AWS MCP Server Now Generally Available: Secure AI Agent Access to AWS Services

By • min read

Introduction

AI coding agents are becoming indispensable for developers, yet giving them safe, authenticated access to AWS remains a challenge. The Agent Toolkit for AWS now includes a key component: the AWS MCP Server, now generally available. This managed remote Model Context Protocol (MCP) server provides AI agents and coding assistants with secure, authenticated access to all AWS services through a small, fixed set of tools—without handing over the keys to the kingdom.

AWS MCP Server Now Generally Available: Secure AI Agent Access to AWS Services — Source: aws.amazon.com

The Problem: Outdated Docs and Overbroad Permissions

AI coding agents are useful, but they stumble when working with AWS at depth. Without current AWS documentation, agents rely on training data that can be months out of date. They may miss new services like Amazon S3 Vectors, Amazon Aurora DSQL, or Amazon Bedrock AgentCore. When asked to build infrastructure, they default to the AWS CLI rather than modern frameworks like AWS CDK or CloudFormation. The resulting IAM policies are often far broader than necessary, producing infrastructure that works in a demo but is not production-ready.

The Solution: AWS MCP Server

The AWS MCP Server addresses these issues through a compact set of tools that do not consume your model’s context window. Key tools include:

call_aws: Executes any of 15,000+ AWS API operations using your existing IAM credentials. New APIs are supported within days of launch.
search_documentation and read_documentation: Retrieve current AWS documentation and best practices at query time, ensuring the agent always works from up-to-date information.
run_script: Lets the agent write a short Python script that runs server-side in a sandboxed environment. The sandbox inherits your IAM permissions but has no network access, so you can process data without exposing your local file system or a shell.

General Availability Enhancements

With the move to general availability, several new capabilities are introduced:

IAM context keys: No longer need a separate IAM permission to use the server. Fine-grained access can be expressed in a standard IAM policy.
Documentation retrieval without authentication: Simplifies access for agents that need quick answers.
Reduced token consumption: Fewer tokens required per interaction, which is crucial for complex, multi-step workflows.
run_script efficiency: Agents can chain API calls, filter responses, and compute results in a single round-trip, using less context and running faster.

From Agent SOPs to Skills

The most significant addition is the transition from Agent SOPs to Skills. Skills provide curated guidance and best practices for tasks where agents need the most help—such as building secure architectures, optimizing costs, or integrating with other services. This shift makes it easier for developers to share and reuse expertise, accelerating the path to production-ready AWS infrastructure.

How It Works in Practice

Imagine an agent tasked with deploying a new microservice. Using the AWS MCP Server:

The agent calls search_documentation to find the latest best practices for Amazon ECS.
It uses call_aws to create the necessary resources—stopping to adjust IAM policies based on read_documentation feedback.
For processing a large dataset, the agent writes a Python script via run_script to filter and transform data without exposing the local environment.
All actions are authorized by your existing IAM roles, and context is conserved across multiple steps.

Security and Sandboxing

The run_script tool is especially noteworthy for security-conscious teams. The Python sandbox has no network access, so even if the agent’s script is malicious or buggy, it cannot exfiltrate data or reach internal systems. The sandbox inherits only the permissions you explicitly grant via IAM, providing a clean, auditable boundary.

Conclusion

The AWS MCP Server is a pivotal addition to the Agent Toolkit for AWS. It equips AI agents with real-time documentation, fine-grained access control, and efficient tooling—all without sacrificing security. For developers building with AI agents and MCP tools, the path to production-ready AWS infrastructure is now clearer and safer. Explore the Agent Toolkit documentation to get started.