# AWS Agent Toolkit: Bringing Live Context to Cloud AI Agents > Source: > Published: 2026-06-25 22:05:23+00:00 [Cloud & Infra](https://www.devclubhouse.com/c/cloud)Article # AWS Agent Toolkit: Bringing Live Context to Cloud AI Agents By bridging local coding agents with live AWS APIs and curated skills, AWS tackles the cloud-native AI hallucination problem. [Ji-ho Choi](https://www.devclubhouse.com/u/jiho_choi) AI coding assistants are highly capable when it comes to writing boilerplate code or refactoring local functions. But when you point them at the cloud, they quickly run into a wall. The problem is twofold: the rapid pace of cloud API updates and the high blast radius of unconstrained agent execution. Because LLMs suffer from strict knowledge cut-off dates, they are fundamentally ill-equipped to handle newly released cloud services or API changes. A model released in mid-2026 with a late-2025 knowledge cutoff simply does not know about the latest cloud primitives. To bridge this gap, AWS released the [Agent Toolkit for AWS](https://github.com/aws/agent-toolkit-for-aws). It is an open-source suite of Model Context Protocol (MCP) servers, plugins, and curated "skills" designed to give AI agents first-class, governed access to AWS resources. This is not just another wrapper. It represents a transition from agents guessing how to write cloud code to agents executing cloud actions within a structured, context-aware framework. ## The S3 Tables Trap: Why General Models Fail When a coding agent relies solely on its training data, it defaults to historical patterns. In the cloud, this leads to subtle, frustrating failures. Consider Amazon S3 Tables. A generic agent tasked with creating an analytics table might generate an Athena DDL statement that includes a `LOCATION` clause. This is the standard pattern for traditional external tables. However, with S3 Tables, that pattern fails because the service manages its own table storage. The correct approach is to keep the SQL clean and pass the S3 Tables catalog through Athena's query execution context. Without external context, an agent will repeatedly generate the wrong DDL, attempt to run it, fail, and enter a troubleshooting loop that wastes tokens and time. The Agent Toolkit solves this by acting as an external brain. Instead of letting the agent improvise from memory, the toolkit provides curated, task-specific instructions (known as skills) that guide the agent through the correct API calls, service selections, and troubleshooting paths. ## Under the Hood: MCP, Skills, and Rules At the core of this toolkit is the [Model Context Protocol](https://modelcontextprotocol.io) (MCP), an open standard that allows foundation models to safely read and write data through standardized APIs. The toolkit exposes several key primitives: **AWS MCP Server:** A secure bridge that connects your local agent to live AWS documentation, APIs, and sandboxed script execution.**Skills:** Curated packages of instructions and reference materials loaded on demand. Agents discover and retrieve only the skills relevant to the current task (such as deploying a serverless app or debugging a Lambda timeout), keeping token usage low.**Rules:** Configuration files that define default agent behaviors, such as forcing the agent to prefer infrastructure-as-code (IaC) over manual CLI commands or instructing it to verify assumptions against live documentation. AWS has packaged these components into targeted plugins. The `aws-core` plugin handles general tasks like CDK, CloudFormation, serverless, and storage. Specialized plugins like `aws-data-analytics` handle Glue and Athena workflows, while `aws-agents-for-devsecops` focuses on vulnerability scanning and incident investigation. ## Developer Workflow: Setting Up the Toolkit The toolkit integrates with popular coding assistants, including [Claude Code](https://claude.ai), [Cursor](https://www.cursor.com), Codex, and Kiro. To use it, you need the `uv` package manager installed and your local AWS credentials configured (via SSO, environment variables, or the AWS CLI). For Claude Code, installation is handled directly via the official Anthropic marketplace: ``` /plugin install aws-core@claude-plugins-official /plugin install aws-data-analytics@claude-plugins-official ``` If you are using Kiro, you configure the AWS MCP Server directly in your `.kiro/settings/mcp.json` file. Pinning to a specific version is highly recommended to mitigate supply chain risks: ``` { "mcpServers": { "aws": { "command": "uvx", "args": [ "mcp-proxy-for-aws@1.6.2", "https://aws-mcp.us-east-1.api.aws/mcp", "--metadata", "AWS_REGION=us-west-2" ] } } } ``` Once the server is configured, you pull down the necessary skills using the toolkit's CLI: ``` npx skills add aws/agent-toolkit-for-aws/skills ``` With this setup, the agent no longer operates in a vacuum. If you ask it to build a data pipeline, it can query your live AWS environment, discover existing VPCs and security groups, and write CDK code that integrates with your actual infrastructure. ## Enterprise Reality: Security and Governance Giving an AI agent the ability to execute code and provision resources in an [AWS](https://aws.amazon.com) account is a massive security risk if left unmanaged. The toolkit addresses this by relying entirely on native AWS security controls. Because the toolkit runs locally within your development environment, it inherits the permissions of your active AWS credentials. If your local CLI profile does not have permission to delete an S3 bucket, your AI agent cannot delete it either. Organizations can use fine-grained IAM policies to restrict what actions agents can perform, ensuring they operate within safe boundaries. Furthermore, because the toolkit communicates directly with AWS APIs, every action the agent takes is logged. Teams can use CloudWatch and CloudTrail to monitor agent activity, making it possible to audit and distinguish AI-generated actions from human actions. This level of visibility is a hard requirement for any enterprise looking to move beyond simple code-generation chat boxes and into actual autonomous cloud workflows. While the toolkit is free to use, developers still pay for the underlying AWS resources the agent provisions. This makes tight IAM controls and budget alarms even more critical when letting an agent loose on your infrastructure. By grounding LLMs in live cloud context and enforcing native security boundaries, AWS is making AI-driven cloud development practical, predictable, and safe for production environments. ## Sources & further reading - [aws/agent-toolkit-for-aws](https://github.com/aws/agent-toolkit-for-aws)โ€” github.com - [Introducing the Agent Toolkit for Amazon Web Services | Towards Data Science](https://towardsdatascience.com/introducing-the-agent-toolkit-for-amazon-web-services/)โ€” towardsdatascience.com - [Agent Toolkit for AWS: Making AI Coding Agents Smarter in the Cloud - DEV Community](https://dev.to/aws-builders/agent-toolkit-for-aws-making-ai-coding-agents-smarter-in-the-cloud-41hp)โ€” dev.to [Ji-ho Choi](https://www.devclubhouse.com/u/jiho_choi)ยท Security & Cloud Editor Ji-ho covers the increasingly tangled overlap between cloud architecture and security, drawing on a background as a penetration tester to keep his reporting grounded in real-world attack paths. He never lets a vendor claim go unquestioned and insists that every buzzword come with a proof of concept. ## Discussion 0 No comments yet Be the first to weigh in.