AWS MCP Server Now Generally Available: Secure AI Agent Access to AWS

AI agents are powerful, but giving them safe, authenticated access to AWS has been a challenge. The general availability of the AWS MCP Server changes that. This managed remote MCP server provides a small set of tools that let agents interact with any AWS service using your existing IAM credentials—without handing over full control. Discover how it works and what new features are now available.

What is the AWS MCP Server and why was it created?

The AWS MCP Server is a managed remote server that implements the Model Context Protocol (MCP). It gives AI agents and coding assistants secure, authenticated access to all AWS services through a fixed set of tools. It was created to solve a common problem: when agents need to work with AWS at any depth, they either fail due to outdated training data or require overly permissive access. Without it, agents might rely on months-old documentation, use the AWS CLI instead of modern infrastructure-as-code tools like AWS CDK, or generate IAM policies that are far too broad. The result is demo-quality infrastructure that isn't production-ready. The AWS MCP Server addresses this by providing real-time documentation and a controlled execution environment, all while respecting your existing IAM permissions.

What core tools does the AWS MCP Server provide for agents?

The server offers a compact set of tools designed to not consume unnecessary context window. The call_aws tool can execute any of over 15,000 AWS API operations using your existing IAM credentials. New APIs are supported within days of launch. The search_documentation and read_documentation tools fetch current AWS documentation and best practices at query time, ensuring the agent always works from up-to-date information. Additionally, the run_script tool lets agents write short Python scripts that run server-side in a sandboxed environment. This sandbox inherits your IAM permissions but has no network access, so agents can process data without accessing your local file system or a shell. Together, these tools keep agents efficient and secure.

What new capabilities come with general availability?

The general availability release introduces several key improvements. First, support for IAM context keys means you no longer need a separate IAM permission to use the server; fine-grained access can be expressed in a standard IAM policy. Second, documentation retrieval no longer requires authentication, simplifying setup. Third, the number of tokens required per interaction has been reduced, which is especially important for complex, multi-step workflows. Fourth, the new run_script tool allows agents to perform multiple API calls in a single round-trip, drastically improving efficiency. Finally, the server now offers Skills instead of Agent SOPs—curated guidance for tasks like building with CDK or scanning codebases, helping agents produce production-ready results more consistently.

How does the run_script tool work and why is it useful?

The run_script tool lets the agent write a short Python script that executes server-side in a sandboxed environment. The sandbox inherits your IAM permissions but has no network access, so the agent can process data without accessing your local file system or a shell. When an agent needs to call multiple APIs and combine results, doing them one at a time is slow and consumes context. With run_script, the agent chains API calls, filters responses, and computes results in a single round-trip. This is both faster and more context-efficient, making it ideal for complex, multi-step workflows. It also keeps your local environment safe because the script runs remotely with only the permissions you grant via IAM.

What are Skills and how do they differ from Agent SOPs?

Skills replace the older Agent SOPs (Standard Operating Procedures) in the AWS MCP Server. Skills provide curated guidance and best practices for common tasks such as building infrastructure with the AWS CDK, scanning existing codebases, or deploying applications. Unlike SOPs, which were more rigid and required manual updates, Skills are dynamic and integrated directly into the agent's context. They help agents produce production-ready code by steering them away from insecure patterns like overly broad IAM policies and toward modern tools like CloudFormation or CDK. Skills are also easier to customize and extend, allowing developers to tailor agent behavior to their specific workflows. This shift makes the Agent Toolkit more effective for real-world development.