A powerful data analytics agent built on the AWS stack — Lambda, API Gateway, Secrets Manager, and MCP — that eliminated the need for dedicated data analysts by enabling natural language database queries.
Inside Amazon, teams across the organisation rely on data to make decisions. But accessing that data required a dedicated data analyst — someone who could write SQL queries, navigate database schemas, and translate business questions into precise database commands. The bottleneck was severe: teams waited days or weeks for simple queries, and the data analyst team was perpetually overwhelmed.
Amazon's QuickSuite team wanted to change this. They needed a way for any user to ask questions in natural language and get answers directly from the database — without writing SQL, without opening a ticket, and without waiting for a data analyst.
They came to Northorp to build an MCP server that would bridge QuickSuite's AI chat agents with their data infrastructure.
Amazon
QuickSuite Team
Product: Amazon QuickSuite data analytics platform
Need: Natural language database queries for non-technical users
Constraint: Enterprise-grade auth (OAuth2 via Federate), secure VPC access
Goal: Eliminate data analyst dependency for routine data queries
Users ask questions in plain English. The agent converts them to precise SQL queries and executes them against the database — no SQL knowledge required. A single Lambda function handles the full MCP lifecycle: auth, discovery, tool execution, and session management.
Built as a production-grade MCP server on AWS Lambda with API Gateway, Secrets Manager, and VPC-private database access. Handles OAuth2 via Federate, JWT validation, session management, and CORS — meeting Amazon's strict security requirements.
The agent eliminated the data analyst dependency entirely. Teams now get instant answers to routine data questions, while analysts focus on deep-dive investigations and modelling.
A single Lambda function on the AWS stack handling the full MCP lifecycle — authentication, discovery, tool execution, session management — backed by API Gateway, Secrets Manager, and VPC-private database access.
Implements the MCP specification (2025-06-18) over Streamable HTTP. A single /mcp endpoint handles initialize, tools/list, and tools/call via JSON-RPC 2.0, plus GET, DELETE, and OPTIONS for session and CORS management.
A carefully designed auth handshake: the server returns 401 on discovery calls when no token is present, triggering QuickSuite's OAuth configuration UI. Once configured, Federate issues JWTs that the Lambda validates locally for every tool execution.
The agent exposes a run_query tool that accepts SQL queries and returns results. QuickSuite's AI handles natural language to SQL conversion, while the MCP server handles execution, error formatting, and response delivery.
Full AWS-native deployment: VPC with least-privilege security groups, Secrets Manager for credentials, X-Ray tracing, CloudWatch alarms, API Gateway throttling, and infrastructure-as-code via CDK. Enterprise-grade from day one.
0
Dedicated data analysts needed
Instant
Query response time
100%
Self-service data access
Enterprise
OAuth2 + JWT security
"What were our Q4 sales by region?"
JSON-RPC request with tools/call method and run_query parameters
Regional REST API with throttling (100 rps) and CORS
Decodes Federate JWT (checks exp, aud, sub, iss), connects to database via Secrets Manager, executes query
JSON-RPC response with query results — user sees the answer in natural language
Amazon trusted Northorp to build a powerful data analytics agent on the AWS stack that eliminated an entire data analyst team. Your enterprise could be next.