Contents
Why ask Build vs Buy now
By 2026, Anthropic's reference MCP servers have shifted to "community-led", and Cloudflare, Supabase, Affinity, and others are launching hosted MCP offerings. At the same time, demand for "make our internal API speak MCP" has surged. Decision makers face a four-option matrix: (A) ride the official MCP, (B) use a third party, (C) build it and host on managed serverless, (D) build it and self-host.
The visible price tags differ wildly, but a 3-year TCO that includes labor often flips the conclusion. This article breaks down the realistic monthly cost of each option using public pricing and industry survey data.
"Self-hosting is cheaper because the server is cheap, and managed is overpriced" — that intuition tends to invert the moment you put a labor rate on operations. "Can we fund 3 years of operations headcount?" is the real Build-vs-Buy fork.
Four layers of MCP server TCO
The real cost of an MCP server is never a single number. At minimum, separate it into four layers.
| Layer | What it covers | Typical monthly range | How easy to miss |
|---|---|---|---|
| 1. Infrastructure | VPS / Workers / Lambda / containers | $0 - $30 | Low (everyone tracks it) |
| 2. LLM API | Model calls (Claude / GPT / etc.) | $30 - $60 | Medium |
| 3. Operations labor | Monitoring, patching, incident response | $200 - $400 | High (the biggest blind spot) |
| 4. Opportunity cost | Feature work that didn't ship | Hard to quantify | High |
Compare only Layer 1 and "Hetzner $6.50 vs Cloudflare $5" looks like a wash. Add Layer 3 and self-hosting is shouldering $200-400/month of labor on top. That gap is the entire reason the "server fee ≠ hosting cost" trap exists.
The hidden cost of self-hosting — the $6.50/month trap
Industry surveys repeatedly find that more than 90% of self-host evaluators underestimate TCO by 3-5x. The cause is treating ops time as "personal hobby time" — costless on the spreadsheet, very real in practice.
Self-host monthly TCO breakdown (priced at $50/hour)
What goes into those four hours? Industry breakdowns commonly cite 1-2h Docker updates, 1-2h server monitoring, 2-4h incident response, and 1h security patching as the "appropriate maintenance load" for a properly run self-hosted setup.
Self-hosting only becomes cheaper in narrow conditions: (1) you can co-locate the MCP server on existing infrastructure at zero marginal cost, (2) regulation or data sovereignty forbids leaving the perimeter, or (3) the labor is absorbed into a budget you already have (e.g., an existing internal SRE team).
Hobby projects can use $0/hour, but production operations require an honest hourly rate before they become comparable to other options. The $1.50 gap between Hetzner $6.50 and Cloudflare Workers $5 dissolves the moment you price ops time honestly.
Managed: Cloudflare Workers vs AWS Lambda
If you decide to build but skip self-hosting, the practical market is a duopoly. Public pricing as of April 2026:
| Item | Cloudflare Workers | AWS Lambda |
|---|---|---|
| Free tier | 100K requests/day | 1M requests + 400K GB-seconds/month (perpetual) |
| Paid entry | $5/month (10M requests included) | $0.20/1M requests + $0.0000166667/GB-second |
| Overage | $0.30 per 1M requests | Same model (GB-seconds × duration) |
| Billing model | CPU time only (I/O wait is free) | Duration × memory (I/O wait billed) |
| Edge | Global by default | Requires CloudFront + Lambda@Edge |
The benchmark consensus is straightforward: for I/O-heavy MCP servers, Cloudflare Workers runs 50-80% cheaper than AWS Lambda. Workers' "no charge for I/O wait" billing fits the typical MCP workload — a thin layer that calls external APIs and returns the result.
The flip side: for short-running, lightweight functions tied tightly into AWS (IAM, VPC, RDS), Lambda can be 20-25% cheaper. The decision boils down to two questions — "is this I/O-heavy?" and "do we already have AWS-native infrastructure?".
For new MCP servers, default to Cloudflare Workers. Scale-to-zero, edge by default, and "no charge for I/O wait" align almost perfectly with how MCP servers actually behave. Reach for Lambda only when AWS-native dependencies dominate the design.
The 'free ride' value of an official MCP
If the target SaaS already publishes an official MCP server, building your own is almost always the wrong call. KanseiLink data shows official MCPs concentrating at AA/AAA — Backlog (90% success, AAA), Notion (83%, AAA), Slack (AAA), kintone (AA), freee (AA). A homegrown competitor accrues an open-ended cost of tracking upstream API changes and rarely wins on reliability over time.
Three exceptions: (1) the target is an internal-only API with no MCP, (2) regulation or data sovereignty forbids data leaving your perimeter, or (3) the official is missing capabilities and no third-party (pgEdge MCP, Postgres MCP Pro) fills the gap. Outside those, "ride the official" is a dominant strategy.
Three case simulations
Three typical cases. Assumptions: 100K requests/month, 200ms average latency, $45/month LLM API, 4 hours/month maintenance, $50/hour labor.
Case 1: A Japanese SaaS vendor where the target SaaS has an official MCP
Pick: ride the official. Infrastructure $0, LLM API $45, ops 1 hr × $50 = $50. Three-year total = $3,420.
If you build the same capability yourself: $5 infrastructure + 4 hours × $50 ops = $205/month. Three-year total = $9,000. Riding the official saves $5,580 (62%).
Case 2: An internal-only API needing MCP exposure (no official)
Pick: Cloudflare Workers + custom build. $5 infra + $45 LLM + 2 hrs × $50 = $150/month. Three-year total = $5,400.
Switch to self-hosted on Hetzner: $6.50 + $45 + 4 hrs × $50 = $251.50/month. Three-year total = $9,054. Managed wins by $3,654 (40%).
Case 3: Regulated industry, data cannot cross the perimeter
Pick: self-host (no choice). Three-year total = ~$9,054, plus the SOC2 / ISMS audit overhead that always accompanies on-prem. Here cost optimization is not the driver — compliance is.
Decision framework
Three or four questions, in order, settle most cases.
- Q1: Does the target SaaS have an official MCP? → Yes → ride the official. This decides 80% of cases on its own.
- Q2: Is the target an internal-only API with no official MCP? → Yes → "Cloudflare Workers + custom build" first. Reach for Lambda only when AWS-native assets dominate.
- Q3: Is there an official, but it lacks features (writes, multi-tenant, row-level perms)? → Yes → evaluate third-party (pgEdge MCP, Postgres MCP Pro, etc.) before building.
- Q4: Are the conditions for self-hosting actually met? → Regulation, data sovereignty, or an existing SRE team — without one of those, do not pick self-hosting.
- Q5: Can you fund 4-8 hours/month of operations for 3 years? → No → drop "Build" and move to "Buy".
FAQ
What does self-hosting really cost?
The server itself is cheap (Hetzner ~$6.50/month). Add 4-8 hours of monthly maintenance — Docker updates, monitoring, incident response, security patching — at $50/hour and the realistic TCO climbs to ~$206.50/month, plus $30-60 of LLM API costs. Industry reports consistently find that 90%+ of evaluators underestimate this by 3-5x.
Cloudflare Workers vs AWS Lambda — which is the better MCP host?
For I/O-heavy, high-frequency HTTP endpoints, Workers is 50-80% cheaper because it bills only for CPU time and skips I/O wait. For short-running functions integrated tightly with AWS-native infrastructure, Lambda can be 20-25% cheaper. For new MCP servers, default to Workers.
If an official MCP exists, why build your own?
Almost never a good idea. Official MCPs (Backlog, Notion, Slack, kintone, freee) concentrate at AA/AAA. Homegrown competitors take on permanent API-tracking cost and lose on reliability over time. Exceptions: internal-only APIs and strict regulatory constraints.
Are managed MCP services worth paying for?
It depends. Hosted MCP platforms (Cloudflare, Supabase, Affinity, Composio) matured in 2026. If you need multi-tenant support, OAuth/SSO, and audit logs, paying for a managed offering is usually faster than building it. For PoCs or single-user setups, riding the official MCP directly is enough.
Can I still use 'archived' official MCPs?
Yes. Some Anthropic modelcontextprotocol/servers reference implementations are now marked "learning purposes / archived", but that signals "community-led from here", not "deprecated". Read-heavy workloads remain stable. For writes and production ops, switch to community implementations like pgEdge MCP or Postgres MCP Pro.
Pricing in this article reflects publicly available rates as of April 2026: Cloudflare Workers Paid $5/month including 10M requests, $0.30 per additional 1M (blog.cloudflare.com/workers-pricing-scale-to-zero/, cloudflare.com/plans/developer-platform/); AWS Lambda perpetual free tier 1M requests + 400K GB-seconds/month, paid $0.20/1M requests + $0.0000166667/GB-second (aws.amazon.com/lambda/pricing/). Self-host time ranges (4-8 hours/month: 1-2h Docker updates, 1-2h monitoring, 2-4h incident response, 1h security patching) and the 3-5x TCO underestimation come from public industry comparison reports (blink.new, xcloud.host, apigene.ai, 2026). The Claude Sonnet 4.5 reference rate ($3/M input, $15/M output, March 2026) follows Anthropic's official pricing. KanseiLink AEO grades are taken from the get_insights tool, April 2026 snapshot. Pricing and specs change without notice — always confirm the latest official documentation before production rollouts.