AWS MCP Server Now Generally Available: Secure AI Agent Access to AWS Services

By

Introduction

AI agents and coding assistants are transforming how we interact with cloud services, but giving them real, authenticated access to AWS without compromising security has been a persistent challenge. Today, that challenge has a clear answer with the general availability of the AWS MCP Server, a managed remote Model Context Protocol (MCP) server that provides AI agents with secure, authenticated access to all AWS services through a compact and fixed set of tools. This server is part of the Agent Toolkit for AWS, a suite that includes MCP tools, skills, and plugins designed to help coding agents build more effectively on AWS.

The Problem: AI Agents Need Up-to-Date, Secure AWS Access

AI coding agents are increasingly useful for tasks like generating infrastructure code, managing resources, and diagnosing issues. However, they encounter significant obstacles when working with AWS at any meaningful depth:

• Outdated knowledge: Without access to current AWS documentation, agents rely on training data that may be months old, missing new services like Amazon S3 Vectors, Amazon Aurora DSQL, or Amazon Bedrock AgentCore.
• Poor tool selection: When asked to build infrastructure, agents often default to the AWS Command Line Interface (AWS CLI) instead of better-suited tools like AWS Cloud Development Kit (AWS CDK) or AWS CloudFormation.
• Overly permissive policies: They produce AWS Identity and Access Management (IAM) policies that are far broader than necessary, resulting in infrastructure that works in a demo but is not production-ready.

These issues stem from a lack of integrated, real-time guidance and secure authentication mechanisms tailored for AI agents.

How the AWS MCP Server Solves This

The AWS MCP Server addresses these challenges through a small set of tools that do not consume your model’s context window. Here are the key components:

call_aws Tool

The call_aws tool executes any of the 15,000+ AWS API operations using your existing IAM credentials. As new AWS APIs launch, they are supported within days, ensuring agents always have access to the latest capabilities without waiting for model retraining.

Documentation Retrieval Tools

The search_documentation and read_documentation tools retrieve current AWS documentation and best practices at query time. This means the agent always works from up-to-date information, reducing reliance on stale training data. Notably, with general availability, documentation retrieval no longer requires authentication, simplifying integration.

run_script Tool

The new run_script tool allows the agent to write a short Python script that runs server-side in a sandboxed environment. The sandbox inherits your IAM permissions but has no network access, so you can give an agent the ability to process data without exposing your local file system or a shell. When an agent needs to call multiple APIs and combine results, doing them one at a time is slow and burns context. With run_script, the agent chains API calls, filters responses, and computes results in a single round-trip — both faster and more context-efficient.

New Capabilities in General Availability

With the GA release, the AWS MCP Server introduces several enhancements that make it more powerful and easier to use:

• IAM context keys: You no longer need a separate IAM permission to use the server. Fine-grained access can now be expressed directly in a standard IAM policy, simplifying security management.
• Unauthenticated documentation retrieval: As mentioned, documentation tools no longer require authentication, reducing setup overhead.
• Reduced token consumption: The number of tokens required per interaction has been lowered. This matters for complex, multi-step workflows where every token counts.

These improvements make the server more accessible and efficient for production use.

From Agent SOPs to Skills

The most significant addition is the transition from Agent SOPs to Skills. Skills provide curated guidance and best practices for specific tasks, enabling agents to follow proven patterns rather than generating ad-hoc solutions. This shift helps ensure that infrastructure built by AI agents is consistent, secure, and aligned with AWS best practices from the start.

Conclusion

The general availability of the AWS MCP Server marks a major step forward in enabling AI agents to work securely and effectively with AWS. By providing a managed, context-efficient server with up-to-date documentation and sandboxed script execution, it solves the core problems of outdated knowledge, poor tool selection, and over-permissive policies. Whether you are building with AI agents for the first time or scaling existing workflows, the AWS MCP Server offers a robust foundation for secure, authenticated AWS access.

Related Articles

• The PCPJack Worm: A Dual-Purpose Threat Cleansing and Credential Theft in Cloud Environments
• Sandboxing Strategies for AI Agents: From Chroot to Cloud VMs
• Two Decades of AWS S3: How a Simple Storage Service Transformed Cloud Computing
• Software Supply Chain Security: Essential Q&A for Engineering Teams
• Mastering Distributed Caching in .NET with Postgres on Azure: A Q&A Guide
• Kubernetes v1.36 Alpha Brings Server-Side Sharding to End Controller Bottlenecks
• AWS and Anthropic Deepen AI Collaboration; Meta Joins Graviton Ecosystem for Agentic AI
• Dynamic Workflows: Durable Execution for Multi-Tenant Platforms