRuntime.
**Example list request:**
```
Content-Type: application/json
{
"jsonrpc": "2.0",
"id": 1,
"method": "tools/list",
}
```
**Example list response:**
JSON response (non-streaming):
```
Content-Type: application/json
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"tools": [
{
"name": "get_weather",
"title": "Weather Information Provider",
"description": "Get current weather information for a location",
"inputSchema": {
"type": "object",
"properties": {
"location": {
"type": "string",
"description": "City name or zip code"
}
},
"required": ["location"]
}
}
],
"nextCursor": "next-page-cursor"
}
}
```
**Example tool call request:**
```
Content-Type: application/json
{
"jsonrpc": "2.0",
"id": 2,
"method": "tools/call",
"params": {
"name": "get_weather",
"arguments": {
"location": "New York"
}
}
}
```
**Example tool call response:**
JSON response (non-streaming):
```
Content-Type: application/json
{
"jsonrpc": "2.0",
"id": 2,
"result": {
"content": [
{
"type": "text",
"text": "Current weather in New York:\nTemperature: 72°F\nConditions: Partly cloudy"
}
],
"isError": false
}
}
```
### A2A Server requirements
Amazon Bedrock AgentCore Runtime lets you deploy and run Agent-to-Agent (A2A) servers in the AgentCore Runtime. Amazon Bedrock AgentCore's A2A protocol support enables seamless integration with A2A servers by acting as a transparent proxy layer. When configured for A2A, Amazon Bedrock AgentCore expects containers to run stateless, streamable HTTP servers on port `9000` at the root path (`0.0.0.0:9000/`), which aligns with the default A2A server configuration.
The service provides enterprise-grade session isolation while maintaining protocol transparency - JSON-RPC payloads from the InvokeAgentRuntime API are passed through directly to the A2A container without modification. This architecture preserves the standard A2A protocol features like built-in agent discovery through Agent Cards at `/.well-known/agent-card.json` and JSON-RPC communication, while adding enterprise authentication (SigV4/OAuth 2.0) and scalability.
The key differentiators from other protocols are the port (9000 vs 8080 for HTTP), mount path (`/` vs `/invocations`), and the standardized agent discovery mechanism, making Amazon Bedrock AgentCore an ideal deployment platform for A2A agents in production environments.
Requirements:
+ **Port** - A2A servers run on port 9000 (vs 8080 for HTTP, 8000 for MCP)
+ **Host** - Container must listen on `0.0.0.0`
+ **Path**
+ A2A servers are mounted at `/` (vs `/invocations` for HTTP, `/mcp` for MCP)
+ Health checks at `/ping` using GET
+ **Agent Cards** - A2A provides built-in agent discovery through Agent Cards at `/.well-known/agent-card.json`
+ **Protocol** - Uses JSON-RPC for agent-to-agent communication
+ **Authentication** - Supports both SigV4 and OAuth 2.0 authentication schemes
To learn more about A2A server requirements see [Deploy A2A servers in AgentCore Runtime](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/runtime-a2a.html).
#### `/` - POST
This is the primary agent interaction endpoint when customers call the A2A server with InvokeAgentRuntime.
**Example agent invocation request:**
```
Content-Type: application/json
{
"jsonrpc": "2.0",
"id": "req-001",
"method": "message/send",
"params": {
"message": {
"role": "user",
"parts": [
{
"kind": "text",
"text": "what is 101 * 11?"
}
],
"messageId": "12345678-1234-1234-1234-123456789012"
}
}
}
```
**Example agent invocation response:**
JSON response (non-streaming):
```
Content-Type: application/json
{
"jsonrpc": "2.0",
"id": "req-001",
"result": {
"artifacts": [
{
"parts": [
{
"kind": "text",
"text": "101 * 11 is 1111"
}
]
}
]
}
}
```
**Example agent card retrieval:**
```
curl https://bedrock-agentcore..amazonaws.com/runtimes/{escaped_agent_arn}/invocations/.well-known/agent-card.json
```
#### `/ping` - GET
This is the endpoint for performing health checks.
## Testing your Bedrock AgentCore Runtime container
Before submitting your container to AWS Marketplace, test it thoroughly:
### Local Agent Testing
Test your agent locally using Docker
```
docker run -p 8080:8080
# Test ping endpoint
curl http://localhost:8080/ping
# Test agent invocation endpoint
curl -X POST http://localhost:8080/invocations \
-H "Content-Type: application/json" \
-d '{"prompt": "Hello world!"}'
```
### Local MCP Server Testing
Test your MCP server locally using Docker
```
docker run -p 8000:8000
# Test ping endpoint
curl http://localhost:8000/ping
# Test MCP endpoint with tools/list
curl -X POST http://localhost:8000/mcp \
-H "Content-Type: application/json" \
-d '{"jsonrpc": "2.0","id": 1,"method": "tools/list"}'
# Test MCP endpoint with tools/call
curl -X POST http://localhost:8000/mcp \
-H "Content-Type: application/json" \
-d '{ "jsonrpc": "2.0", "id": 2, "method": "tools/call", "params": {"name": "get_weather", "arguments": {"location": "New York"}}}'
```
### Local A2A Server Testing
Test your A2A server locally using Docker
```
docker run -p 9000:9000
# Test ping endpoint
curl http://localhost:9000/ping
# Retrieve agent card
curl http://localhost:9000/.well-known/agent-card.json
# Test A2A endpoint with message/send
curl -X POST http://localhost:9000/ \
-H "Content-Type: application/json" \
-d '{ "jsonrpc": "2.0", "id": "req-001", "method": "message/send", "params": { "message": { "role": "user", "parts": [ { "kind": "text", "text": "what is 101 * 11?"}],"messageId": "12345678-1234-1234-1234-123456789012" }}}'
```
### Testing on Bedrock AgentCore Runtime
After you test your container locally, upload it to Amazon Elastic Container Registry (Amazon ECR) and deploy it to Amazon Bedrock AgentCore Runtime. You can deploy using either the Amazon Bedrock AgentCore Runtime console or the AWS Command Line Interface (AWS CLI).
## Best practices for container configuration
### Security considerations
+ **Isolation** - Don't store sensitive data between invocations
+ **Authentication** - Validate all incoming requests
+ **Logging** - Log appropriate information but avoid including sensitive data
+ **Dependencies** - Keep all dependencies current to prevent security vulnerabilities
### Performance optimization
+ **Cold start** - Optimize your container for fast cold starts
+ **Memory Usage** - Minimize memory footprint to improve performance
+ **Concurrency** - Design your agent to handle concurrent requests efficiently
+ **Timeouts** - Implement proper timeout handling
### Error handling
+ **Graceful degradation** - Implement fallback mechanisms for when services are unavailable
+ **Structured errors** - Return well-structured error responses with appropriate HTTP status codes
+ **Retry logic** - Implement appropriate retry logic for transient failures
## Requirements for AWS Marketplace submission
When you submit your AgentCore Runtime container to AWS Marketplace, include:
+ **Container image** – Your container image pushed to Amazon ECR
+ **Documentation** – Comprehensive documentation on how to use your agent or MCP server
+ **Usage examples** – Clear examples of how to invoke your agent or MCP server
+ **Support information** – Contact information for support
+ **Pricing information** – Clear pricing structure for your agent or MCP server
## Additional Resources
For more information, see the following:
+ [What is Amazon Bedrock AgentCore?](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/what-is-bedrock-agentcore.html)
+ [What is AWS Marketplace?](https://docs.aws.amazon.com/marketplace/latest/userguide/what-is-marketplace.html)
+ [Getting started with container products](container-product-getting-started.md)
## Support for AgentCore Runtime on AWS Marketplace
For questions related to listing your AgentCore Runtime container on AWS Marketplace, see [Getting support for AWS Marketplace](https://docs.aws.amazon.com/marketplace/latest/buyerguide/buyer-support.html).
For technical questions about AgentCore Runtime, see [AWS Support and Customer Service](https://console.aws.amazon.com/support/home#/case/create?issueType=technical).
# Integrating MCP
AWS MCP Server (MCP) is an open standard that enables seamless communication between AI agents and external tools. When you implement MCP in your AI agent or tool, customers can integrate your solution directly into their existing agentic workflows without complex API integration work.
MCP transforms how AI agents access external capabilities. Instead of building custom integrations for each tool, agents use a standardized protocol to discover, connect, and interact with MCP-compatible services. This approach reduces integration complexity and enables plug-and-play functionality.
For more information about implementing AWS MCP Server in your agent or tool, see [Integrating MCP](#integrating-mcp).
**Topics**
+ [Key Benefits of AWS MCP Server integration](#mcp-benefits)
+ [AWS MCP Server Architecture and components](#mcp-architecture)
+ [Technical requirements for AWS MCP Server implementation](#mcp-implementation)
+ [Testing and validation](#mcp-testing)
+ [Documentation requirements](#mcp-documentation)
+ [Additional resources](#mcp-resources)
## Key Benefits of AWS MCP Server integration
MCP integration provides advantages for both AI agent providers and end users.
### Benefits for AI agent providers
+ Reach customers using popular AI development solutions that support MCP.
+ Reduce customer onboarding friction with standardized integration.
+ Enable discovery through MCP-compatible client applications.
+ Support multiple client platforms with a single implementation.
### Benefits for end users
+ Add your capabilities to existing AI workflows without custom development.
+ Use familiar AWS MCP Server client interfaces they already know.
+ Benefit from automatic protocol handling and error management.
+ Access your tools through multiple AI platforms and applications.
+ Maintain consistent authentication across AWS MCP Server-enabled services.
## AWS MCP Server Architecture and components
AWS MCP Server uses a client-server architecture where your AI agent or tool acts as an AWS MCP Server server. Customer applications (AWS MCP Server clients) connect to your server to access your capabilities.
The protocol defines the following three main types of capabilities:
+ **Tools** – Functions that agents can call to perform actions.
+ **Resources** – Data sources that agents can read or query.
+ **Prompts** – Pre-defined prompt templates that agents can use.
## Technical requirements for AWS MCP Server implementation
Your AWS MCP Server server must implement the following core protocol specifications:
+ JSON-RPC 2.0 communication protocol
+ Standard AWS MCP Server message types and formats
+ Capability advertisement and discovery
+ Authentication and session management
+ Error handling and status reporting
### Implementation steps
1. Define your capabilities (tools, resources, or prompts).
1. Implement the AWS MCP Server server interface.
1. Create capability schemas using JSON Schema.
1. Implement authentication and authorization.
1. Add error handling and logging.
1. Test with AWS MCP Server-compatible clients.
1. Document your capabilities for customers.
### Example capability definition
```
{
"name": "search_knowledge_base",
"description": "Search the knowledge base for relevant information",
"parameters": {
"type": "object",
"properties": {
"query": {
"type": "string",
"description": "The search query"
},
"max_results": {
"type": "integer",
"description": "Maximum number of results to return",
"default": 5
}
},
"required": ["query"]
}
}
```
## Testing and validation
Before listing your AWS MCP Server-compatible agent or tool on AWS Marketplace, thoroughly test your implementation:
+ Verify capability discovery and schema validation
+ Test authentication flows and error handling
+ Validate performance under various load conditions
+ Ensure compatibility with popular AWS MCP Server clients
+ Document any client-specific configuration requirements
## Documentation requirements
When listing an AWS MCP Server-compatible agent or tool on AWS Marketplace, include comprehensive documentation:
+ Detailed capability descriptions and examples
+ Authentication and configuration instructions
+ Sample code for common integration scenarios
+ Troubleshooting guides and error reference
+ Performance considerations and best practices
## Additional resources
For more information about implementing AWS MCP Server in your AI agent or tool, refer to these resources:
+ [Model Context Protocol Specification](https://modelcontextprotocol.github.io/)
+ [MCP GitHub Repository](https://github.com/modelcontextprotocol/mcp)
+ [AWS Marketplace Seller Operations team](https://aws.amazon.com/marketplace/management/contact-us/) for AWS MCP Server integration support