Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Amazon Connect AI Agent Designer not showing associated AgentCore Gateway MCP tool namespace

0

We are trying to expose a Bedrock AgentCore Gateway Lambda target as an MCP tool inside Amazon Connect AI Agent Designer.

Setup

Region: us-east-1

Amazon Connect instance: Active

Bedrock AgentCore Gateway: Created successfully

Gateway target type: Lambda ARN

MCP integration type: MCP server

MCP integration status: Associated with the Amazon Connect instance

Expected tool: lookup_policy

Steps Performed 1. Created a Bedrock AgentCore Gateway. 2. Added a Lambda target to the gateway. 3. Added an inline target schema for a tool named lookup_policy. 4. Added a resource policy allowing gateway invocation. 5. Created an Amazon Connect MCP server integration using the AgentCore Gateway. 6. Associated the MCP integration with the Amazon Connect instance. 7. Confirmed the integration shows the instance association successfully. 8. Opened Amazon Connect → AI Agent Designer → AI Agents → Add Tool.

Expected Behavior

The AgentCore Gateway MCP namespace or tool should appear in AI Agent Designer, for example:

MCP integration namespace → lookup_policy

or

Gateway namespace → lookup_policy

Actual Behavior

Only the built-in Amazon Connect namespace appears. The custom MCP tool is not visible.

Missing items:

lookup_policy

Lambda target tool

AgentCore Gateway namespace

MCP integration namespace

HAR Evidence

When opening AI Agent Designer → Add Tool, the browser calls:

POST /mcp

Payload:

{"jsonrpc":"2.0","method":"tools/list","params":{},"id":1}

The response is HTTP 200, but it returns only built-in Amazon Connect tools, such as Connect Cases, Q in Connect, contact attributes, contact flow search, and related native tools.

The response does not include the expected custom MCP tool:

lookup_policy

CloudTrail Evidence

CloudTrail shows the setup operations completed successfully:

bedrock-agentcore:CreateGateway — success

bedrock-agentcore:CreateWorkloadIdentity — success

bedrock-agentcore:CreateGatewayTarget — success

bedrock-agentcore:PutResourcePolicy — success

app-integrations:CreateApplication — success

app-integrations:CreateApplicationAssociation — success

connect:CreateIntegrationAssociation — success

Question

Can you confirm whether third-party AgentCore Gateway MCP tool discovery is enabled for this Amazon Connect instance, account, and region?

Specifically, why is the associated AgentCore Gateway tool lookup_policy not included in the Connect MCP tools/list response, even though the MCP server integration is associated with the Amazon Connect instance?

Topics
Application IntegrationBusiness ApplicationsMachine Learning & AIDeveloper ToolsGenerative AI on AWS
Tags
Amazon ConnectAWS MCP ServerAmazon Connect Agent WorkspaceAmazon Bedrock AgentCore
Language
English
asked 24 days ago88 views
2 Answers
1
Accepted Answer

I was able to resolve this.

The issue was with the JWT inbound authentication audience configured on the Bedrock AgentCore Gateway.

The Amazon Connect MCP integration was associated successfully, and the gateway target was created successfully, but the tool namespace did not appear in Amazon Connect AI Agent Designer → Add Tool because the gateway JWT audience did not match what Amazon Connect expected.

In this setup, the allowed audience must be the AgentCore Gateway ID.

answered 24 days ago
EXPERT
reviewed 24 days ago
0

Based on the troubleshooting steps for agentic self-service issues in Amazon Connect, there are several potential causes for MCP tools not appearing in the AI Agent Designer:

Security Profile Permissions First, verify that the AI agent has the appropriate security profile permissions to access the required MCP tools. Without proper permissions configured in the security profile, the tools won't be visible even if the integration is properly associated.

Gateway Configuration and Discovery URL Confirm that the Amazon Bedrock AgentCore Gateway is correctly configured and that the discovery URL is valid. The gateway must be properly set up for tools to be discoverable through the Model Context Protocol.

Inbound Authentication Verify that the inbound authentication audiences are set to the gateway ID. This is a critical configuration step that can prevent tool discovery if not properly configured.

Gateway Status Check the gateway status in the AgentCore console to ensure it's operational and ready to serve tool requests.

Backend Service Verification Verify that the backend Lambda function behind the MCP tool is running and responding correctly. Check CloudWatch Logs for any errors that might indicate issues with the Lambda function or its configuration.

IAM Role Permissions Ensure the required IAM roles have appropriate permissions:

  • The Amazon Bedrock AgentCore Gateway's execution role must have permission to invoke the Lambda function
  • The Amazon Connect service-linked role must have permission to invoke the Amazon Bedrock AgentCore Gateway

Any missing permissions in these roles would prevent the MCP tool from being accessible to Amazon Connect, even though the integration association appears successful in CloudTrail.

I recommend systematically checking each of these areas, particularly the security profile permissions and IAM role configurations, as these are common causes of tools not appearing in the AI Agent Designer interface.
Sources
Troubleshoot agentic self-service issues - Amazon Connect
Use an AgentCore gateway - Amazon Bedrock AgentCore

answered 24 days ago
EXPERT
reviewed 24 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content