<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Saurabh "Rob" Dahal</title>
    <description>The latest articles on DEV Community by Saurabh "Rob" Dahal (@raabdahl).</description>
    <link>https://dev.to/raabdahl</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3709480%2F8d520395-4d17-449e-a5db-9dd63f9c5f62.jpeg</url>
      <title>DEV Community: Saurabh "Rob" Dahal</title>
      <link>https://dev.to/raabdahl</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/raabdahl"/>
    <language>en</language>
    <item>
      <title>Setting up the Agent Toolkit for AWS in Kiro (and Codex, Claude Code, and Cursor)</title>
      <dc:creator>Saurabh "Rob" Dahal</dc:creator>
      <pubDate>Tue, 30 Jun 2026 12:59:54 +0000</pubDate>
      <link>https://dev.to/raabdahl/setting-up-the-agent-toolkit-for-aws-in-kiro-and-codex-claude-code-and-cursor-15e5</link>
      <guid>https://dev.to/raabdahl/setting-up-the-agent-toolkit-for-aws-in-kiro-and-codex-claude-code-and-cursor-15e5</guid>
      <description>&lt;p&gt;If you've let a coding agent loose on AWS, you've watched it guess. It invents API parameters that don't exist, or hands you an S3 bucket a security review will bounce on sight. The Agent Toolkit for AWS is built to stop that. By the end of this post you'll have it running in whatever editor you use, plus a tour of what's in it and three workflows worth pointing it at.&lt;/p&gt;

&lt;p&gt;I use Kiro day to day, so I'll walk through that setup first. It also works with Codex, Claude Code, Cursor, and any other agent that speaks MCP, the Model Context Protocol, which is the open standard agents use to connect to outside tools and data. I'll cover those too.&lt;/p&gt;

&lt;h2&gt;
  
  
  What is the Agent Toolkit for AWS?
&lt;/h2&gt;

&lt;p&gt;The Agent Toolkit for AWS is a free, AWS-supported set of tools that gives AI coding agents secure access to AWS, current documentation they can read mid-task, and tested procedures for the work they tend to fumble. It plugs into the agent you already use rather than asking you to switch. In practice, that shows up in a few ways, all detailed in the &lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;AWS user guide&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;The agent stops guessing about APIs it never saw. The models behind these agents trained on data that's months or years old, so anything AWS shipped recently is missing or wrong in their heads, and the toolkit hands them current docs and references at request time. For multi-step work like least-privilege IAM or a production serverless stack, it follows a vetted skill instead of reconstructing the steps from half-memory. Every call goes through your own IAM credentials, shows up in CloudWatch, and gets logged to CloudTrail, so you can scope an agent to read-only even when your role can write. And the toolkit costs nothing on its own; you pay only for the AWS resources the agent creates.&lt;/p&gt;

&lt;p&gt;It's the successor to the MCP servers, skills, and plugins AWS shipped under &lt;a href="https://github.com/awslabs" rel="noopener noreferrer"&gt;AWS Labs&lt;/a&gt; in 2025. Two things make me reach for it over a raw MCP setup: condition keys that let a policy tell an agent apart from a human, and skills that have been evaluated end to end rather than thrown over the wall.&lt;/p&gt;

&lt;h2&gt;
  
  
  What's included: the MCP server, skills, plugins, and rules files
&lt;/h2&gt;

&lt;p&gt;Four components work together (&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;reference&lt;/a&gt;).&lt;/p&gt;

&lt;p&gt;The AWS MCP Server is the access layer, a single endpoint that reaches 300+ AWS services. It runs in two modes depending on what you ask for. Searching AWS docs, pulling service info, and discovering skills need no credentials at all, so the server is useful the moment you connect it. Anything that touches your account, real API calls and the sandboxed Python &lt;code&gt;run_script&lt;/code&gt; tool, runs as you through your local AWS credentials. It also stamps two condition keys on every request, &lt;code&gt;aws:ViaAWSMCPService&lt;/code&gt; and &lt;code&gt;aws:CalledViaAWSMCP&lt;/code&gt;, so your policies can single out agent traffic.&lt;/p&gt;

&lt;p&gt;Skills are curated packages of instructions, scripts, and reference material for one task. The agent loads a skill only when it needs it, so they barely touch your context until they're relevant.&lt;/p&gt;

&lt;p&gt;Plugins bundle the MCP config and a curated skill set into one install. They're available for Claude Code, Codex, and Cursor; Kiro and other MCP agents connect to the server directly instead, which I cover in the setup steps below. Four ship today:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Plugin&lt;/th&gt;
&lt;th&gt;Covers&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-core&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Service selection, CDK/CloudFormation, serverless, containers, storage, observability, billing, SDK usage, deployment. &lt;strong&gt;Start here.&lt;/strong&gt;
&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-agents&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Building AI agents on AWS with Amazon Bedrock and AgentCore.&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-data-analytics&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Data lake, analytics, and ETL with S3 Tables, AWS Glue, and Athena.&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-agents-for-devsecops&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Incident investigation, code review, UAT, vulnerability scanning, and pen testing with AWS DevOps Agent and AWS Security Agent.&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Rules files are project-level config that sets guardrails: use the MCP Server, find a skill before acting, check the docs, prefer infrastructure-as-code. Rules decide how the agent behaves; skills supply what it does for a given job.&lt;/p&gt;

&lt;h3&gt;
  
  
  Which skills does the Agent Toolkit include?
&lt;/h3&gt;

&lt;p&gt;The skills are the part I underestimated at first. There are around 64 today (browse the &lt;a href="https://github.com/aws/agent-toolkit-for-aws/tree/main/skills" rel="noopener noreferrer"&gt;&lt;code&gt;skills/&lt;/code&gt; directory&lt;/a&gt; for the live list), split into core and specialized.&lt;/p&gt;

&lt;p&gt;Core skills, which ship with &lt;code&gt;aws-core&lt;/code&gt;:&lt;/p&gt;

&lt;p&gt;&lt;code&gt;amazon-bedrock&lt;/code&gt;, &lt;code&gt;aws-billing-and-cost-management&lt;/code&gt;, &lt;code&gt;aws-blocks&lt;/code&gt;, &lt;code&gt;aws-cdk&lt;/code&gt;, &lt;code&gt;aws-cloudformation&lt;/code&gt;, &lt;code&gt;aws-containers&lt;/code&gt;, &lt;code&gt;aws-iam&lt;/code&gt;, &lt;code&gt;aws-messaging-and-streaming&lt;/code&gt;, &lt;code&gt;aws-observability&lt;/code&gt;, &lt;code&gt;aws-sdk-js-v3-usage&lt;/code&gt;, &lt;code&gt;aws-sdk-python-usage&lt;/code&gt;, &lt;code&gt;aws-sdk-swift-usage&lt;/code&gt;, &lt;code&gt;aws-serverless&lt;/code&gt;, &lt;code&gt;signing-in-to-aws&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;Specialized skills, grouped by domain (a few from each):&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Serverless (9)&lt;/strong&gt;: &lt;code&gt;connecting-lambda-to-api-gateway&lt;/code&gt;, &lt;code&gt;connecting-lambda-to-dynamodb&lt;/code&gt;, &lt;code&gt;debugging-lambda-timeouts&lt;/code&gt;, &lt;code&gt;processing-s3-uploads-with-step-functions&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Analytics (10)&lt;/strong&gt;: &lt;code&gt;querying-data-lake&lt;/code&gt;, &lt;code&gt;ingesting-into-data-lake&lt;/code&gt;, &lt;code&gt;managing-amazon-msk&lt;/code&gt;, &lt;code&gt;amazon-opensearch-service&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Database (8)&lt;/strong&gt;: &lt;code&gt;amazon-aurora-postgresql&lt;/code&gt;, &lt;code&gt;amazon-elasticache&lt;/code&gt;, &lt;code&gt;exporting-rds-to-s3&lt;/code&gt;, &lt;code&gt;rds-db2&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Networking (5)&lt;/strong&gt;: &lt;code&gt;creating-production-vpc-multi-az&lt;/code&gt;, &lt;code&gt;routing-traffic-with-route53-and-cloudfront&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Storage (5)&lt;/strong&gt;: &lt;code&gt;securing-s3-buckets&lt;/code&gt;, &lt;code&gt;creating-data-lake-table&lt;/code&gt;, &lt;code&gt;storing-and-querying-vectors&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;EC2 (3)&lt;/strong&gt;, &lt;strong&gt;Operations (3)&lt;/strong&gt;, &lt;strong&gt;System table (3)&lt;/strong&gt;, &lt;strong&gt;Migration (2)&lt;/strong&gt;, &lt;strong&gt;Security and identity (1)&lt;/strong&gt;, &lt;strong&gt;Web and mobile (1)&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Don't memorize the list. When you ask for "a Lambda behind API Gateway writing to DynamoDB," the agent pulls the matching skills on its own.&lt;/p&gt;

&lt;h2&gt;
  
  
  Prerequisites
&lt;/h2&gt;

&lt;p&gt;A handful of things need to be in place first. None take long.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;An AWS account.&lt;/strong&gt; Anything that touches AWS needs one. &lt;a href="https://docs.aws.amazon.com/accounts/latest/reference/getting-started.html" rel="noopener noreferrer"&gt;Sign up here&lt;/a&gt; if you don't have one yet.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;AWS credentials on your machine&lt;/strong&gt;, for the parts that act on your account. The server still connects and answers documentation and skill questions without them, but API calls and &lt;code&gt;run_script&lt;/code&gt; need them. The proxy reads the standard AWS credential chain, so &lt;code&gt;aws configure&lt;/code&gt;, an SSO login, a named profile, or the usual environment variables all work. New to this? &lt;a href="https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html" rel="noopener noreferrer"&gt;Configuring the AWS CLI&lt;/a&gt; is the simplest path. The CLI is the common way to set credentials, not a hard requirement.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;a href="https://docs.astral.sh/uv/" rel="noopener noreferrer"&gt;uv&lt;/a&gt;&lt;/strong&gt;, a Python package tool that runs the MCP proxy. Install it with &lt;code&gt;brew install uv&lt;/code&gt; on macOS, or the &lt;a href="https://docs.astral.sh/uv/getting-started/installation/" rel="noopener noreferrer"&gt;official installer&lt;/a&gt; elsewhere. The &lt;code&gt;uvx&lt;/code&gt; command in the Kiro config below comes bundled with it.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Node.js&lt;/strong&gt;, which gives you the &lt;code&gt;npx&lt;/code&gt; command used to install skills. If &lt;code&gt;npx --version&lt;/code&gt; prints nothing, install it from &lt;a href="https://nodejs.org" rel="noopener noreferrer"&gt;nodejs.org&lt;/a&gt;.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;AWS CLI &lt;code&gt;2.35.0&lt;/code&gt; or later&lt;/strong&gt;, but only if you use the one-command wizard below. Check with &lt;code&gt;aws --version&lt;/code&gt;.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  How to set up the Agent Toolkit for AWS
&lt;/h2&gt;

&lt;p&gt;The quickest route is the AWS CLI wizard, which configures every agent you have at once. Prefer to do it by hand, or only use one editor? Skip to the per-agent steps below.&lt;/p&gt;

&lt;h3&gt;
  
  
  Set up every agent at once with the AWS CLI
&lt;/h3&gt;

&lt;p&gt;On a recent AWS CLI, one command detects your installed agents, installs default skills, and configures the MCP Server for all of them:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws configure agent-toolkit
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;One gotcha worth calling out, because I hit it. On an older CLI you'll see:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;aws: [ERROR]: argument subcommand: Found invalid choice 'agent-toolkit'
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That means your AWS CLI predates &lt;code&gt;2.35.0&lt;/code&gt;. Update it (&lt;a href="https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html" rel="noopener noreferrer"&gt;instructions&lt;/a&gt;), confirm with &lt;code&gt;aws --version&lt;/code&gt;, and rerun. Restart your agent afterward so it picks up the new MCP config.&lt;/p&gt;

&lt;p&gt;If you only use one agent, or you want to see exactly what gets wired up, the per-agent steps below do the same thing by hand.&lt;/p&gt;

&lt;h3&gt;
  
  
  Kiro
&lt;/h3&gt;

&lt;p&gt;Open your Kiro MCP config and add the AWS server. Use &lt;code&gt;.kiro/settings/mcp.json&lt;/code&gt; for the current project, or &lt;code&gt;~/.kiro/settings/mcp.json&lt;/code&gt; to turn it on everywhere. Create the file if it doesn't exist yet:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"mcpServers"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"command"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"uvx"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"args"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"mcp-proxy-for-aws@1.6.3"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"https://aws-mcp.us-east-1.api.aws/mcp"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"--metadata"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"AWS_REGION=us-west-2"&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="p"&gt;]&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;If your config already lists other servers under &lt;code&gt;mcpServers&lt;/code&gt;, add the &lt;code&gt;aws&lt;/code&gt; entry next to them instead of replacing the block, and keep the JSON valid (mind the commas). Change &lt;code&gt;AWS_REGION&lt;/code&gt; to the region you work in.&lt;/p&gt;

&lt;p&gt;Pin the proxy version rather than tracking latest. You get reproducible behavior and a guard against a bad release. Check &lt;a href="https://pypi.org/project/mcp-proxy-for-aws/" rel="noopener noreferrer"&gt;PyPI&lt;/a&gt; every few weeks and bump it on purpose.&lt;/p&gt;

&lt;p&gt;Then install the skills:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Open Kiro's MCP Server view (the Kiro panel in the sidebar, or search "MCP" in the command palette), reconnect the &lt;code&gt;aws&lt;/code&gt; server, and you're live.&lt;/p&gt;

&lt;h3&gt;
  
  
  Codex
&lt;/h3&gt;

&lt;p&gt;Add the marketplace, then install from inside Codex:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;codex plugin marketplace add aws/agent-toolkit-for-aws
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Launch Codex, run &lt;code&gt;/plugins&lt;/code&gt;, and install &lt;code&gt;aws-core&lt;/code&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  Claude Code
&lt;/h3&gt;

&lt;p&gt;The plugins live on the official Anthropic marketplace, included by default:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;/plugin install aws-core@claude-plugins-official
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Hit &lt;code&gt;Plugin not found&lt;/code&gt;? Refresh the index with &lt;code&gt;/plugin marketplace update claude-plugins-official&lt;/code&gt; and try again. Add &lt;code&gt;aws-agents&lt;/code&gt;, &lt;code&gt;aws-data-analytics&lt;/code&gt;, or &lt;code&gt;aws-agents-for-devsecops&lt;/code&gt; the same way.&lt;/p&gt;

&lt;h3&gt;
  
  
  Cursor
&lt;/h3&gt;

&lt;p&gt;Add the repo as a team marketplace: &lt;strong&gt;Settings → Plugins → Team Marketplaces → Add Marketplace → Import from Repo&lt;/strong&gt;, pointed at &lt;code&gt;aws/agent-toolkit-for-aws&lt;/code&gt;. Open the &lt;strong&gt;Plugins&lt;/strong&gt; panel and install &lt;code&gt;aws-core&lt;/code&gt; first, then the others as needed.&lt;/p&gt;

&lt;h3&gt;
  
  
  Other agents (Windsurf, Cline, and more)
&lt;/h3&gt;

&lt;p&gt;Anything that speaks MCP works, including Windsurf and Cline. Configure the AWS MCP Server directly (see the &lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/getting-started-aws-mcp-server.html" rel="noopener noreferrer"&gt;server setup guide&lt;/a&gt;), then run &lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills&lt;/code&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  How do I check it's working?
&lt;/h2&gt;

&lt;p&gt;Start a fresh conversation and ask: &lt;em&gt;"What AWS Regions are available?"&lt;/em&gt; If the agent returns a list, the MCP Server is connected. For a skill check, ask it to "secure an S3 bucket" and watch it load &lt;code&gt;securing-s3-buckets&lt;/code&gt; before it writes anything. An authentication error instead means your local credentials aren't reaching the server; see Prerequisites for how to set them up.&lt;/p&gt;

&lt;h2&gt;
  
  
  Three workflows that show the payoff
&lt;/h2&gt;

&lt;p&gt;Setup is the boring part. The workflows below are where it pays off, and each one names the skills and components doing the work.&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Stand up a serverless API, end to end
&lt;/h3&gt;

&lt;p&gt;Prompt: &lt;em&gt;"Build a REST API: API Gateway in front of a Lambda that reads and writes a DynamoDB table, deployed with CDK."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;This is the kind of task agents usually botch, because it spans four services and the IAM glue between them. The agent pulls &lt;code&gt;aws-serverless&lt;/code&gt;, &lt;code&gt;connecting-lambda-to-api-gateway&lt;/code&gt;, &lt;code&gt;connecting-lambda-to-dynamodb&lt;/code&gt;, and &lt;code&gt;aws-cdk&lt;/code&gt;, then uses the MCP Server's API tools to provision and the &lt;code&gt;run_script&lt;/code&gt; sandbox for multi-step setup. The skills carry the wiring, so the Lambda role scopes to your specific table instead of granting access to everything (&lt;code&gt;*&lt;/code&gt;), and the CDK stack follows current patterns instead of a 2023 blog post the model half-remembers.&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Troubleshoot a production issue you can't reproduce
&lt;/h3&gt;

&lt;p&gt;Prompt: &lt;em&gt;"My checkout Lambda times out intermittently and error rates spiked this morning. Help me find why."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;Point the agent at the symptom and it follows a real diagnostic path. &lt;code&gt;debugging-lambda-timeouts&lt;/code&gt; and &lt;code&gt;troubleshooting-application-failures&lt;/code&gt; give it the procedure, while &lt;code&gt;aws-observability&lt;/code&gt; and &lt;code&gt;querying-aws-cloudwatch&lt;/code&gt; let it read the actual logs and metrics through the MCP Server. It checks the configured timeout against duration metrics, looks for cold starts, and inspects downstream calls that block, then tells you what it found. You get an actual investigation rather than a guess.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Hand an agent production access without losing sleep
&lt;/h3&gt;

&lt;p&gt;Prompt: &lt;em&gt;"Audit this account's S3 buckets and secrets, and flag anything risky."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;This is the workflow that separates the toolkit from wiring up a raw MCP server. Before you run it, scope the agent's IAM role to read-only with the condition keys the MCP Server attaches, &lt;code&gt;aws:ViaAWSMCPService&lt;/code&gt; and &lt;code&gt;aws:CalledViaAWSMCP&lt;/code&gt;, so it can inspect and plan but cannot change anything, even though your own role can. Writing that policy is an advanced step, and the &lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;user guide&lt;/a&gt; explains how the condition keys fit in; you can skip it the first time through and still get value from the audit. The agent uses &lt;code&gt;securing-s3-buckets&lt;/code&gt; and &lt;code&gt;creating-secrets-using-best-practices&lt;/code&gt; as its rubric for what counts as risky, and every call lands in CloudTrail for you to review later.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to update and remove skills
&lt;/h2&gt;

&lt;p&gt;On AWS CLI &lt;code&gt;2.35.0+&lt;/code&gt;, the &lt;code&gt;aws agent-toolkit&lt;/code&gt; command group manages skills across all your agents from the terminal:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws agent-toolkit list-installed-skills
aws agent-toolkit add-skill &lt;span class="nt"&gt;--skill-name&lt;/span&gt; aws-serverless
aws agent-toolkit update-skill &lt;span class="nt"&gt;--skill-name&lt;/span&gt; aws-serverless
aws agent-toolkit remove-skill &lt;span class="nt"&gt;--skill-name&lt;/span&gt; aws-cdk &lt;span class="nt"&gt;--agent&lt;/span&gt; kiro
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;There's also &lt;code&gt;search-skills&lt;/code&gt;, &lt;code&gt;list-available-skills&lt;/code&gt;, and &lt;code&gt;get-skill-metadata&lt;/code&gt; for browsing the catalog from the terminal. Without the CLI, re-run &lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills&lt;/code&gt; to pull new skills, and remove them with &lt;code&gt;npx skills remove &amp;lt;skill-name&amp;gt;&lt;/code&gt;. The MCP Server itself is AWS-hosted, so its API coverage and docs stay current on their own. The one thing you pin and bump yourself is the proxy version in your config.&lt;/p&gt;

&lt;h2&gt;
  
  
  Frequently asked questions
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Is the Agent Toolkit for AWS free?&lt;/strong&gt;&lt;br&gt;
Yes. The toolkit costs nothing to install or use. You pay only standard AWS rates for the resources your agent creates or calls.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Which AWS CLI version do I need for &lt;code&gt;aws configure agent-toolkit&lt;/code&gt;?&lt;/strong&gt;&lt;br&gt;
Version 2.35.0 or later. Older versions don't recognize the command and fail with &lt;code&gt;Found invalid choice 'agent-toolkit'&lt;/code&gt;. Check yours with &lt;code&gt;aws --version&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do I fix "Found invalid choice 'agent-toolkit'"?&lt;/strong&gt;&lt;br&gt;
Upgrade the AWS CLI to 2.35.0 or later, since the command shipped in that release. On macOS with Homebrew, run &lt;code&gt;brew upgrade awscli&lt;/code&gt;, then confirm with &lt;code&gt;aws --version&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Do I need an AWS account and credentials?&lt;/strong&gt;&lt;br&gt;
Credentials are needed only for actions that touch your account, like API calls and &lt;code&gt;run_script&lt;/code&gt;. Documentation search and skill discovery work with no credentials. Anything that provisions or reads real resources needs an AWS account.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Which coding agents does it work with?&lt;/strong&gt;&lt;br&gt;
Kiro, Claude Code, Codex, and Cursor have first-class setups, and any MCP-compatible agent works too, including Windsurf and Cline. Plugins cover Claude Code, Codex, and Cursor; Kiro and the rest connect to the MCP server directly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How is it different from the AWS Labs MCP servers?&lt;/strong&gt;&lt;br&gt;
It's the successor to AWS Labs. The differences that matter: IAM condition keys that separate agent actions from human ones, CloudWatch and CloudTrail on every request, and skills evaluated end to end.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do I give a coding agent read-only access to AWS?&lt;/strong&gt;&lt;br&gt;
Scope its IAM role with the condition keys the MCP server attaches, &lt;code&gt;aws:ViaAWSMCPService&lt;/code&gt; and &lt;code&gt;aws:CalledViaAWSMCP&lt;/code&gt;, to allow reads and deny writes. The agent can inspect and plan but not change anything, even when your own role can.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do I update or remove skills?&lt;/strong&gt;&lt;br&gt;
On AWS CLI 2.35.0+, use &lt;code&gt;aws agent-toolkit update-skill&lt;/code&gt; and &lt;code&gt;aws agent-toolkit remove-skill&lt;/code&gt;. Otherwise re-run &lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills&lt;/code&gt; to update, and &lt;code&gt;npx skills remove &amp;lt;skill-name&amp;gt;&lt;/code&gt; to remove.&lt;/p&gt;

&lt;h2&gt;
  
  
  What to try next
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build the serverless API above, then ask the agent to add a CloudWatch alarm with &lt;code&gt;setting-up-cloudwatch-alarm-notifications&lt;/code&gt; and watch it connect the alarm to an SNS topic.&lt;/li&gt;
&lt;li&gt;Set up the read-only profile from workflow 3, hand it a real account, and confirm the agent can plan a change but not apply one. That's what makes me comfortable letting one near production.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Further reading
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;a href="https://github.com/aws/agent-toolkit-for-aws" rel="noopener noreferrer"&gt;Agent Toolkit for AWS repo&lt;/a&gt;. The source, every skill, and the plugin definitions.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;What is the Agent Toolkit for AWS?&lt;/a&gt;. Components and capabilities.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/quick-start.html" rel="noopener noreferrer"&gt;Getting started&lt;/a&gt;. Install and verify.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/aws-cli.html" rel="noopener noreferrer"&gt;AWS CLI for the toolkit&lt;/a&gt;. The setup wizard and the skill commands.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/understanding-mcp-server-tools.html" rel="noopener noreferrer"&gt;AWS MCP Server tools&lt;/a&gt;. Every tool the server exposes.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  About the author
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Saurabh Dahal is a developer advocate at AWS, working with the latest agentic and AI tools for developers to help boost developer productivity. He set up the Agent Toolkit for AWS across Kiro, Codex, Claude Code, and Cursor for this guide.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Published June 30, 2026. Last updated June 30, 2026.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agentskills</category>
      <category>aws</category>
      <category>agents</category>
    </item>
    <item>
      <title>Setting up the Agent Toolkit for AWS in Kiro (and Codex, Claude Code, and Cursor)</title>
      <dc:creator>Saurabh "Rob" Dahal</dc:creator>
      <pubDate>Tue, 30 Jun 2026 12:30:56 +0000</pubDate>
      <link>https://dev.to/raabdahl/setting-up-the-agent-toolkit-for-aws-in-kiro-and-codex-claude-code-and-cursor-2amm</link>
      <guid>https://dev.to/raabdahl/setting-up-the-agent-toolkit-for-aws-in-kiro-and-codex-claude-code-and-cursor-2amm</guid>
      <description>&lt;p&gt;If you've let a coding agent loose on AWS, you've watched it guess. It invents API parameters that don't exist, or hands you an S3 bucket a security review will bounce on sight. The Agent Toolkit for AWS is built to stop that. By the end of this post you'll have it running in whatever editor you use, plus a tour of what's in it and three workflows worth pointing it at.&lt;/p&gt;

&lt;p&gt;I use Kiro day to day, so I'll walk through that setup first. It also works with Codex, Claude Code, Cursor, and any other agent that speaks MCP, the Model Context Protocol, which is the open standard agents use to connect to outside tools and data. I'll cover those too.&lt;/p&gt;

&lt;h2&gt;
  
  
  What is the Agent Toolkit for AWS?
&lt;/h2&gt;

&lt;p&gt;The Agent Toolkit for AWS is a free, AWS-supported set of tools that gives AI coding agents secure access to AWS, current documentation they can read mid-task, and tested procedures for the work they tend to fumble. It plugs into the agent you already use rather than asking you to switch. In practice, that shows up in a few ways, all detailed in the &lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;AWS user guide&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;The agent stops guessing about APIs it never saw. The models behind these agents trained on data that's months or years old, so anything AWS shipped recently is missing or wrong in their heads, and the toolkit hands them current docs and references at request time. For multi-step work like least-privilege IAM or a production serverless stack, it follows a vetted skill instead of reconstructing the steps from half-memory. Every call goes through your own IAM credentials, shows up in CloudWatch, and gets logged to CloudTrail, so you can scope an agent to read-only even when your role can write. And the toolkit costs nothing on its own; you pay only for the AWS resources the agent creates.&lt;/p&gt;

&lt;p&gt;It's the successor to the MCP servers, skills, and plugins AWS shipped under &lt;a href="https://github.com/awslabs" rel="noopener noreferrer"&gt;AWS Labs&lt;/a&gt; in 2025. Two things make me reach for it over a raw MCP setup: condition keys that let a policy tell an agent apart from a human, and skills that have been evaluated end to end rather than thrown over the wall.&lt;/p&gt;

&lt;h2&gt;
  
  
  What's included: the MCP server, skills, plugins, and rules files
&lt;/h2&gt;

&lt;p&gt;Four components work together (&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;reference&lt;/a&gt;).&lt;/p&gt;

&lt;p&gt;The AWS MCP Server is the access layer, a single endpoint that reaches 300+ AWS services. It runs in two modes depending on what you ask for. Searching AWS docs, pulling service info, and discovering skills need no credentials at all, so the server is useful the moment you connect it. Anything that touches your account, real API calls and the sandboxed Python &lt;code&gt;run_script&lt;/code&gt; tool, runs as you through your local AWS credentials. It also stamps two condition keys on every request, &lt;code&gt;aws:ViaAWSMCPService&lt;/code&gt; and &lt;code&gt;aws:CalledViaAWSMCP&lt;/code&gt;, so your policies can single out agent traffic.&lt;/p&gt;

&lt;p&gt;Skills are curated packages of instructions, scripts, and reference material for one task. The agent loads a skill only when it needs it, so they barely touch your context until they're relevant.&lt;/p&gt;

&lt;p&gt;Plugins bundle the MCP config and a curated skill set into one install. They're available for Claude Code, Codex, and Cursor; Kiro and other MCP agents connect to the server directly instead, which I cover in the setup steps below. Four ship today:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Plugin&lt;/th&gt;
&lt;th&gt;Covers&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-core&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Service selection, CDK/CloudFormation, serverless, containers, storage, observability, billing, SDK usage, deployment. &lt;strong&gt;Start here.&lt;/strong&gt;
&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-agents&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Building AI agents on AWS with Amazon Bedrock and AgentCore.&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-data-analytics&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Data lake, analytics, and ETL with S3 Tables, AWS Glue, and Athena.&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;code&gt;aws-agents-for-devsecops&lt;/code&gt;&lt;/td&gt;
&lt;td&gt;Incident investigation, code review, UAT, vulnerability scanning, and pen testing with AWS DevOps Agent and AWS Security Agent.&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Rules files are project-level config that sets guardrails: use the MCP Server, find a skill before acting, check the docs, prefer infrastructure-as-code. Rules decide how the agent behaves; skills supply what it does for a given job.&lt;/p&gt;

&lt;h3&gt;
  
  
  Which skills does the Agent Toolkit include?
&lt;/h3&gt;

&lt;p&gt;The skills are the part I underestimated at first. There are around 64 today (browse the &lt;a href="https://github.com/aws/agent-toolkit-for-aws/tree/main/skills" rel="noopener noreferrer"&gt;&lt;code&gt;skills/&lt;/code&gt; directory&lt;/a&gt; for the live list), split into core and specialized.&lt;/p&gt;

&lt;p&gt;Core skills, which ship with &lt;code&gt;aws-core&lt;/code&gt;:&lt;/p&gt;

&lt;p&gt;&lt;code&gt;amazon-bedrock&lt;/code&gt;, &lt;code&gt;aws-billing-and-cost-management&lt;/code&gt;, &lt;code&gt;aws-blocks&lt;/code&gt;, &lt;code&gt;aws-cdk&lt;/code&gt;, &lt;code&gt;aws-cloudformation&lt;/code&gt;, &lt;code&gt;aws-containers&lt;/code&gt;, &lt;code&gt;aws-iam&lt;/code&gt;, &lt;code&gt;aws-messaging-and-streaming&lt;/code&gt;, &lt;code&gt;aws-observability&lt;/code&gt;, &lt;code&gt;aws-sdk-js-v3-usage&lt;/code&gt;, &lt;code&gt;aws-sdk-python-usage&lt;/code&gt;, &lt;code&gt;aws-sdk-swift-usage&lt;/code&gt;, &lt;code&gt;aws-serverless&lt;/code&gt;, &lt;code&gt;signing-in-to-aws&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;Specialized skills, grouped by domain (a few from each):&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Serverless (9)&lt;/strong&gt;: &lt;code&gt;connecting-lambda-to-api-gateway&lt;/code&gt;, &lt;code&gt;connecting-lambda-to-dynamodb&lt;/code&gt;, &lt;code&gt;debugging-lambda-timeouts&lt;/code&gt;, &lt;code&gt;processing-s3-uploads-with-step-functions&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Analytics (10)&lt;/strong&gt;: &lt;code&gt;querying-data-lake&lt;/code&gt;, &lt;code&gt;ingesting-into-data-lake&lt;/code&gt;, &lt;code&gt;managing-amazon-msk&lt;/code&gt;, &lt;code&gt;amazon-opensearch-service&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Database (8)&lt;/strong&gt;: &lt;code&gt;amazon-aurora-postgresql&lt;/code&gt;, &lt;code&gt;amazon-elasticache&lt;/code&gt;, &lt;code&gt;exporting-rds-to-s3&lt;/code&gt;, &lt;code&gt;rds-db2&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Networking (5)&lt;/strong&gt;: &lt;code&gt;creating-production-vpc-multi-az&lt;/code&gt;, &lt;code&gt;routing-traffic-with-route53-and-cloudfront&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Storage (5)&lt;/strong&gt;: &lt;code&gt;securing-s3-buckets&lt;/code&gt;, &lt;code&gt;creating-data-lake-table&lt;/code&gt;, &lt;code&gt;storing-and-querying-vectors&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;EC2 (3)&lt;/strong&gt;, &lt;strong&gt;Operations (3)&lt;/strong&gt;, &lt;strong&gt;System table (3)&lt;/strong&gt;, &lt;strong&gt;Migration (2)&lt;/strong&gt;, &lt;strong&gt;Security and identity (1)&lt;/strong&gt;, &lt;strong&gt;Web and mobile (1)&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Don't memorize the list. When you ask for "a Lambda behind API Gateway writing to DynamoDB," the agent pulls the matching skills on its own.&lt;/p&gt;

&lt;h2&gt;
  
  
  Prerequisites
&lt;/h2&gt;

&lt;p&gt;A handful of things need to be in place first. None take long.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;An AWS account.&lt;/strong&gt; Anything that touches AWS needs one. &lt;a href="https://docs.aws.amazon.com/accounts/latest/reference/getting-started.html" rel="noopener noreferrer"&gt;Sign up here&lt;/a&gt; if you don't have one yet.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;AWS credentials on your machine&lt;/strong&gt;, for the parts that act on your account. The server still connects and answers documentation and skill questions without them, but API calls and &lt;code&gt;run_script&lt;/code&gt; need them. The proxy reads the standard AWS credential chain, so &lt;code&gt;aws configure&lt;/code&gt;, an SSO login, a named profile, or the usual environment variables all work. New to this? &lt;a href="https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html" rel="noopener noreferrer"&gt;Configuring the AWS CLI&lt;/a&gt; is the simplest path. The CLI is the common way to set credentials, not a hard requirement.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;&lt;a href="https://docs.astral.sh/uv/" rel="noopener noreferrer"&gt;uv&lt;/a&gt;&lt;/strong&gt;, a Python package tool that runs the MCP proxy. Install it with &lt;code&gt;brew install uv&lt;/code&gt; on macOS, or the &lt;a href="https://docs.astral.sh/uv/getting-started/installation/" rel="noopener noreferrer"&gt;official installer&lt;/a&gt; elsewhere. The &lt;code&gt;uvx&lt;/code&gt; command in the Kiro config below comes bundled with it.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Node.js&lt;/strong&gt;, which gives you the &lt;code&gt;npx&lt;/code&gt; command used to install skills. If &lt;code&gt;npx --version&lt;/code&gt; prints nothing, install it from &lt;a href="https://nodejs.org" rel="noopener noreferrer"&gt;nodejs.org&lt;/a&gt;.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;AWS CLI &lt;code&gt;2.35.0&lt;/code&gt; or later&lt;/strong&gt;, but only if you use the one-command wizard below. Check with &lt;code&gt;aws --version&lt;/code&gt;.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  How to set up the Agent Toolkit for AWS
&lt;/h2&gt;

&lt;p&gt;The quickest route is the AWS CLI wizard, which configures every agent you have at once. Prefer to do it by hand, or only use one editor? Skip to the per-agent steps below.&lt;/p&gt;

&lt;h3&gt;
  
  
  Set up every agent at once with the AWS CLI
&lt;/h3&gt;

&lt;p&gt;On a recent AWS CLI, one command detects your installed agents, installs default skills, and configures the MCP Server for all of them:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws configure agent-toolkit
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;One gotcha worth calling out, because I hit it. On an older CLI you'll see:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;aws: [ERROR]: argument subcommand: Found invalid choice 'agent-toolkit'
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That means your AWS CLI predates &lt;code&gt;2.35.0&lt;/code&gt;. Update it (&lt;a href="https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html" rel="noopener noreferrer"&gt;instructions&lt;/a&gt;), confirm with &lt;code&gt;aws --version&lt;/code&gt;, and rerun. Restart your agent afterward so it picks up the new MCP config.&lt;/p&gt;

&lt;p&gt;If you only use one agent, or you want to see exactly what gets wired up, the per-agent steps below do the same thing by hand.&lt;/p&gt;

&lt;h3&gt;
  
  
  Kiro
&lt;/h3&gt;

&lt;p&gt;Open your Kiro MCP config and add the AWS server. Use &lt;code&gt;.kiro/settings/mcp.json&lt;/code&gt; for the current project, or &lt;code&gt;~/.kiro/settings/mcp.json&lt;/code&gt; to turn it on everywhere. Create the file if it doesn't exist yet:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"mcpServers"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"aws"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"command"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"uvx"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="nl"&gt;"args"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"mcp-proxy-for-aws@1.6.3"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"https://aws-mcp.us-east-1.api.aws/mcp"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
        &lt;/span&gt;&lt;span class="s2"&gt;"--metadata"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"AWS_REGION=us-west-2"&lt;/span&gt;&lt;span class="w"&gt;
      &lt;/span&gt;&lt;span class="p"&gt;]&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;If your config already lists other servers under &lt;code&gt;mcpServers&lt;/code&gt;, add the &lt;code&gt;aws&lt;/code&gt; entry next to them instead of replacing the block, and keep the JSON valid (mind the commas). Change &lt;code&gt;AWS_REGION&lt;/code&gt; to the region you work in.&lt;/p&gt;

&lt;p&gt;Pin the proxy version rather than tracking latest. You get reproducible behavior and a guard against a bad release. Check &lt;a href="https://pypi.org/project/mcp-proxy-for-aws/" rel="noopener noreferrer"&gt;PyPI&lt;/a&gt; every few weeks and bump it on purpose.&lt;/p&gt;

&lt;p&gt;Then install the skills:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Open Kiro's MCP Server view (the Kiro panel in the sidebar, or search "MCP" in the command palette), reconnect the &lt;code&gt;aws&lt;/code&gt; server, and you're live.&lt;/p&gt;

&lt;h3&gt;
  
  
  Codex
&lt;/h3&gt;

&lt;p&gt;Add the marketplace, then install from inside Codex:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;codex plugin marketplace add aws/agent-toolkit-for-aws
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Launch Codex, run &lt;code&gt;/plugins&lt;/code&gt;, and install &lt;code&gt;aws-core&lt;/code&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  Claude Code
&lt;/h3&gt;

&lt;p&gt;The plugins live on the official Anthropic marketplace, included by default:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;/plugin install aws-core@claude-plugins-official
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Hit &lt;code&gt;Plugin not found&lt;/code&gt;? Refresh the index with &lt;code&gt;/plugin marketplace update claude-plugins-official&lt;/code&gt; and try again. Add &lt;code&gt;aws-agents&lt;/code&gt;, &lt;code&gt;aws-data-analytics&lt;/code&gt;, or &lt;code&gt;aws-agents-for-devsecops&lt;/code&gt; the same way.&lt;/p&gt;

&lt;h3&gt;
  
  
  Cursor
&lt;/h3&gt;

&lt;p&gt;Add the repo as a team marketplace: &lt;strong&gt;Settings → Plugins → Team Marketplaces → Add Marketplace → Import from Repo&lt;/strong&gt;, pointed at &lt;code&gt;aws/agent-toolkit-for-aws&lt;/code&gt;. Open the &lt;strong&gt;Plugins&lt;/strong&gt; panel and install &lt;code&gt;aws-core&lt;/code&gt; first, then the others as needed.&lt;/p&gt;

&lt;h3&gt;
  
  
  Other agents (Windsurf, Cline, and more)
&lt;/h3&gt;

&lt;p&gt;Anything that speaks MCP works, including Windsurf and Cline. Configure the AWS MCP Server directly (see the &lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/getting-started-aws-mcp-server.html" rel="noopener noreferrer"&gt;server setup guide&lt;/a&gt;), then run &lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills&lt;/code&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  How do I check it's working?
&lt;/h2&gt;

&lt;p&gt;Start a fresh conversation and ask: &lt;em&gt;"What AWS Regions are available?"&lt;/em&gt; If the agent returns a list, the MCP Server is connected. For a skill check, ask it to "secure an S3 bucket" and watch it load &lt;code&gt;securing-s3-buckets&lt;/code&gt; before it writes anything. An authentication error instead means your local credentials aren't reaching the server; see Prerequisites for how to set them up.&lt;/p&gt;

&lt;h2&gt;
  
  
  Three workflows that show the payoff
&lt;/h2&gt;

&lt;p&gt;Setup is the boring part. The workflows below are where it pays off, and each one names the skills and components doing the work.&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Stand up a serverless API, end to end
&lt;/h3&gt;

&lt;p&gt;Prompt: &lt;em&gt;"Build a REST API: API Gateway in front of a Lambda that reads and writes a DynamoDB table, deployed with CDK."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;This is the kind of task agents usually botch, because it spans four services and the IAM glue between them. The agent pulls &lt;code&gt;aws-serverless&lt;/code&gt;, &lt;code&gt;connecting-lambda-to-api-gateway&lt;/code&gt;, &lt;code&gt;connecting-lambda-to-dynamodb&lt;/code&gt;, and &lt;code&gt;aws-cdk&lt;/code&gt;, then uses the MCP Server's API tools to provision and the &lt;code&gt;run_script&lt;/code&gt; sandbox for multi-step setup. The skills carry the wiring, so the Lambda role scopes to your specific table instead of granting access to everything (&lt;code&gt;*&lt;/code&gt;), and the CDK stack follows current patterns instead of a 2023 blog post the model half-remembers.&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Troubleshoot a production issue you can't reproduce
&lt;/h3&gt;

&lt;p&gt;Prompt: &lt;em&gt;"My checkout Lambda times out intermittently and error rates spiked this morning. Help me find why."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;Point the agent at the symptom and it follows a real diagnostic path. &lt;code&gt;debugging-lambda-timeouts&lt;/code&gt; and &lt;code&gt;troubleshooting-application-failures&lt;/code&gt; give it the procedure, while &lt;code&gt;aws-observability&lt;/code&gt; and &lt;code&gt;querying-aws-cloudwatch&lt;/code&gt; let it read the actual logs and metrics through the MCP Server. It checks the configured timeout against duration metrics, looks for cold starts, and inspects downstream calls that block, then tells you what it found. You get an actual investigation rather than a guess.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Hand an agent production access without losing sleep
&lt;/h3&gt;

&lt;p&gt;Prompt: &lt;em&gt;"Audit this account's S3 buckets and secrets, and flag anything risky."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;This is the workflow that separates the toolkit from wiring up a raw MCP server. Before you run it, scope the agent's IAM role to read-only with the condition keys the MCP Server attaches, &lt;code&gt;aws:ViaAWSMCPService&lt;/code&gt; and &lt;code&gt;aws:CalledViaAWSMCP&lt;/code&gt;, so it can inspect and plan but cannot change anything, even though your own role can. Writing that policy is an advanced step, and the &lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;user guide&lt;/a&gt; explains how the condition keys fit in; you can skip it the first time through and still get value from the audit. The agent uses &lt;code&gt;securing-s3-buckets&lt;/code&gt; and &lt;code&gt;creating-secrets-using-best-practices&lt;/code&gt; as its rubric for what counts as risky, and every call lands in CloudTrail for you to review later.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to update and remove skills
&lt;/h2&gt;

&lt;p&gt;On AWS CLI &lt;code&gt;2.35.0+&lt;/code&gt;, the &lt;code&gt;aws agent-toolkit&lt;/code&gt; command group manages skills across all your agents from the terminal:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws agent-toolkit list-installed-skills
aws agent-toolkit add-skill &lt;span class="nt"&gt;--skill-name&lt;/span&gt; aws-serverless
aws agent-toolkit update-skill &lt;span class="nt"&gt;--skill-name&lt;/span&gt; aws-serverless
aws agent-toolkit remove-skill &lt;span class="nt"&gt;--skill-name&lt;/span&gt; aws-cdk &lt;span class="nt"&gt;--agent&lt;/span&gt; kiro
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;There's also &lt;code&gt;search-skills&lt;/code&gt;, &lt;code&gt;list-available-skills&lt;/code&gt;, and &lt;code&gt;get-skill-metadata&lt;/code&gt; for browsing the catalog from the terminal. Without the CLI, re-run &lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills&lt;/code&gt; to pull new skills, and remove them with &lt;code&gt;npx skills remove &amp;lt;skill-name&amp;gt;&lt;/code&gt;. The MCP Server itself is AWS-hosted, so its API coverage and docs stay current on their own. The one thing you pin and bump yourself is the proxy version in your config.&lt;/p&gt;

&lt;h2&gt;
  
  
  Frequently asked questions
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Is the Agent Toolkit for AWS free?&lt;/strong&gt;&lt;br&gt;
Yes. The toolkit costs nothing to install or use. You pay only standard AWS rates for the resources your agent creates or calls.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Which AWS CLI version do I need for &lt;code&gt;aws configure agent-toolkit&lt;/code&gt;?&lt;/strong&gt;&lt;br&gt;
Version 2.35.0 or later. Older versions don't recognize the command and fail with &lt;code&gt;Found invalid choice 'agent-toolkit'&lt;/code&gt;. Check yours with &lt;code&gt;aws --version&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do I fix "Found invalid choice 'agent-toolkit'"?&lt;/strong&gt;&lt;br&gt;
Upgrade the AWS CLI to 2.35.0 or later, since the command shipped in that release. On macOS with Homebrew, run &lt;code&gt;brew upgrade awscli&lt;/code&gt;, then confirm with &lt;code&gt;aws --version&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Do I need an AWS account and credentials?&lt;/strong&gt;&lt;br&gt;
Credentials are needed only for actions that touch your account, like API calls and &lt;code&gt;run_script&lt;/code&gt;. Documentation search and skill discovery work with no credentials. Anything that provisions or reads real resources needs an AWS account.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Which coding agents does it work with?&lt;/strong&gt;&lt;br&gt;
Kiro, Claude Code, Codex, and Cursor have first-class setups, and any MCP-compatible agent works too, including Windsurf and Cline. Plugins cover Claude Code, Codex, and Cursor; Kiro and the rest connect to the MCP server directly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How is it different from the AWS Labs MCP servers?&lt;/strong&gt;&lt;br&gt;
It's the successor to AWS Labs. The differences that matter: IAM condition keys that separate agent actions from human ones, CloudWatch and CloudTrail on every request, and skills evaluated end to end.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do I give a coding agent read-only access to AWS?&lt;/strong&gt;&lt;br&gt;
Scope its IAM role with the condition keys the MCP server attaches, &lt;code&gt;aws:ViaAWSMCPService&lt;/code&gt; and &lt;code&gt;aws:CalledViaAWSMCP&lt;/code&gt;, to allow reads and deny writes. The agent can inspect and plan but not change anything, even when your own role can.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;How do I update or remove skills?&lt;/strong&gt;&lt;br&gt;
On AWS CLI 2.35.0+, use &lt;code&gt;aws agent-toolkit update-skill&lt;/code&gt; and &lt;code&gt;aws agent-toolkit remove-skill&lt;/code&gt;. Otherwise re-run &lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills&lt;/code&gt; to update, and &lt;code&gt;npx skills remove &amp;lt;skill-name&amp;gt;&lt;/code&gt; to remove.&lt;/p&gt;

&lt;h2&gt;
  
  
  What to try next
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build the serverless API above, then ask the agent to add a CloudWatch alarm with &lt;code&gt;setting-up-cloudwatch-alarm-notifications&lt;/code&gt; and watch it connect the alarm to an SNS topic.&lt;/li&gt;
&lt;li&gt;Set up the read-only profile from workflow 3, hand it a real account, and confirm the agent can plan a change but not apply one. That's what makes me comfortable letting one near production.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Further reading
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;a href="https://github.com/aws/agent-toolkit-for-aws" rel="noopener noreferrer"&gt;Agent Toolkit for AWS repo&lt;/a&gt;. The source, every skill, and the plugin definitions.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/what-is-agent-toolkit.html" rel="noopener noreferrer"&gt;What is the Agent Toolkit for AWS?&lt;/a&gt;. Components and capabilities.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/quick-start.html" rel="noopener noreferrer"&gt;Getting started&lt;/a&gt;. Install and verify.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/aws-cli.html" rel="noopener noreferrer"&gt;AWS CLI for the toolkit&lt;/a&gt;. The setup wizard and the skill commands.&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://docs.aws.amazon.com/agent-toolkit/latest/userguide/understanding-mcp-server-tools.html" rel="noopener noreferrer"&gt;AWS MCP Server tools&lt;/a&gt;. Every tool the server exposes.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  About the author
&lt;/h2&gt;

&lt;p&gt;&lt;em&gt;Saurabh Dahal is a developer advocate at AWS, working with the latest agentic and AI tools for developers to help boost developer productivity. He set up the Agent Toolkit for AWS across Kiro, Codex, Claude Code, and Cursor for this guide.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Published June 30, 2026. Last updated June 30, 2026.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agentskills</category>
      <category>aws</category>
      <category>agents</category>
    </item>
    <item>
      <title>I Let My AI Agent Build a Bedrock RAG Knowledge Base, Here Are the 2 Mistakes the AWS Agent Toolkit Caught</title>
      <dc:creator>Saurabh "Rob" Dahal</dc:creator>
      <pubDate>Thu, 25 Jun 2026 18:29:01 +0000</pubDate>
      <link>https://dev.to/raabdahl/i-let-my-ai-agent-build-a-bedrock-rag-knowledge-base-here-are-the-2-mistakes-the-aws-agent-toolkit-3l49</link>
      <guid>https://dev.to/raabdahl/i-let-my-ai-agent-build-a-bedrock-rag-knowledge-base-here-are-the-2-mistakes-the-aws-agent-toolkit-3l49</guid>
      <description>&lt;p&gt;&lt;em&gt;Provisioning a Bedrock RAG knowledge base with S3 Vectors, without the hallucinated API calls.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;If you've asked an AI coding agent to set up AWS, you've seen it confidently invent a parameter, reach for a deprecated service, or burn ten minutes retrying against a service it never saw in training. The failure mode that bites hardest is the silent one: the agent &lt;em&gt;thinks&lt;/em&gt; it succeeded, and you find out an hour later.&lt;/p&gt;

&lt;p&gt;I hit two of these while standing up the retrieval layer for a LangGraph support bot, an Amazon Bedrock Knowledge Base backed by Amazon S3 Vectors. I'd love to say I caught both with deep AWS expertise. I caught them because the &lt;a href="https://github.com/aws/agent-toolkit-for-aws" rel="noopener noreferrer"&gt;Agent Toolkit for AWS&lt;/a&gt; read the docs I hadn't. Both would have shipped, and neither did.&lt;/p&gt;

&lt;h2&gt;
  
  
  The 30-second setup
&lt;/h2&gt;

&lt;p&gt;The goal: take a folder of markdown product docs and make them queryable by meaning, so an agent can answer "is this safe for color-treated hair?" from the real docs instead of guessing. Think of it as giving the agent a library it can search instead of making things up. That's the &lt;em&gt;retrieval&lt;/em&gt; half of RAG, the foundation a LangGraph agent will later call as a tool.&lt;/p&gt;

&lt;p&gt;Four moving parts, wrapped in one managed service:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Source bucket&lt;/strong&gt;: an S3 bucket holding the docs.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Embeddings&lt;/strong&gt;: Amazon Titan Text Embeddings V2 (1024-dim vectors).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Vector store&lt;/strong&gt;: Amazon S3 Vectors. I chose it over OpenSearch Serverless because it has no always-on compute, the difference between cents and a monthly surprise for a demo that sits idle.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Knowledge Base&lt;/strong&gt;: Amazon Bedrock Knowledge Bases ties it together into one thing you can query with a &lt;code&gt;retrieve&lt;/code&gt; call.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;To follow along, you need an AWS account, a non-root IAM identity with credentials configured locally, &lt;a href="https://docs.astral.sh/uv/" rel="noopener noreferrer"&gt;uv&lt;/a&gt; installed, and the toolkit installed in your agent. The fastest path across Kiro, Claude Code, Cursor, and Codex is the AWS CLI installer, &lt;a href="https://aws.amazon.com/about-aws/whats-new/2026/06/aws-cli-agent-toolkit/" rel="noopener noreferrer"&gt;&lt;code&gt;aws configure agent-toolkit&lt;/code&gt;&lt;/a&gt;; in Kiro you can instead add the &lt;a href="https://aws.amazon.com/blogs/aws/the-aws-mcp-server-is-now-generally-available/" rel="noopener noreferrer"&gt;AWS MCP Server&lt;/a&gt; to &lt;code&gt;.kiro/settings/mcp.json&lt;/code&gt; (pin the &lt;a href="https://pypi.org/project/mcp-proxy-for-aws/" rel="noopener noreferrer"&gt;&lt;code&gt;mcp-proxy-for-aws&lt;/code&gt;&lt;/a&gt; version) and run &lt;code&gt;npx skills add aws/agent-toolkit-for-aws/skills&lt;/code&gt;. The toolkit plugs into the agent you already use and loads task-specific &lt;em&gt;skills&lt;/em&gt; on demand; I used the &lt;code&gt;amazon-bedrock&lt;/code&gt; skill, which carries the validated, current procedure for building a Knowledge Base. That word, "current," is the whole story.&lt;/p&gt;

&lt;h2&gt;
  
  
  Gotcha #1: the model id was already dead
&lt;/h2&gt;

&lt;p&gt;My first instinct, straight from an older tutorial, was &lt;code&gt;anthropic.claude-3-5-sonnet-20240620-v1:0&lt;/code&gt;. Calling it returned:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;ResourceNotFoundException: This model version has reached the end of its life.
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The fix the toolkit's doc search surfaced: current Anthropic models on Bedrock are &lt;strong&gt;inference-profile only&lt;/strong&gt;. You invoke them through a cross-region profile id like &lt;code&gt;us.anthropic.claude-sonnet-4-5-20250929-v1:0&lt;/code&gt;, not the bare on-demand id.&lt;/p&gt;

&lt;p&gt;On its own, an agent might not even diagnose this correctly. "Not found" reads like a permissions or region problem, so it could swap in another stale id and hit "on-demand throughput isn't supported" instead, flailing sideways. The toolkit got it right because it read the current model docs, not because it happened to remember them.&lt;/p&gt;

&lt;h2&gt;
  
  
  Gotcha #2: Bedrock won't create the S3 Vectors index for you
&lt;/h2&gt;

&lt;p&gt;I created the vector bucket, pointed the Knowledge Base at an index name, and assumed Bedrock would create the index. It didn't:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;ValidationException: The specified index could not be found (S3Vectors 404)
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The real requirement, from the S3 Vectors docs: you create the index yourself, and it must declare two &lt;strong&gt;non-filterable metadata keys&lt;/strong&gt; that Bedrock uses to store chunk text and metadata. Miss them and ingestion fails later with a cryptic error far from the cause. The working command:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws s3vectors create-index &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--vector-bucket-name&lt;/span&gt; &amp;lt;VECTOR_BUCKET&amp;gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--index-name&lt;/span&gt; &amp;lt;INDEX_NAME&amp;gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--data-type&lt;/span&gt; float32 &lt;span class="nt"&gt;--dimension&lt;/span&gt; 1024 &lt;span class="nt"&gt;--distance-metric&lt;/span&gt; cosine &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--metadata-configuration&lt;/span&gt; &lt;span class="s1"&gt;'{"nonFilterableMetadataKeys":["AMAZON_BEDROCK_TEXT","AMAZON_BEDROCK_METADATA"]}'&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--region&lt;/span&gt; us-east-2
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This is the one that best captures why current docs matter. S3 Vectors launched in 2025, so the requirement isn't in most models' training data. A toolkit-less agent would most likely create the index, &lt;em&gt;think it succeeded&lt;/em&gt;, and only hit the wall at ingestion time, then burn an afternoon recreating it with the wrong config. The dimension (1024) and distance metric here aren't arbitrary either: they have to match the Titan embedding model, which is the kind of cross-resource constraint an agent gets wrong when it's guessing.&lt;/p&gt;

&lt;h2&gt;
  
  
  The rest fell into place, and it works
&lt;/h2&gt;

&lt;p&gt;With those two out of the way, the validated sequence ran clean: create the IAM service role (trust &lt;code&gt;bedrock.amazonaws.com&lt;/code&gt; with confused-deputy conditions, so another customer can't trick the role into acting on their resources, plus least-privilege permissions to invoke Titan, read the bucket, and use the vector index), create the Knowledge Base, attach the S3 data source with fixed-size chunking (300 tokens, 20% overlap), and run ingestion. Result: 10/10 documents indexed, zero failures.&lt;/p&gt;

&lt;p&gt;The proof is a retrieval query:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;aws bedrock-agent-runtime retrieve &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--knowledge-base-id&lt;/span&gt; &amp;lt;KB_ID&amp;gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--retrieval-query&lt;/span&gt; &lt;span class="s1"&gt;'{"text":"Is the Curl Cream safe for color-treated hair?"}'&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;--region&lt;/span&gt; us-east-2
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Top hit came back at &lt;strong&gt;0.86 similarity&lt;/strong&gt;, on the exact product doc with the right answer. The library is stocked.&lt;/p&gt;

&lt;h2&gt;
  
  
  What it bought me, and what I'd do differently
&lt;/h2&gt;

&lt;p&gt;Strip away the demo and the toolkit changed two things: it handed the agent the validated setup &lt;em&gt;order&lt;/em&gt; up front (no trial-and-error), and it caught two mistakes a model trained months ago wouldn't know, because it checks current docs and ships procedures AWS maintains. AWS reports developers see fewer iterations and errors with it; on this build, the two catches alone saved me an afternoon.&lt;/p&gt;

&lt;p&gt;Two honest gaps. First, the toolkit's own rules recommend infrastructure-as-code over direct CLI, and I didn't follow that. I ran CLI calls and tracked them in a tagged manifest for teardown. It works, but CDK or CloudFormation would be the reproducible artifact a reader could clone. Second, I left the IAM role's trust policy scoped to &lt;code&gt;knowledge-base/*&lt;/code&gt; instead of the specific KB id; tightening that &lt;code&gt;aws:SourceArn&lt;/code&gt; is the obvious hardening step before this is anything but a demo.&lt;/p&gt;

&lt;h2&gt;
  
  
  What's next
&lt;/h2&gt;

&lt;p&gt;This is the retrieval foundation, not the whole app. Two concrete next steps, and you could take either:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Close the loop.&lt;/strong&gt; Wire a LangGraph agent to call this Knowledge Base as a tool, so it retrieves &lt;em&gt;and&lt;/em&gt; generates grounded answers. That's when "RAG knowledge base" graduates to "RAG application."&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Make it reproducible.&lt;/strong&gt; Convert the ad-hoc CLI provisioning into CDK or CloudFormation, so the whole stack stands up and tears down with one command, the way the toolkit's own rules recommend.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;If you take one thing: the toolkit's real value isn't typing commands for you, it's making better decisions, grounded in current docs, on the things an AI agent gets wrong in ways you don't notice until an hour later.&lt;/p&gt;

</description>
      <category>aws</category>
      <category>ai</category>
      <category>agentskills</category>
      <category>bedrock</category>
    </item>
  </channel>
</rss>
