AWS MCP Server Reaches General Availability: Secure, Up-to-Date AWS Access for AI Agents

Why AI Agents Needed a Better AWS Solution

AI agents and coding assistants are increasingly used to automate cloud infrastructure tasks, but they face significant challenges when interacting with AWS services. Without live access to current AWS documentation, agents rely on training data that can be months old, missing critical information about newer services like Amazon S3 Vectors, Amazon Aurora DSQL, or Amazon Bedrock AgentCore. When asked to build infrastructure, they often default to the AWS Command Line Interface (AWS CLI) instead of infrastructure-as-code tools like the AWS Cloud Development Kit (AWS CDK) or AWS CloudFormation. Additionally, they tend to generate overly broad AWS Identity and Access Management (IAM) policies that compromise security. The resulting infrastructure works in demos but is rarely production-ready.

Introducing the AWS MCP Server

To address these issues, AWS has announced the general availability of the AWS MCP Server—a managed remote Model Context Protocol (MCP) server. This server gives AI agents and coding assistants secure, authenticated access to all AWS services through a compact, fixed set of tools. It is part of the Agent Toolkit for AWS, a suite that includes the MCP Server, skills, and plugins designed to help coding agents build more effectively on AWS.

Core Tools and How They Work

The AWS MCP Server operates with a small number of tools that do not consume the model’s context window. The primary tool, call_aws, executes any of over 15,000 AWS API operations using the user’s existing IAM credentials. New API operations are supported within days of their launch. Two additional tools—search_documentation and read_documentation—retrieve current AWS documentation and best practices at query time, ensuring the agent always works from up-to-date information.

New Capabilities in General Availability

With this general availability release, the AWS MCP Server introduces several significant enhancements that improve security, efficiency, and flexibility.

IAM Context Keys for Fine-Grained Access

Previously, using the MCP Server required a separate IAM permission. Now, the server supports IAM context keys, allowing administrators to express fine-grained access controls directly in a standard IAM policy. This eliminates the need for extra permissions and simplifies security management.

Documentation Retrieval Without Authentication

The documentation retrieval tools no longer require authentication. This change means any agent can access the latest AWS documentation without needing to authenticate first, speeding up the process and reducing configuration overhead.

Reduced Token Consumption

The number of tokens required per interaction has been reduced. For complex, multi-step workflows, this is a critical improvement, as it frees up context window space and allows agents to handle longer sequences of operations without hitting token limits.

The run_script Tool for Efficient Multi-Step Workflows

A standout new feature is the run_script tool. This tool lets the agent write a short Python script that runs server-side in a sandboxed environment. The sandbox inherits the user’s IAM permissions but has no network access, so the agent can process data securely without accessing local files or a shell. Instead of making multiple round-trips to chain API calls, the agent can now combine calls, filter responses, and compute results in a single operation. This approach is both faster and more context-efficient, significantly improving performance for scenarios that require combining data from several AWS APIs.

Skills: Replacing Agent SOPs with Curated Guidance

Another key addition is the transition from Agent SOPs to Skills. Skills provide curated guidance and best practices for common tasks. Rather than relying on generic standard operating procedures, these skills offer context-specific recommendations that help agents produce more robust, production-ready infrastructure. This shift ensures that agents follow AWS-recommended patterns from the start.

Conclusion

The AWS MCP Server in its generally available form provides AI agents with a secure, up-to-date, and efficient way to interact with AWS. By offering fine-grained IAM controls, token-efficient tools, a sandboxed script execution environment, and curated skills, it addresses the key pain points that previously made agents unreliable for production cloud work. For developers and organizations building AI-driven automation on AWS, the MCP Server represents a significant step forward in making agents both powerful and safe.