Introducing AWS MCP Server General Availability: Secure, Real-Time AWS Access for AI Agents

The Challenge: AI Agents and AWS Access

AI coding agents are increasingly used to automate tasks on AWS, but they face two critical problems: outdated knowledge and insecure practices. Without access to current documentation, agents rely on training data that may be months old, missing new services like Amazon S3 Vectors or Amazon Aurora DSQL. When building infrastructure, they often default to the AWS CLI instead of more reliable solutions like AWS CDK or CloudFormation, and generate overly broad IAM policies. The result is infrastructure that works in demos but fails production standards.

Outdated Knowledge and Insecure Practices

Agents without live documentation support produce code that references deprecated APIs or misses best practices. Their tendency to request excessive permissions creates security risks. Developers need a way to give agents real, authenticated access without compromising security.

How the AWS MCP Server Solves the Problem

The AWS MCP Server is a managed remote Model Context Protocol (MCP) server that provides AI agents with secure, authenticated access to all AWS services through a compact set of tools. It is part of the Agent Toolkit for AWS, which includes skills and plugins to help coding agents build efficiently on AWS.

Core Tools for API Execution and Documentation Retrieval

The server uses three primary tools that do not consume your model’s context window:

• call_aws: Executes any of the 15,000+ AWS API operations using your existing IAM credentials. New APIs are supported within days of launch.
• search_documentation and read_documentation: Retrieve current AWS documentation and best practices at query time, ensuring the agent always works with up-to-date information.

This eliminates the problem of outdated training data and encourages best practices.

Fine-Grained Access Control with IAM Context Keys

With general availability, the AWS MCP Server now supports IAM context keys. You no longer need a separate IAM permission to use the server; you can express fine-grained access directly in a standard IAM policy. Documentation retrieval no longer requires authentication, simplifying setup while maintaining security.

New Capabilities in General Availability

Reduced Token Consumption for Complex Workflows

The server now uses fewer tokens per interaction, which is crucial for complex, multi-step workflows. This improvement makes the agent more efficient and reduces costs.

The run_script Tool: Sandboxed Python Execution

A significant addition is the run_script tool. It lets the agent write a short Python script that runs server-side in a sandboxed environment. The sandbox inherits your IAM permissions but has no network access. This allows the agent to process data — chaining multiple API calls, filtering responses, and computing results in a single round-trip — without giving it access to your local file system or a shell. It is both faster and more context-efficient than making individual API calls.

From Agent SOPs to Skills

The most notable addition is the transition from Agent SOPs to Skills. Skills provide curated guidance and best practices for specific tasks, helping agents handle common AWS operations more reliably. This evolution ensures that agents have structured, validated workflows rather than generic procedures.

Conclusion

The AWS MCP Server’s general availability marks a major step forward in bridging AI agents and AWS securely. With tools like run_script, IAM context keys, and Skills, developers can now give agents the access they need without sacrificing security or efficiency. For more information, explore the core tools or learn about sandboxed execution.