Skip to main content

Agent Toolkit for AWS

Agent Toolkit for AWS

Help AI coding agents build, deploy, and manage applications on AWS.

Overview

The Agent Toolkit for AWS gives AI coding agents the tools, knowledge, and guardrails they need to work effectively with AWS services. Whether you're using Claude Code, Cursor, Kiro, or another AI-powered development environment, Agent Toolkit for AWS provides a secure, auditable interface to AWS APIs, curated skills that guide agents through complex workflows. Instead of relying on agents' general knowledge of AWS — which can be outdated or incomplete — Agent Toolkit for AWS gives agents access to up-to-date documentation, best practices, and tested procedures that improve success rates and reduce wasted effort.

Missing alt text value

Benefits

    Any coding agent can scaffold a basic application. Agent Toolkit for AWS gives agents the knowledge to ship production-ready infrastructure — with proper security configurations, cost-efficient resource choices, and architectures that follow AWS Well-Architected best practices. Curated skills guide agents through complex, multi-step workflows like configuring data pipelines, creating production-ready VPCs, or connecting a Lambda function to API Gateway.

    Without the right context, agents spend significant time on trial-and-error — calling the wrong APIs, recovering from errors, and churning through tokens without making progress. Agent Toolkit for AWS provides agents with tested procedures and up-to-date service knowledge, so they get it right the first time. Less time debugging means lower costs and faster results.

    Foundation models are trained on data that's months or years old. Newer AWS services and recently launched features are often missing from agents' knowledge entirely. Agent Toolkit for AWS gives agents real-time access to current AWS documentation, API references, and service capabilities — so they can work with services like Amazon S3 Tables, Aurora DSQL, and Bedrock AgentCore even if those services launched after the model's training cutoff.

    When agents execute AWS commands through a local terminal, there's no way to distinguish agent actions from human actions, enforce organization-wide policies, or audit what happened. The AWS MCP Server provides CloudWatch metrics for monitoring agent activity, IAM-based access controls, and the ability to set enterprise guardrails — like restricting agents to read-only operations or requiring approval for actions that modify resources.

    Install the plugin in Claude Code or Codex, configure the MCP server directly, or add skills to any agent that supports them.

Use cases

    Use your preferred AI coding agent to create AWS infrastructure, write application code, and deploy to production. Agent Toolkit for AWS provides the agent with the context it needs to choose the right AWS services, configure them correctly, and follow deployment best practices — from setting up a VPC to deploying a containerized application on ECS.

    If you're building autonomous agents using frameworks like Strands, LangChain, or Bedrock AgentCore, Agent Toolkit for AWS provides a standardized interface for your agents to interact with AWS services. The AWS MCP Server exposes AWS APIs through the Model Context Protocol (MCP), and the sandboxed script execution environment lets agents run Python code against AWS without local filesystem or network access.

    Point your coding agent at a failing deployment, a spike in error rates, or an unexpected cost increase. Agent Toolkit for AWS helps agents work with CloudWatch logs and metrics, CloudFormation stack status, and troubleshooting procedures — so they can diagnose issues and suggest fixes without you needing to navigate between multiple consoles.

Features

AWS MCP Server

The AWS MCP Server is a managed, remote server that gives AI agents secure access to AWS through the Model Context Protocol (MCP). Agents can execute AWS CLI commands, search AWS documentation, and follow curated skills — all through a single authenticated endpoint with CloudWatch metrics and IAM-based access controls.

  • Full AWS API coverage — Agents can interact with any of the 300+ AWS services and 15,000+ API actions through a single tool, without installing the AWS CLI locally.
  • Sandboxed script execution — Agents can write and execute Python scripts in an isolated environment to perform multi-step operations, process data, and orchestrate complex workflows — without access to your local filesystem or network.
  • Real-time documentation access — Agents can search and retrieve current AWS documentation, user guides, and API references to stay up to date on the latest services and features.
  • Enterprise controls — Monitor agent activity through CloudWatch, enforce organization-wide policies using IAM context keys, and set guardrails on what actions agents can perform through MCP.
  • Open source — Available on GitHub in the Agent Toolkit for AWS repo.
aws-library_illustration_data_12_1200.jpg

Agent Skills

Agent skills are curated packages of instructions, code scripts, and reference materials that help agents complete specific tasks on AWS. Skills are loaded on demand — agents discover and retrieve only the skills relevant to the current task, keeping context window usage low. keeping context window usage low. All skills are thoroughly evaluated to ensure they improve agent success and efficiency.

  • Service decision guides — Help agents choose the right AWS service for a given use case, with opinionated recommendations and tradeoff analysis.
  • Step-by-step procedures — Tested workflows for common tasks like creating S3 Tables, setting up Glue ETL pipelines, configuring IAM policies, and deploying serverless applications.
  • Troubleshooting guides — Diagnostic procedures for common errors, with root cause analysis and resolution steps.
  • Discoverable via MCP or CLI — Agents find skills through the AWS MCP Server or the aws skills search CLI command. No manual configuration required.
aws-library_illustration_data_7_1200

Agent Plugins

Easy-install plugins that bundle the AWS MCP Server configuration and a curated set of agent skills. Available for Claude Code, Cursor, and Codex, with support for additional agents coming soon.

  • Easy install — A single installation in Claude Code, Cursor, or Codex to enable MCP server access and curated skills.
  • Automatic updates — Skills and MCP server configurations update automatically as new capabilities are added.
  • Open source — Available on GitHub in the Agent Toolkit for AWS repo.
Abstract hub and spoke network illustration representing AWS professional services connections

Frequently asked questions

FAQs

Open all

    MCP is an open standard for connecting AI agents to external tools and data sources. It provides a standardized way for agents to discover available tools, call them with structured inputs, and receive structured outputs. MCP is maintained by the Agentic AI Foundation under the Linux Foundation, with AWS as a founding member.

    You need an AWS account and IAM credentials to use the AWS MCP Server for API access. Agent skills and documentation search are available without authentication.

    Agent Toolkit for AWS is available at no additional charge. You pay only for the AWS resources your agent provisions or interacts with, at standard AWS pricing.

    Yes. You can use IAM policies to control which AWS actions agents can perform through the MCP server. IAM context keys (aws:CalledViaAWSMCP) let you write policies that apply specifically to agent-initiated actions — for example, allowing read-only access through MCP even if the underlying IAM role has broader permissions.

    AWS is the successor to those tools. We recommend using the Agent Toolkit for AWS, because it offers key features including:

    • IAM condition keys that distinguish between agent actions and human actions, so you can write policies that apply only to agents. For example, you can write policies that only allow read-only actions through the MCP server, even if the user’s underlying IAM role can take write actions).
    • CloudWatch metrics and CloudTrail audit logging for every request, so you can monitor and audit coding agent activity.
    • Agent skills that have undergone thorough end-to-end evaluations, so you can be confident that workflows will complete successfully.

    AWS Labs MCP servers, skills, and plugins will continue to work and accept contributions, and over time the best of AWS Labs will be transitioned to the Agent Toolkit for AWS to ensure that customers can access the broadest array of tooling and guidance for their agents.

Getting Started

Claude Code

json 
/plugin marketplace add aws/agent-toolkit-for-aws
/plugin install aws-core@aws-agent-toolkit-for-aws

Codex

In your terminal

json 
codex plugin marketplace add aws/agent-toolkit-for-aws

Then launch Codex and run /plugins to browse and install the available plugins

Other MCP-compatible agents

Add the MCP server configuration to your agent's MCP config file

json 
{
  "mcpServers": {
    "aws": {
      "command": "uvx",
      "args": ["mcp-proxy-for-aws@latest", "https://mcp.us-east-1.amazonaws.com"]
    }
  }
}

(e.g., ~/.kiro/settings/mcp.json for Kiro CLI)

Explore available skills

Browse the full catalog of available skills on GitHub.

Try it out

Ask your agent: "Create an S3 bucket with versioning enabled and a lifecycle policy that transitions objects to Glacier after 90 days."

Did you find what you were looking for today?

Let us know so we can improve the quality of the content on our pages