SEATTLE, WA – April 23, 2026 – Amazon Web Services (AWS) today announced the general availability of the AWS MCP Server, a pivotal development designed to provide AI agents and coding assistants with secure, authenticated, and up-to-date access to the vast array of AWS services. This launch marks a significant step forward in integrating artificial intelligence into cloud operations, addressing critical challenges related to security, information currency, and operational efficiency that have previously hampered AI agents in complex cloud environments.
For a considerable period, the burgeoning field of AI agents and machine-coded protocol (MCP) tools has grappled with a fundamental dilemma: how to grant these automated entities the necessary permissions to interact with AWS resources without compromising the stringent security protocols of cloud infrastructure. The conventional approach often involved granting overly broad credentials, akin to "handing over the keys to the kingdom," which presented substantial security risks and compliance challenges for enterprises. The AWS MCP Server emerges as a direct solution to this quandary, offering a managed remote Model Context Protocol (MCP) server that facilitates secure, fine-grained access through a carefully curated set of tools.
This strategic offering is an integral component of the broader Agent Toolkit for AWS, a comprehensive suite of tools meticulously designed to empower coding agents to build, deploy, and manage resources on AWS more effectively and efficiently. The toolkit includes not only the MCP Server but also specialized skills and plugins tailored to enhance agent capabilities.
Addressing Core Limitations of AI Agents in Cloud Development
Prior to this advancement, AI coding agents, while demonstrating utility in various developmental tasks, encountered significant hurdles when attempting to engage with AWS services at a meaningful depth. A primary limitation stemmed from their reliance on static training data, which often rendered them unaware of the latest AWS service offerings or updates. For instance, an agent trained on data predating May 2025 would inherently lack knowledge of services like Amazon S3 Vectors, which was initially previewed in July 2025 and reached general availability in December 2025. Similarly, newer services such as Amazon Aurora DSQL or Amazon Bedrock AgentCore would fall outside their knowledge base, leading to outdated or suboptimal architectural recommendations.
Furthermore, agents frequently exhibited a preference for the AWS Command Line Interface (AWS CLI) for infrastructure provisioning, rather than more robust, declarative tools like the AWS Cloud Development Kit (AWS CDK) or AWS CloudFormation. This tendency often resulted in the generation of infrastructure code that, while functional for demonstrations, lacked the scalability, maintainability, and security best practices required for production-grade environments. A particular concern was the creation of overly permissive AWS Identity and Access Management (IAM) policies, which introduced unnecessary security vulnerabilities. The net effect was AI-generated infrastructure that was not truly production-ready.
The AWS MCP Server directly confronts these issues by providing a compact and highly efficient set of tools that minimize consumption of the model’s crucial context window. The core tools include:
call_aws: This powerful tool enables agents to execute any of the over 15,000 AWS API operations using existing IAM credentials. Crucially, as AWS introduces new APIs, support for these operations is integrated within days, ensuring agents always have access to the most current capabilities.search_documentationandread_documentation: These tools are game-changers, allowing agents to retrieve current AWS documentation, best practices, and service updates in real-time at the point of query. This ensures that agents operate with up-to-date information, mitigating the risk of outdated recommendations or security misconfigurations.
Enhanced Capabilities and Security Posture
The general availability release introduces several significant enhancements that bolster both functionality and security:
- IAM Context Keys Support: The AWS MCP Server now integrates with IAM context keys, eliminating the need for a separate IAM permission solely for server access. This allows for the expression of highly fine-grained access controls directly within standard IAM policies, simplifying management and strengthening security.
- Unauthenticated Documentation Retrieval: Access to documentation no longer requires authentication, streamlining the agent’s ability to gather information without incurring additional overhead or permission complexities.
- Reduced Token Consumption: The number of tokens required per interaction has been optimized, a critical factor for managing costs and improving efficiency in complex, multi-step AI workflows.
A notable addition is the run_script tool, which empowers agents to write short Python scripts that are executed server-side within a secure, sandboxed environment. This sandbox inherits the user’s IAM permissions but operates without network access, effectively isolating potentially risky operations. This capability allows agents to process data and orchestrate multiple API calls without direct access to local file systems or shell environments. By chaining API calls, filtering responses, and computing results in a single round-trip, run_script significantly improves both execution speed and context efficiency, especially for tasks that would otherwise require multiple, sequential API interactions.
Perhaps the most significant advancement is the transition from "Agent SOPs" (Standard Operating Procedures) to Skills. Skills represent curated guidance and best practices for common tasks where AI agents are prone to errors. Developed and maintained by AWS service teams, these skills provide validated workflows, enabling agents to complete work faster, with greater accuracy, and using fewer tokens. This not only saves time and money but also reduces the likelihood of hallucinations or off-topic diversions, keeping the agent focused on the task at hand. The maintenance of skills by AWS service teams ensures their relevance and accuracy, while keeping the tool list concise and predictable, further minimizing agent errors.
For enterprise customers, the AWS MCP Server establishes a clear and auditable separation between human and agent permissions. Organizations can leverage IAM policies and Service Control Policies (SCPs) to precisely define agent capabilities—for instance, allowing a human user to perform mutating operations while restricting the MCP server to read-only actions. Furthermore, Amazon CloudWatch metrics published under the AWS-MCP namespace provide granular visibility into MCP server calls, offering a distinct audit trail that is crucial for compliance teams. All API calls are meticulously captured by Amazon CloudTrail, ensuring a complete and immutable record for governance and security auditing.
Illustrative Demonstration: Overcoming Knowledge Cutoffs
To underscore the practical value of the AWS MCP Server, a demonstration was conducted using Claude Code, an AI coding assistant, configured with the Anthropic Opus 4.6 model. The Opus 4.6 model, with a knowledge cutoff date in May 2025, inherently lacks information about services introduced or significantly updated after that period.
The demonstration posed a direct question: "how to store embedding on S3," referencing embeddings as a type of vector data. Without the AWS MCP Server, Claude Code, relying solely on its foundational training data, provided five technically correct but ultimately outdated solutions. None of these suggested using Amazon S3 Vectors, a service specifically designed for this purpose, which had been previewed in July 2025 and made generally available in December 2025. This outcome vividly illustrated the "knowledge cutoff" problem inherent in large language models (LLMs).
The scenario was then re-executed with the AWS MCP Server enabled. To facilitate the use of local AWS credentials (which employ IAM SigV4 authentication) with the MCP specification (which typically supports OAuth 2.1), the demonstration utilized the open-source MCP Proxy for AWS, running locally to bridge the authentication protocols.
After configuring Claude Code to integrate with the AWS MCP Server via the proxy, the same query was presented. This time, Claude Code recognized its access to the aws___search_documentation tool. Upon receiving permission to invoke this tool, the agent successfully retrieved current AWS documentation, leading to an accurate and up-to-date response: "AWS now has a dedicated service for this: Amazon S3 Vectors…" This real-time access to current information enabled the AI agent to provide a solution directly addressing the user’s intent, showcasing the server’s immediate impact on agent efficacy.
Availability and Pricing Structure
The AWS MCP Server is generally available starting today, April 23, 2026, in the US East (N. Virginia) and Europe (Frankfurt) AWS Regions. It is capable of making API calls to any AWS Region globally. Importantly, there is no additional charge for the AWS MCP Server itself. Customers are billed solely for the AWS resources they provision and utilize through the agent, along with any applicable data transfer costs. This cost model is designed to encourage adoption by aligning expenses directly with the underlying AWS services consumed.
The AWS MCP Server is built for broad compatibility, working seamlessly with Claude Code, Kiro, Cursor, and any other MCP-compatible client. This broad ecosystem support ensures that developers and enterprises can integrate this powerful capability into their existing AI agent workflows. Detailed guidance for getting started is available in the AWS MCP Server User Guide.
Strategic Implications and Industry Outlook
The general availability of the AWS MCP Server represents a pivotal moment for AI-driven cloud development. By providing secure, authenticated, and context-aware access to AWS services, AWS is not merely offering a new tool but fundamentally reshaping the potential of AI agents in enterprise environments.
Improved Security Posture: The server’s emphasis on fine-grained IAM permissions, audit trails via CloudWatch and CloudTrail, and sandboxed script execution significantly elevates the security posture of AI-driven cloud operations. This addresses a major concern for enterprises hesitant to deploy AI agents for fear of accidental or malicious misuse of credentials.
Enhanced Developer Productivity: Developers can now leverage AI agents for more complex tasks, offloading routine infrastructure provisioning, configuration management, and troubleshooting. The ability to access up-to-date documentation and execute scripts efficiently means agents can contribute more meaningfully to the development lifecycle, accelerating innovation.
Reliable AI-Generated Infrastructure: With access to current best practices through Skills and real-time documentation, AI agents are now better equipped to generate production-ready infrastructure code. This reduces the need for extensive human oversight and correction, leading to higher quality and more reliable deployments.
AWS Leadership in AI-Powered Cloud: This release solidifies AWS’s position as a leader in enabling secure and efficient AI integration within cloud ecosystems. By solving the "keys to the kingdom" problem, AWS is paving the way for broader enterprise adoption of AI agents for cloud management and development, potentially setting new industry standards for how AI interacts with cloud platforms. Industry analysts anticipate that this move will further democratize access to advanced cloud automation, allowing organizations of all sizes to harness the power of AI without compromising security or compliance.
The combination of current documentation, authenticated API access, and sandboxed script execution within a single, managed server fundamentally alters the capabilities of AI agents on AWS. This innovation is expected to foster a new generation of sophisticated, secure, and highly efficient AI-powered cloud solutions, driving further innovation across the AWS ecosystem.
