🦄 Making great presentations more accessible.
This project enhances multilingual accessibility and discoverability while preserving the original content. Detailed transcriptions and keyframes capture the nuances and technical insights that convey the full value of each session.
Note: A comprehensive list of re:Invent 2025 transcribed articles is available in this Spreadsheet!
Overview
📖 AWS re:Invent 2025 - Accelerate building Serverless apps with Amazon Q and MCP servers (CNS373)
In this video, AWS Solutions Architects Sean Kendall and Brian Zambrano demonstrate how to accelerate serverless application development using Amazon Q (now rebranded as Kiro) and MCP (Model Context Protocol) servers. They build a complete tic-tac-toe game backend in real-time, showcasing both Kiro CLI and Kiro IDE workflows. The session covers MCP server configuration including AWS Serverless, AWS CDK, AWS Documentation, and Fetch servers, along with practical prompt engineering techniques. Key features demonstrated include agent steering documents, experimental features like checkpoints and to-do lists, and how MCP servers provide AI agents with up-to-date AWS documentation and serverless best practices. The presenters successfully deploy working backends using AWS SAM and Lambda functions in approximately 5 minutes, while addressing common issues like CORS headers and showing how to iteratively fix errors through conversational prompts.
; This article is entirely auto-generated while preserving the original presentation content as much as possible. Please note that there may be typos or inaccuracies.
Main Part
Introduction: Accelerating Serverless Development with Amazon Q and MCP Servers
Cool. Welcome to re:Invent. We're bright and early, or early enough on a Monday, so very glad that you all showed up here with us on this Monday morning. So thank you. Yeah, so I'm Sean Kendall. I am a Principal Solutions Architect at AWS, specialize in serverless and generative AI. I've been with AWS for just over six years, working out of Calgary, Alberta in Canada. Thanks, Brian. Want to introduce yourself?
Yeah, so my name is Brian Zambrano. I've also been around for a bit. This is going to be about almost seven years at AWS. So I was a Solutions Architect like Sean for many years with a developer background, and I currently work in a group called the Generative AI Innovation Center. Has anyone heard about us, Gen AI Innovation Center? No one? Oh my God, okay, you need to, because what we do right now is we are building generative AI, call them proof of concepts, more like MVPs frankly, for customers for free. So if you have an AWS account team and have some idea of how Gen AI could help you and your organization, you should definitely talk to your account team, because that's what we do. Again, it's a pretty awesome deal for all you in the audience, the customers. But yeah, so I'm building Gen AI solutions right now in the Innovation Center. Awesome, thanks.
Alright, so today we're going to be talking about accelerating building your serverless applications with Amazon Q and MCP servers. Now, show of hands here, who's heard of Amazon Q in the room? Quite a few people. Okay, that's pretty good. Who has used Amazon Q? Okay, less hands, so yeah, we're going to be focusing on that technology. Amazon Q is just our Gen AI that enables you to build a lot faster, and then of course we are going to be focusing on serverless here today. Another show of hands, who's building serverless apps here in the room today? Cool. A lot of show of hands. So that's good because we're not going to be focusing too much on the serverless side. We are going to be building serverless apps and showing you how to build those a little bit better using Amazon Q and faster using Amazon Q, but yeah, we're not going to be focusing too much on those serverless patterns and whatnot.
Session Overview: Building a Tic-Tac-Toe Game Backend with AI-Powered Tools
Now what you're going to get out of here today is we're going to go over a developer tool overview first and then a target architecture on a tic-tac-toe game. That's what we're going to be building here in this code talk. We've already built the front end of the tic-tac-toe game because we figured we don't want Amazon Q to sit there building too much stuff within this short period of time. So we've built that, we've deployed it. There's an OpenAPI spec that's available on the UI just so that, you know, to kind of help the back end and Amazon Q figure out how to build it a little bit better, faster. I'm going to show you some prompt engineering. So what's the prompt that I'm going to use to actually build the back end, so that prompt's going to be provided to Amazon Q so we can go ahead and do all the things with AI. And then after I show you that, then we're going to get into the coding. So you're going to see myself, I'm going to be using the Amazon Q CLI, which I'll tell you more about here in a bit, and within that Amazon Q CLI you'll see how I can build that back end, and then I'll hand it over to Brian who's going to use the IDE version of Amazon Q, and so you can kind of see both flavors of Amazon Q.
So for the developer tool overview, the first thing we're going to be using here today is Amazon Q, and with Amazon Q we have the Amazon Q CLI. So now this is my preference when I'm building. There's no real right or wrong here, but the Amazon Q CLI allows me to open up a terminal and type in my prompt. I can actually just chat to it if I really want to, but it allows me to be extremely hands off. I give it a prompt, I hit enter, and I just let it go, and it doesn't have to bother me at all. I don't have to use a UI. That's what I prefer. Then the other way of doing it is the Amazon Q IDE. So if you prefer a nice IDE experience, then this is another option for you. We're also going to be talking about MCP servers.
Another show of hands, who here has heard of MCP? Most of the group, that's really good. Who's using MCP today? Wow, okay, who could explain what an MCP server is to their friends? Oh, I got you on that one. Okay, we got one. Okay, that's great. That's great. So we're going to get into that, yeah. What's that? Like they're five, exactly, like they're five. That's good. And I'm going to be showing you some of the serverless MCP servers that we have within AWS Labs today. So after the session, if you want to go use these on your own, there's a full library of MCP servers, basically tools you can use to help with your development.
Developer Tool Overview: Amazon Q CLI vs Kiro IDE
So the first thing we're going to focus on here is the Amazon Q CLI. So what you're seeing up on the screen right now, that's basically what it looks like if you're using the CLI. You'll type in Amazon Q CLI, and this is how it opens. So you get this nice little graphic. Within here, you can basically just start typing prompts and it'll respond within the terminal.
The other way of using it is the Kiro IDE and I'll hand it over to Brian here so we can talk through how this one works.
Before I get into this, just a couple of things we forgot to mention. One, this should be interactive. So as we're coding, as we're talking about this, feel free to raise your hand, shout out a question, and we will do our best to answer it. So we have our first one, yes. Here's something that took me by surprise because when I reserved this session it was called Building Serverless Apps with Amazon Q and MCP Server. So Kiro has replaced Amazon Q in this session. Is the same going to happen to the service?
That was my second point. So step one is ask me questions. Two is you segued perfectly into it. Who here has heard about Amazon Q? Most people, okay. So Q as a brand is moving to Kiro now. So what Sean's going to be talking about, what I'm going to be talking about, the CLI went from Q CLI to Kiro CLI. They're basically from a functional standpoint the same thing. Do you have anything else to add on that one?
Well, actually, there's a progression here. So has anyone here used Code Whisperer? Okay, a lot, a few less people. All right, so it actually started as Code Whisperer, which was the agentic AI that then turned into Amazon Q Developer, and now that has turned into Kiro. So we just keep renaming things. That's all it is. Whereas you were using Q yesterday on the CLI, for example, you would type Q hit enter, which I loved, by the way. Now you type Kiro CLI, which is a little more annoying. Is there a follow-up question?
Yeah, I have a follow-up since this session is going to have a Kiro IDE card. So does all the features and practices that you are going to show on Kiro IDE applicable to the Amazon Q, for instance, extension on Visual Studio Code? Those are different things, so you're asking about the VS Code plugin. Yeah, so they're going to be different. I'll try as we get into this, I think it should become obvious or more obvious, and I'll try to talk through it a little bit.
I have a question regarding how we, because in Kiro some time ago, it went from regular payment option into a separate subscription. And now when the Q has been grounded into Kiro CLI, I wonder whether the same. So I think for, yeah, let's hold that for after the talk. So we want to get into the technical parts of this and then for any questions we'll be outside and we can do our best to answer things like that. But let me just go through this real quick.
Understanding MCP Servers: Extending Agent Capabilities with Model Context Protocol
So Sean talked about Kiro CLI. So this is the IDE. This is like, you know, other, if you've used things like Cursor, it's a fork of VS Code, and so it's going to look very similar if you're using VS Code. So a couple of things here to call out. On the left there's a little ghost, the Kiro icon. And when you click on that, other things start showing up. So at the top there's something called Specs. I'm not going to talk about that today unless we have extra time, but if you've heard about spec-driven development, that is something that from my knowledge is unique to Kiro. It's pretty interesting. And then there is the section called Agent Steering Docs. I will talk about that. And then finally the MCP Server configuration down there at the bottom.
And on the right is where you have your interface to talk with your agents, your coding assistants. And again, this is unique to Kiro, at least as far as I'm aware. You can do what's called a Vibe session, which is just what you're used to, chat with your agent and tell it to do something. And then on the right there's spec-driven chat, which is a little bit different, which we won't get into.
So let's just get into at a very high level what is an MCP server. So what it stands for is Model Context Protocol. And so if you think about you as developers, you're going to go and interact with an agent to go and do something, right? Like build me a React UI, go and update my service application to do this, whatever. So you're interacting with some agent. And the agent has, there's a model behind the scenes, it's going to have some internal knowledge based on whenever it was trained, right? New things pop up. There are other pieces of data that could be really useful for your agent to know about, but it doesn't know about, or you might want to enable it to actually perform actions on your behalf. And so you do that by integrating with other systems. So here as an example, you could be integrating with a third-party API or your own company's internal API, right?
We were talking this morning about how Shawn's customer was building a proof of concept to actually have an agent place an order for their customers. There are all these things, information, and features that you would like your agent to be aware of and actually have access to, so how do you do that?
The answer for that is now these MCP servers. Think about MCP servers as a common interface to backend systems to either get new knowledge or perform actions, but it's a standard interface. It's a protocol, and so you could literally build an MCP server like is shown on the screen to do these things, right? Interact with my third-party API, go and figure out the business logic of my internal application, or reach into a database and go read information or write information. You could do that, but I think what we're seeing over and over now is that there are purpose-built MCP servers that have specific duties that do one thing or a set of things that are all wrapped around a given job. For example, there might be a database MCP server that is going to be running database queries for you, and you can see on and on how this goes.
But the overall idea here is, as you leave, think about this as MCP servers are a way to actually, next slide, so MCP servers and connections are a way to give the models access to new, up-to-date information, and it's something that information that they don't know about inherently. So that's the big thing there. Okay, you want to take this one, John?
MCP Server Examples: AWS Documentation, Serverless, CDK, and Third-Party Integrations
So some examples, yeah, so some examples of MCP servers that you might see. One, and one that we're going to be using here today within the actual coding session, is up-to-date AWS documentation. Of course, the models you're using when you are vibe coding and you're building these solutions through AI, they understand AWS. They understand the documentation, but only up to a specific date of when that training ended. So now adding in the AWS Documentation MCP Server, it's going to be able to reference the latest documentation, for example, all the new features that are coming out this week. You'll be able to build those as they get released and as they get published out onto the documentation. So that's another one of the good use cases for these MCP servers and a good example of what we use today.
Now if you're developing production apps that are now going to connect to MCP servers, up-to-date stock prices would be another good example, weather data, anything to do with any API integrations. So now you can just have an MCP server execute those integrations for you through AI, and then basically any of your company's internal API or internal documentation as well. Really any types of data lookup that you need in real time without using the model's training data is a really good way to see that.
Now today within the coding session, here's some of the MCP servers we're going to be using. So the first one is the AWS Serverless MCP Server. This MCP server deals with SAM integration, so it understands SAM and it understands all the commands of how to use SAM, and it'll actually execute those for you within your own environment. It can do local testing and it gives you serverless guidance. So for any serverless app, this is a really good one to add into your coding agent.
Then we have the AWS CDK MCP Server, which is a personal preference of mine, and that's because I like to build everything within CDK. I like to write all my own code in Python, and so this will allow it to now write my applications within that Python code in CDK. One of the things I also get out of this is when you're using the AWS CDK MCP Server, it will actually add in a library called CDK Nag. Within CDK Nag, it makes sure that whatever I'm building is secure. It'll actually fail a build if it's not secure.
One thing that you might find your agent doing is it might say, well, serverless apps must have WAF enabled, right? But then it might say, well, I'm not going to add WAF. You're just building a demo, so it'll put an exception in there, and then you can view those exceptions. If you really wanted it to have WAF, you can remove the exception manually and then tell the agent, say, well, no, please add WAF back into it, and it'll go and add that to make sure it's not an exception. So I really like that about the CDK MCP Server because it does make it more secure. I have seen a lot of people build very insecure things using AI, so that's one thing to really watch out for.
It will also integrate Powertools. So if any of you are building things with Lambda today and you're using the Powertools library, it has all knowledge of Powertools, so we'll be able to add that in there as well to make your things like your observability a little bit better, along with all the different patterns that come with the Power Tools.
Then we have the AWS Core MCP server. I would say this is a really good one to have pretty much all the time. It has prompt understanding inside of it. So if you're not the best at prompt engineering yet, and I would say when I first started, you don't really know how to create a prompt. You just kind of talk to the thing and hopefully it's good, and over time I got a lot better. Well, the prompt understanding will take your input and turn it into something that's a little bit better for building software on AWS, so it is tailored towards that. That's what comes with the AWS Core MCP server, but as well it has a router for other MCP servers.
I don't personally use it because I like to be very specific on the MCP servers I use, but there's an environment variable you can pass in to the AWS Core MCP server for a persona. So I can say I'm a developer persona or an architect, and for those personas it'll add a set of other MCP servers with it. So if you don't know which ones to use, that's another good way to get started. The AWS Documentation MCP server, that's what I was referring to before. It has basically access to all up-to-date information on the AWS services, best practices, limits, APIs, all that kind of stuff.
And then finally a non-AWS MCP server I'm going to be using today, and this is the MCP server fetch, which is an Anthropic MCP server. Basically it just gives you the ability to reach out to the Internet and load a page. So within our Tic Tac Toe application, what we'll be building today, the front end has an OpenAPI spec attached to it that you can actually visualize within the UI. And so I'm going to tell my prompts to basically go and pull that OpenAPI spec and make a back end that matches it. That's how I'm going to be using the fetch MCP server today.
Target Architecture and the Serverless Advantage
Any questions before we go forward on here? Yeah, you might cover this in a second. When you're using Kiro CLI, do these things you just already have them, or you have to opt in? Yeah, so within actually both experiences, so Kiro CLI or the Kiro IDE, I believe comes prepackaged with fetch. Is that correct? I think fetch is in there. You have to enable it. It's disabled. It's disabled, so you have to enable it. If you create a brand new project in Kiro, there'll be one MCP server there that's disabled, which is Fetch, and so you can go in and you can remove it completely. You can enable it globally. You can do whatever you want.
Yeah, so then everything else basically you have to add it, and so there's a website I'm going to show you what it looks like. It's a GitHub page that we maintain all of our MCP servers on, which of course you can use all the AWS ones, but you can use any MCP server from anywhere. Like if you purchase some SaaS software, a lot of SaaS solutions are now coming out with their own MCP servers. You just have to download whatever definition they give you and put it into the IDE.
Okay, so the target architecture we're looking for today is something like this, right? So this is, and just full transparency, we built the app. I actually use Kiro to build the app, and then I told it to generate a diagram because there is a diagram MCP server as well, which I can show you later if you want, and this is the diagram it came up with. So first it built the code, it deployed the code, and then it built this diagram. And so today I mean I'm not actually going to feed this diagram into the prompt. I could, but I'm not going to. I'm going to let it kind of figure out whatever it wants to do by itself.
If I really want to stick to something like this, then I would actually give this to the agents, and I would say, you know, follow this image, see how I want the architecture, and build this exact architecture, and it would just give it a little more guidance to follow exactly what this is. Now the one thing that you won't see us building today is the left hand side of this, right? So the CloudFront with the Origin Access Control with the S3 bucket, that's just hosting the website. So I want to show that on the diagram, but everything on the right hand side is what we'll be building here today.
And just one quick shout out to the serverless part of this. Good luck doing this with Kubernetes in 45 minutes, right? Honestly, and so, you know, kind of our pitch here is that serverless you can go really fast. Serverless with AI tooling and MCP servers you can go really, really, really fast. It's crazy how fast Sean and I were able to do this. So we were even talking before this about what if we finish early, what are we going to do next, because we can go so fast with this. So just again a shout out to the serverless parts of this talk.
Prompt Engineering Strategy: Crafting Effective Instructions for AI Agents
Okay, prompt engineering. So this is the prompt I'm going to be feeding in to the, at least the Kiro CLI piece of this. It's probably going to be different from the prompt that Brian's going to use on the Kiro IDE. Now again, this is from me working for months. It's almost a lifetime in ages of AI in learning prompt engineering. So the first thing I tell it is build and deploy a working serverless back end for the tic tac toe game hosted at, and then a URL.
This is a deployed URL that we already have, I'm going to be plugging that in here. Now you'll notice I say build and deploy, and I actually put that in here because I wanted to build all the code and deploy it without coming back to me. Usually what I do, and I don't know if my wife likes this or not, but before bed I think of an idea, I write a prompt, I hit go, and then I go to bed and it goes and builds my thing overnight. Then I wake up with a fully built application, so that's why I'm always saying build and deploy.
The next piece of this is I'm actually guiding it to use that Fetch MCP server to view the website and then open the API spec, and then I give it the direct URL with the URI to the OpenAPI spec. So I'm giving it a little more guidance here. I'm even guiding it to use the specific MCP server so it doesn't have to guess that as well. I'm now telling it to build the code and deploy to my default AWS account. Now I put this in there because I've learned that if I don't tell it that, it says well I don't know where to deploy it, and I do have an AWS account preconfigured on my laptop, so I want to make sure that it understands that it's allowed to use that. If I don't put that in there, I find it just doesn't do it. It'll build everything, it'll come back to me and say okay, what do you want to do, so this stops it from doing that.
I also tell it to test the API because of course when this thing's building I'm probably sleeping, so I wanted to make sure it deploys and it comes back and it runs all the tests to make sure whatever it did deploy is working and it's working as expected. On this next section that you see here, I'm just going to call out a few things. Handle the CORS headers. Now I find with this AI stuff, it never handles CORS headers. It's probably the biggest issue I always see coming back where it can't actually communicate with my backend because the headers were not added correctly. In fact, I tested this a few times this morning and even though I put this in there, every once in a while it still doesn't do it. So that is some guidance that I do give it, and I also always tell it to handle tagging, so I tag all my projects with a project name. So you see there I see project equals, and then it's going to come up with a project name. I'm not even going to give it a project name, it'll figure that out by itself. Then auto delete false, and this is just kind of an internal AWS thing on all of our internal AWS accounts as employees. We have a script that runs every night and deletes all of our resources if we don't tag it with this value, so I do that so everything doesn't get deleted overnight.
And then this final paragraph, this is something I don't actually usually include in a lot of my prompts. However, I've built this thing so many times I've identified certain places where it could potentially fail, and I want to make sure it doesn't fail. So I add these few items in here just to make sure that it really understands a few things that it continuously fails on. And so you'll find as you're building in the future your applications, if there's certain things that the AI is just not able to do, you'll probably come up with some of these items yourself, and as you're building apps, you'll just kind of natively put those in at the bottom of your prompt. Any questions? Okay.
Live Demo: Building with Kiro CLI and Agent Configuration
So let's get to coding. So let me switch over to this one here. Of course it didn't load the right screen, but that's okay, I can fix that. Okay, so what you're seeing here, this is the Tic-Tac-Toe game that we built, right? So very simple. Right now you can't really see anything on the screen. There's no Tic-Tac-Toe board because nothing's configured. But I actually do have a previously configured game, a backend that I have not yet deleted. So let me push this in here to show you what it should work, right?
So this one, if I put this URL in here, this is the URL to the backend deployed to API Gateway, driven by Lambda functions. So when I add that in here, I can register a player. And there you go, so it works. There's no errors on here. I can start a new game, and then I can start playing and I'll let the computer win this time. There you go, so that's basically the entire thing that it does. Now that backend was built through AI. Now I'm going to show you how I built that through AI, and let's clear this so that when we get our new game it's just nice and empty in here.
Okay, so here is my basically the CLI, and the first thing I'm going to do is I want to add some agents into here. So those MCP servers, I already have a pre-built agent. I'll show you kind of how I built that. Once you install Kiro, you're going to find what you have is you have a file located inside of, so let's open this up in Kiro. So Kiro, it's in your .kiro, so it's in your home directory .kiro, there's a directory that'll be placed inside of there. And then there's an agents subdirectory, and then within that subdirectory they're going to give you a sample JSON file and that's like a default agent that you can build yourself.
I've created one here called Reinvent, so I'm going to open that one here just so you can kind of see how I built it. A lot of this stuff will come out of the box, so the schema, for example, that'll already be there. You're going to want to give it a name of something, so whenever you want to call this agent, this coding agent, that's how you're going to refer to it by. Right now, whenever I start my Kiro CLI, I'll always say that minus minus agent is reinvent.
I give it a description. This is really just for me, so this is basically saying that this agent is able to build AWS serverless backends using best practices. Then I give it a prompt, and the prompt is a system prompt. Just imagine every time you want to build something, this system prompt is going to be there to guide the AI to build in a certain way. So maybe make it like one font bigger, one font bigger here. Let me blow that up there. Is that better? I'll get rid of this. Yeah, yeah, it's probably better, yeah.
There is a, so for most of this config, as soon as you install Kiro, you're going to get that template file. I would say just like take that template file, just keep copying and pasting it for every agent you want. I think right now I have about like ten agents. I have one that uses the AWS Canvas MCP server for like generating images for me and stuff like that. I split my agents like that, so I would just say like, yeah, once you install Kiro, just copy that example multiple times and then just keep making new agents based off of that.
There is also, I don't know this off the top of my head, but there is a Kiro CLI command that can generate the agent for you, and then it'll generate this whole spec. Once you're in, sorry, once you're in Kiro CLI, you can also run that, the generate agent command. I will show you, so there is a repo here. You can see here like I do have different MCP servers. So I have the core MCP server that we talked about. I have the Fetch MCP server, the AWS documentation MCP server, and so far that's it. Now you already know that I want to add a few more in here based on that list I was showing you, so I'm going to add those in.
There's a few other things in here. There's things like allowed tools, right, this allowed tools list. One thing that Kiro is going to do is it's always going to come back if it wants to run a command, and it's going to say, do you want to run this command? I would say if you're doing anything in a sensitive environment, keep that on so that every time something comes back to you to make sure it's not doing like an RM minus RF on a directory you want to keep, you'll have to actually allow that. Everything I work on is kind of demo purposes, so I always start Kiro CLI with a minus A flag, which means just like allow everything and never ask me. I would just say, you know, be a little wary on that one. If you're doing anything that could potentially damage your AWS account or your machine, you probably want that permission placed in there.
Then there's tool settings. So when you start adding MCP servers and tools, when you read the documentation for those MCP servers, a lot of times it'll come back and say like within documentation it'll say, well, you can have, you know, timeout. There's a bash timeout, for example, on execute bash, which is a tool. I can say, well, you have a timeout of 300 seconds. So that's one thing that I've added into mine. So that's where you would put it within here.
Now I'll show you how to add a different MCP server. So now of course this is more of the CLI way, which I think is actually similar anyways to the IDE way. But there's a GitHub, AWS Labs GitHub. I'm going to show you guys a QR code at the end where you can link to this, but basically this has all of the AWS MCP servers, and of course there are thousands of MCP servers out on the internet. These are just the ones that AWS has curated. So in here I'm going to search for serverless, and I have this AWS Serverless MCP server.
Once I come in here, I can quickly add, click these buttons. So if I want to add it to Cursor or VS Code, I can do that from here. Now because I'm doing it on the CLI way, I'm simply going to copy the JSON from in here, come back into my IDE, scroll up to my MCP server list, and paste it. Because I use a default configured profile, I'm just going to delete this environment stuff because that's where I can add a specific profile or region if I need that. If I get rid of that, it'll use my default one.
So the next thing I'm going to do is coming here. Right now I'm sitting within a directory on my machine that has nothing inside of it. So if I show you here, all I have is a prompt.txt, and that's just so I can easily access that prompt I showed you. There's nothing else in here, and this is the directory where I'm going to start building everything. So I'm going to start with Kiro CLI.
Now I use the Kiro command chat, which means I can use additional flags. This gives me the ability to use the minus a flag, which says just do anything and never ask me for permissions. That's because I'm eventually going to hand this off to Brian so my computer can keep working and then his can start building in the IDE. Then I use minus minus agent and then I type in reinvent. That is the name of that agent that I created within that JSON file.
Now, as soon as I open this here, you're going to see it's going to load my different MCP servers. It's validating. I did have four in there, so the Core MCP Server, Serverless, Fetch, and Documentation. Yeah, that is correct. Now within here there are a whole bunch of commands you can run. So if you type slash, you can see there's all these different commands. For one, if you want to manage your agents, if you do have multiple agents, you can do the slash agent command which then has that generation feature inside of it.
But the other thing you can do is just start typing your prompt, right? So if I open up my prompt here, which I have saved over here, you can see I've prefilled in the website address to our Tic Tac Toe game. I'm simply just going to push this in here and that's really it. Now I am using some experimental features within the Kiro CLI. So if you ever type slash experiment, you'll see there's about six different features in there. One of them is a to-do list, and you're going to notice after it starts loading, like right now it's actually fetching out to the Internet, loading that website, saying now I understand the requirements, and now I created that to-do list.
So that's actually an experimental feature. If you want to use that, I find it's really good because it gives it more of that chain of thought process to build an application. I actually personally enable all experimental features. There's things like checkpoints in there, so it's kind of like almost a git commit, but it's local to Kiro. Anyway, so we're going to let this build. It's going to go off and do everything that it needs to do. Now we'll switch over here to Brian so he can show you how to build it within the IDE.
Is there any questions while we're just switching laptops here? So the question is, is it persistent? It's actually using a git repository behind the scenes. That's what the tool is actually doing, so it is persistent. If you were to exit out of Kiro and then come back in, whenever you come into the Kiro CLI a second time after leaving, you use a minus minus resume flag, and then that resumes back from where it ended. Then it'll pick up on those checkpoints. The conversations are stored in a directory within that dot Kiro in your home directory, so your conversation history is all stored within there. So every time you type minus minus resume in a folder that you're currently in, it loads your conversation from there. Everything is persistent in there. Now I'll pass it over to Brian here.
Kiro IDE Walkthrough: Workspace Configuration and Agent Steering Documents
OK, so here we go. This is the Kiro IDE. So real quick tour, just like VS Code or any other IDEs, stuff up navigation on the left here are my files, my file system. Then in the upper right, click on that and that is our chat interface to our agents. Like I said, at the beginning over here on the left there's this Kiro icon. If you click on that, is that large enough? Can you guys see this OK?
So there's these spec things on top which we will get into if we have time. Agent hooks, we also won't cover this, but I can talk to that. And then agent steering docs, which I'll show you how to create something there, and then the MCP servers down here on the left. So you can see I already have four of these that are set up. If I click on this icon that says open MCP config, there are two parts to this. One is the user config, so this is laptop-wide. Like Sean said, the documentation MCP server, enable that one globally. I mean there's really no reason to have that per project, so you can see in here the second one. Well, the first, there's two of them. There's Knowledge MCP and the AWS Documentation MCP Server. So that's under my user configuration. Whenever I'm logged into my laptop, those two things are going to be enabled all the time.
And then the workspace config, and actually I changed directories so that one's empty, so there's nothing. So the things that you see on the left now are on my laptop no matter what project I'm working on. To enable, and I'll just do it real quick, AWS MCP, so I'll do just what Sean did. I'll make this bigger, serverless. And then we're going to copy this.
And then all I'm doing is I'm pasting it in here, and this is the workspace specific configuration. So this will only be enabled for this one workspace. A question for the workspace they go, is this going to live within the repo so my team of developers all get this? Is this a per machine configuration that they have to do for them? Yeah, so you can see right in here, so this is in a directory, a dot Kiro directory in this project. So as long as you commit that and as long as everyone's using Kiro, yeah. And now here I need to put in this, and this is just the name of my profile. I'm going to save that, and as I save that, now you'll see it's spinning over here on the left, and assuming I got the typing correct, that should be enabled next.
Okay, so while that's going, I'm going to talk about, yeah, so that one's working now. So I'm going to talk about real quick about steering docs. Sean has his set up for the Kiro CLI. So a steering doc is something that the agent will reference back to whenever it's given a task, and you can tell it to look at these steering docs based on file extension. And frankly I don't know all the different ways to configure it in terms of telling the agent when to look at it, but I'm going to create a couple of steering docs that inform the agent how to build this application. So these are really tips and tricks to help guide the agent when it's doing some work. And I'm going to do that by clicking this button.
This literally changed I think last week, so this is a little bit new to me. I'm going to create a steering document from scratch, and it says here it only applies within this specific workspace, so that's what I want. And I'm just going to call this AWS SAM. And so you can see here it says, okay, I'm going to include this always, and there's a link to which I haven't read but you guys should definitely read this. But these are some rules about what to do again while the agent is working. So I'm going to delete this stuff real quick and I have something on my clipboard, which is this one. Not your credit card number on there? That's definitely that's the one where you hit like star on allow all. That was the credit card. Let me go and find it real quick, sorry. Yeah, AWS SAM. That's what I want. You copy. Whoops.
Okay, so if you look here, this is pretty terse. There's not much here. It just says, hey, this is a project built with Python 3.13 and AWS SAM. Here's some instructions to test the build, run this, to deploy it, run this. If there are any code changes, you can run SAM sync. So it's really sparse. There's not a lot here. The code here is literally all I did was I ran AWS SAM init. So I said init, it's a Hello World application, it does nothing other than print out Hello World, but it does deploy. But that's all I did. I mean, it took me two minutes.
So what I'm going to do now, and this is I think a nice feature of the IDE, is you'll notice there's this refine button in the upper right. So I'm going to click that, and what that's going to do is it's going to ask the agent, take this prompt here, the steering document is also going to look at the code that I have in the project, and it's going to refine or improve my steering document. And so that's what it's going through now. So there we go. So now we are done. But if you look at it now, it's much more verbose, it's a little bit more thorough, and it's more complete.
So again, I mean I'll just pick some random stuff. So here it's saying like what to do with sync, the project structure, so it looked at the file system, so it realizes the template is the template for the SAM app. The source directory contains all the function code, great. And there's some other things in here. Oftentimes, and what I have found is that oftentimes with a small project like this, a lot of the work involved is telling it what not to do. So if you don't tell it skip the unit test, skip the integration test, don't worry about that, oftentimes these agents will start creating a lot of things that you don't want or need. So that's just one thing that I've noticed over time, so be aware of that.
So I created one, so now in the steering documents we have one which is AWS SAM. I'm going to copy another one which is the product.
I'm going to call this product, and it's that. So same thing, there's not a lot here, but these are just some tips. Sean mentioned CORS, right? We saw that the agents didn't get that right, so there's a specific instruction on there to handle it. I've got something specific for Lambda Powertools, and I say I want you to use Lambda Powertools but install it as a layer. So I will hit refine and then answer your question.
Yeah, will this feature be a way to steer the agent to not, for instance, read environment variables like secret credentials or something? Is it a better way to do that? So the question is, are steering documents a good way to have the agent not read environment variables or not? Yeah, I would say yes. I mean, these steering documents are a way to guide the agent to behave how you want it to behave. So if you don't want it to do something, that's absolutely what I would recommend putting in here.
I would assume that all these instructions, well, they go on each request that we make to the underlying model and hence they consume tokens. Yep, yeah, and if you look here, it says inclusion always, right? So in this case, yeah, every request, and you'll see, let me start this and then I'll move on to the next question. So just to bring us back, I have two MCP servers configured. I've got two agent steering documents, so that's great. I'm going to close these and now I'm going to get my prompt, which is going to be another copy.
It's also fairly short, so I'm going to create a new session here. I could go on with a new session, but I think it's easier just to do this. So this is not a spec-driven prompt. This is going to be a vibe, which is just a regular prompt like what Sean's doing. So I'm going to paste this in here. So I need help to implement a serverless tic-tac-toe backend that abides by the OpenAPI spec which is hosted here. Build this backend for me using the AWS SAM application in this repository. Make sure to keep the implementation simple. I do not need unit tests or integration tests. So that's all I'm going to say. So I'm going to hit enter, and then I'm going to switch over here so we can see the files that it's creating, and then I will answer the next question.
Testing and Debugging: Iterating on AI-Generated Code in Real Time
Yeah, the question is about parity between Kiro CLI and the IDE. Basically what I'm trying to say is that I saw the recline option which maybe it's available as part of Kiro CLI. So whatever you can do with Kiro CLI and the IDE uses the same underlying infrastructure, so I can actually do it with both. Yeah, so the question is, are the CLI and the IDE at parity? The short answer to that is right now they're not, right? So there are features that are starting to come to both. The intent is in the future, and I don't have a timeline for this, but they will be at parity.
One thing we noticed this morning is within my experimental features on the CLI, right, so there was, which feature was it that just came to the IDE? The checkpoints, checkpoints, right. So checkpoints just came to the IDE recently. That's been in the CLI for a little bit, and it is actually still experimental in the CLI. So they are coming to parity. The underlying service is the same, however, right? Like you are using the same models. They're using the Anthropic models. By default they all use a router to get to the best model for whatever you're trying to do, or you can actually specify an exact model.
The models do have different token counts that they take. So if you're going to use the Anthropic Claude 3.5 Sonnet, I think that's like a 1.3 multiplier. Don't quote me on that exactly, but it's something like 1.3, whereas if you use Sonnet 4, it's only a 1 times multiplier, right? So you use more tokens on the higher ones, and of course tokens then cost money, right? So when you purchase Kiro, this maybe comes back to the other question from before on the pricing, right? You can use Kiro for free, right? You can use a Builder ID to sign up for free. You can use an enterprise license, and they all have different token limits. And of course on enterprise license, actually I think on any license, you can continuously buy more tokens or more credits. I may have that kind of nomenclature messed up a little bit. This is all quite new, but anyways, short answer is yes, they are coming to parity.
They will eventually come to parity, not today, but. A new feature is introduced to the CLI first or? So far it's been kind of there's been no one place where it starts. I think there's different teams working on them, so whoever kind of gets to the features first, it gets released first, yeah, like the steering docs right now is only within the IDE. However, some of those other experimental features were only available on the CLI up until just recently. Question may not be available on CLI. Yeah, and if you think and so the, yeah, the comment was the refine feature in the IDE is really nice 100%, and I think it really depends on what you prefer in terms of your I mean, I'm old. I like using Vim and a terminal, but I like that. I like just clicking a button. You can do the same thing in the CLI. I mean, because all really at the end of the day all it's doing is it's giving it a prompt. It's giving the model some information and saying go and do this for me, but then including it whenever you're running the task. There's just some niceties. It's more of like a quality of life thing. It just depends on what your experience, what you want to look like.
So it seems like the MCP servers that you're using are local MCP servers. Are they remote? These are all remotes, yep, yep, yeah, so in there there are different ways to interact with an MCP server. Most of these are using a command called UVX, which runs the UV tool, which is a Python thing. I don't know if you know that, but the folks who make Ruff and UV. UVX is just a way to it's kind of like NPX. It's a way to run a command locally without having to install the package. But yeah, it's just running a command and then it connects to the remote system. It does support remote and local MCP servers. So like I do a lot of MCP development and I always run it just locally because I have the code local and I register it locally and then it just all stays on my laptop. Yeah, it does support both so pretty much anything that's just an MCP. It'll support.
Now I did notice, so about 5 minutes after I think I typed my prompt here, it finished, right? So I'm gonna show you kind of what it ended up doing and then we'll test it just to make sure it actually works. Mine finished too, just saying, just saying. There we go. Does yours tell you how long it took? No. Oh, I think mine does. OK. So you'll see here like it's very chatty, right? So like here's basically all the output it's given me, you know, that to do list, it was showing me a lot of the code it's writing. I'm just gonna keep scrolling through this here. It did actually finish the deployment and then it ran tests itself, so you can see here it's actually running git commands, using Curl. So it decided that on its own. I didn't tell it what to do with testing. It's running its own tests without actually writing a unit test. I could have also told it to write a unit test if I really wanted to replay that a bunch of times. And here I see it's even testing, you know, make sure I get different errors when I need them for when I expect them out of the application. And then finally, let's scroll all the way down. There we go. My to do list, it shows it's completely done. It gives me an endpoint URL so I'm gonna copy that, and then it tells me it took 5 minutes and 11 seconds, so. I don't think we're gonna be able to get that out of yours, but hey, that's fine. Mine was 5 minutes and 10 seconds. Yeah, I don't know about that.
All right, so I'll go back to the app here. I'm gonna configure it, and this may fail. We'll see. I'm a registered player. Hey, it worked. Here we go. I've done this a few times this morning, by the way, and this is the first time it worked on the first try. It's been giving me those CORS errors every other time for some reason, so there we go. So I just came up with a validation error. And I actually like that it failed on something. If it didn't, then you probably would have thought that I was faking it somehow. So I'm just gonna take that error. I'm gonna post it into my CLI, and then literally I didn't even get any context here, right? So all I'm doing is I'm just giving it the error message. It's gonna know that's an error message, and you can see already it says, oh, there's a validation error. It knows the issue. It found the issue that fast. It's now rewriting the code. And it looks like, yeah, it's gonna write that code down to a file. It's gonna deploy it. It's using SAM build and SAM deploy, so it did build it using AWS SAM, and then once this is done, it may or may not rerun these tests. This is the one thing, this is all undeterministic, so it does whatever it wants, which again is why you gotta be safe with that minus A flag because when it does whatever it wants, it might do something you don't want. And then once this is done we'll test it again.
In the meantime, I guess we can answer another question. I can try mine too, but yeah, answer a question while I switch over. When you mention SAM, automatically takes care of the gateway as well, or gateway we have to mention it separately.
The gateway should be configured to the full gateway and routing it to the API Gateway. It's building it in SAM, right? So it's using the SAM specs to build all the infrastructure as code, then it's using the SAM CLI to actually build and deploy the application as well. So it selected everything. Yeah, it did everything. It built the gateway, it built all the Lambda functions, it wrote all the code for the Lambda functions, and it deployed it. It did the whole thing, right? Usually I would guide it to use CDK. I didn't want to do that this time because usually with CDK it takes a little bit longer. There's just a lot more code that it'll write.
Oh look, mine failed too. This worked in five minutes yesterday, honestly. Well, here I'm going to switch back and see if you do your error thing. So see, it might not always be a single shot. A lot of times I can do things in a single shot, but not one hundred percent of the time. So there we go, I'm back on mine here. It fixed the error. It gave me the same endpoint name, so I'm just going to, yeah, it's tracking the percentage. So I see twenty-two now.
That is my context window. So that's another experimental feature. So the question was there's a percentage being tracked on the CLI. That is my context window. It is managing that as it increases above the threshold. So as the context window reaches one hundred, it will auto-compact it, and then I can, yeah, it summarizes it. And so the problem with summarization is sometimes I lose some of the context I want to give it, so I do notice that if I'm doing a lot of coding and it summarizes, I do have to go back and give it a little more information that it may have lost, right?
Okay, let's just quickly test this and see. Mine was CORS even though I was very clear, hey, this is how you should handle CORS. It was a CORS issue, was it? Yep. Oh, there we go, so it's working. It's not that smart, is it? No, it's not that smart, so right now it's pretty much just I think randomly placing. Yeah, it's not this smart, so I would now probably go back and say, okay, I keep winning the game, you're not placing your turns where they should be. Improve your algorithm. That would be almost my next step here. In fact, here, let me just quickly do that. Improve the computer.
It's impossible for me to win. There's a question over here. Yeah, so the question is, does it store the infrastructure as code somewhere? The answer to that is I hope so. So I don't think I actually told it to do that. No, yeah, it did. Well, let's see, did I write everything in here? There's just the SAM stuff template. Oh yeah, so because it's using SAM, it's just a template.yaml. So in here you're going to see I have my DynamoDB table. I have my list functions, so that's going to be a Lambda function. So yeah, everything in here is infrastructure as code. Now again, like usually with the apps I like to build, I'll tell it to use CDK, then it'll do a whole CDK init, and it'll write all the Python files and all that. It just takes a bit longer for that, but that is all in there. Does yours work now? It's deploying right now. His is deploying, yep.
Q&A and Best Practices: MCP Server Selection, Agent Management, and Session Wrap-Up
For your steering files, one of the things I've seen practice work really good is having some more generic snippets that go along with the architecture. Are you guys seeing the same for your steering files, or is it really just kind of giving the high level of just like directory structure of where to find things and guiding it that way? Are you saying that like you like to give it code snippets? Yeah, right, like maybe not so much from the service angle, but like, you know, here's how we write API and the documentation that goes along with it. Here's an example of, okay, if it needs to drill into it, then giving it, you know, the link to the additional documents so I can then go to that. Yeah, so the question is, you know, do you, within the steering docs, do you give it a little bit more context? Maybe it's code examples or links to a website that has better code examples, maybe a GitHub repository, something like that. That is something I do with more complex projects. So I write a lot of code to build myself Agent Core services. Does everyone know what Agent Core is? Who knows what Agent Core is?
Not that many hands. Okay, Agent Core, very quickly, is a new AWS service that was released months ago. It is a service you can use to build and host your agents.
Well, the problem with it is there's not a lot of documentation today within these models. They don't really understand it. So a lot of times I will create some steering docs, and you can actually add steering docs within the CLI. They're just, you put them in as readme files within your project. Or you can put them within the agent config, but yeah, a lot of times I will put code examples in there because I know it doesn't know about this service yet. It's too new, right? I almost have to wait for like the next set of models to come out so it understands it a bit more. There's even no great MCP service for today, so I do sometimes give it some code examples like, here this is how you do this, so you can continue doing all the stuff that you know how to do. And I'll give a little bit of guidance with that and I usually only do that after I find out that the agent cannot build something so I always let it try the first time.
Yes, you added four MCPs. No. Is it like necessary that all four should be added or only core is necessary? Yeah, so, so the question is, you know, I added four MCP servers. Do I need all of those or are they all optional? I mean, really, all MCP servers are optional, right? But if you're building something and you need reference to, let's say if you were building this in CDK, for yeah, so for this example, like the CDK one, I probably could have removed. In fact, I don't even know if I included it actually. I know I had it in my slide, but I don't know if I actually included that because I'm not building CDK. But if I was gonna now build this in CDK, I would add that back in to make sure it can do that.
So be very prescriptive over the MCP servers you're using. Every MCP server you add with all the tools that come with that MCP server, it does add tokens to your context, so it becomes a little more expensive to build. And the more MCP servers you have, the dumber it gets, right, because it has too many things to look at, too many things to decide. So curate it for kind of what you need.
Yeah, a question over here. Specific to Kiro IDE, you showed early, JSON definition of an agent. Is there a way in the Kiro IDE if I'm working on a project to select like I want to use this agent and therefore I configure all the MCP servers that I will need for that use case? So your question is, so these things over here were the MCP configs. Yeah, but that's a configuration of the IDE that can be done for the user and for the workspace. Now is there a way that we can have something outside like the agent file that you showed early where I can have for instance an agent for Python applications, an agent for Node.js application and whenever I work on a Node.js project I can somehow use that agent instead of having to, I see, adding it one by one, yeah, so your question is, yeah, is there a way to have specific MCP servers used in specific situations like a frontend application, a Python backend application, Node backend? I don't know of a way of doing that like for your, you know, for your entire system where it's really specific like that for the MCP servers. The resolution that I know about here is either it's for your user or it's for a workspace. Those are the two that I know about.
But since I think the CLI has a special command agent that you can use to manage all the agents that you have created, I was wondering if something like that also exists for the IDE. Yeah, I'm not aware of anything like that, yep. Maybe one day if it's not there already because I'm not aware either.
All right, coming up to the last minute here. These are the QR codes to get to all that documentation I was talking about, so you have the Kiro CLI, the Kiro IDE, and that MCP server repository. One other thing I will say is that I just tested the change I made and now I'm not able to win my tic-tac-toe game so it did fix the algorithm and mine worked too. It was something silly but yeah and mine, mine is really dumb like I can beat it. I did this one time and it used what's called the minimax algorithm and it was unbeatable so you just again nondeterministic you get different things depending on the day.
Yeah, one last quick question. About the MCP, thank you, diagram MCP server. Well, so if you go to that link of the MCP, I won't be able to show it because it does, it probably takes a few minutes here, but what I would do is, you know, go to that site. There is a diagram MCP server on there. It's just the same JSON definition. You would put that in and then you literally just tell it generate a diagram, and it'll generate an AWS nice formatted diagram for you.
And then last reminder, please fill out the session survey. It really, really, really helps us if you like this or even if you think something could be better. Please give us feedback we really appreciate it. Thanks a lot. All right, thanks everyone. Have a good re:Invent.
; This article is entirely auto-generated using Amazon Bedrock.
Top comments (0)