--- title: AWS Agent Toolkit for AWS: Plugins, Rules, and Every Skill Explained description: The official aws/agent-toolkit-for-aws repo ships 43 atomic Agent Skills across 13 category folders—plus aws-core, aws-agents, and aws-data-analytics plugins. Here is why that bundle matters for IAM and audit posture, how the tree fits together, and how to pair it with the May 6, 2026 GA AWS MCP Server. url: https://www.factualminds.com/blog/aws-agent-toolkit-for-aws-skills-guide/ datePublished: 2026-05-08T00:00:00.000Z dateModified: 2026-05-08T00:00:00.000Z author: palaniappan-p category: Generative AI tags: aws, model-context-protocol, agent-toolkit, amazon-bedrock, ai-coding, devtools, claude --- # AWS Agent Toolkit for AWS: Plugins, Rules, and Every Skill Explained > The official aws/agent-toolkit-for-aws repo ships 43 atomic Agent Skills across 13 category folders—plus aws-core, aws-agents, and aws-data-analytics plugins. Here is why that bundle matters for IAM and audit posture, how the tree fits together, and how to pair it with the May 6, 2026 GA AWS MCP Server. The **[Agent Toolkit for AWS](https://github.com/aws/agent-toolkit-for-aws)** is AWS’s opinionated packaging layer for **AI coding agents**: **managed MCP Server** hooks, **[Agent Skills](https://agentskills.io/home)**-format instructions, **rules** files for project defaults, **plugins** for Claude Code and Codex, and **`npx`** / **`uvx`** paths for everyone else. On **[May 6, 2026](https://aws.amazon.com/about-aws/whats-new/2026/05/aws-mcp-server/)**, the **managed AWS MCP Server** hit **general availability** in **two** Regions—**US East (N. Virginia)** and **Europe (Frankfurt)**—with IAM guardrails, **Amazon CloudWatch** metrics, **AWS CloudTrail** logging, and **no additional charge** for the MCP Server itself (you still pay for underlying API and resource usage). That announcement and the **March 25, 2026** [**Agent Plugin for AWS Serverless**](https://aws.amazon.com/about-aws/whats-new/2026/03/agent-plugin-aws-serverless/) are the product headlines; **this** post is the **field guide to the official open-source `aws/agent-toolkit-for-aws` repository**—what lives where, how **43** atomic `SKILL.md` files (as of **`750230758fbf23acd60d075dedd7ead4092127ce`** on `main`) nest under **13** top-level folders, and how to evaluate the bundle without drowning in context window. Recommendations below come from **public AWS documentation, the toolkit README, and an explicit checkout of `main` at that commit**—not a substitute for your threat model. ## Why the Agent Toolkit matters - **Agents touching AWS APIs are an infrastructure supply chain.** The question is no longer whether the prose in chat sounds plausible—it is whether the **principal** is scoped, changes are **auditable**, and mistakes have bounded **blast radius**. Tooling that pairs **skills** with **managed MCP**, **IAM** patterns, **CloudTrail**, and **CloudWatch** speaks that language explicitly. - **Curated Agent Skills beat ad hoc prompts for repeatability.** A shared skill Pack is closer to an internal **runbook** than a one-off Copilot suggestion: fewer wrong invocations (wrong region, deprecated API surface, leaky patterns) across employees and contractors. - **Progressive disclosure is a cost-and-review control.** [As described upstream](https://github.com/aws/agent-toolkit-for-aws/blob/main/skills/README.md), agents load short descriptions until a skill matches—so you can install **many** skills without stuffing every **`SKILL.md`** into each request. Fewer oversized contexts means cheaper tokens and clearer review scope when someone asks “what did the agent rely on?” - **AWS packages the toolkit next to GA MCP.** The **May 6, 2026** MCP GA story (**two** Regions, centralized guardrails and logging) and this repository’s **plugins + skills + rules** are the same headline from different angles—**surface** versus **instruction set**. - **InnerSource wins when you fork a subset.** Mature enterprises often prune or extend skill text under change control rather than letting every developer maintain a private Markdown “cheat sheet” that contradicts SOC2 evidence. None of this **replaces** your threat model—it **narrows** the variance between humans and agents when everyone pulls from the same instruction graph. ## What sits at the repo root | Path | Purpose | | -------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **[`plugins/`](https://github.com/aws/agent-toolkit-for-aws/tree/main/plugins)** | **aws-core**, **aws-agents**, **aws-data-analytics** — marketplace-oriented bundles tying MCP wiring to skill sets ([aws-core](https://github.com/aws/agent-toolkit-for-aws/tree/main/plugins/aws-core), [aws-agents](https://github.com/aws/agent-toolkit-for-aws/tree/main/plugins/aws-agents), [aws-data-analytics](https://github.com/aws/agent-toolkit-for-aws/tree/main/plugins/aws-data-analytics)). | | **[`skills/`](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills)** | **Atomic skills**: each subdirectory contains a **`SKILL.md`** (+ optional **`references/`** and **`scripts/`**). Install whole tree or cherry-pick folders. | | **[`rules/`](https://github.com/aws/agent-toolkit-for-aws/tree/main/rules)** | Project-facing agent rules (how to prioritize MCP, docs search, defaults). Browse before you blindly paste snippets. | | **[`tools/`](https://github.com/aws/agent-toolkit-for-aws/tree/main/tools)** | Supporting tooling the maintainers ship alongside skills (inspect for your agent platform). | **Opinion:** treat **`plugins/`** as the **product SKU** installer and **`skills/`** as the **source you fork** when InnerSource teams want to prune, extend, or sign off on procedural text under change control. ## How an atomic skill behaves (why 43 packs do not mean 43× context) Skills use **progressive disclosure** ([`skills/README.md`](https://github.com/aws/agent-toolkit-for-aws/blob/main/skills/README.md)): 1. At startup the agent reads **name + short description** (tens of tokens per skill—not the full prose). 2. When a task matches, it loads **`SKILL.md`** instructions. 3. Deeper **`references/*.md`** (or **`scripts/`**) loads **only when** the workflow needs them. 4. When the task ends, skill context drops. Net: installing **43** skill directories does **not** linearly inflate every prompt—but **mistaken skill selection** still wastes tokens and can still suggest the wrong architecture. Governance is **which** skills you bless, not only **how many** exist. ## Install paths (verify against the live README) Commands below are **copied from the upstream quickstart pattern**; **marketplace names and CLI packages change**—open **[README.md](https://github.com/aws/agent-toolkit-for-aws/blob/main/README.md)** before you paste into production runbooks. - **Claude Code:** add marketplace `aws/agent-toolkit-for-aws`, then `/plugin install` the plugin you need (for example `aws-core@agent-toolkit-for-aws`). - **Codex:** `codex plugin marketplace add aws/agent-toolkit-for-aws`, then install **aws-core** from `/plugins`. - **Kiro / generic MCP JSON:** README shows **`uvx`** running **`mcp-proxy-for-aws@latest`** against the managed endpoint with optional `--metadata AWS_REGION=...`—you need **`uv`** installed. - **Any agent that supports Agent Skills:** `npx skills add aws/agent-toolkit-for-aws/skills` or copy selected skill directories into the per-tool paths listed in [`skills/README.md`](https://github.com/aws/agent-toolkit-for-aws/blob/main/skills/README.md) (Claude Code, Codex, Cursor global vs project locations). **We recommend** piloting with **read-only** IAM in a **sandbox** account before you connect prod roles—same principle as the **[MCP GA companion post](/blog/aws-mcp-server-ga-agent-toolkit-serverless-plugin/)**. ## The three plugins in one paragraph - **[aws-core](https://github.com/aws/agent-toolkit-for-aws/tree/main/plugins/aws-core)** — default **start here**: services, CDK/CloudFormation, serverless, containers, storage, observability, billing, SDK usage, deployment. - **[aws-agents](https://github.com/aws/agent-toolkit-for-aws/tree/main/plugins/aws-agents)** — **Bedrock** + **AgentCore**-shaped agent construction and operations. - **[aws-data-analytics](https://github.com/aws/agent-toolkit-for-aws/tree/main/plugins/aws-data-analytics)** — data lake, **AWS Glue**, **Amazon Athena**, **S3 Tables**-class workflows. If you are not building analytics pipelines or Bedrock agents this month, **aws-core** is still the right first install. ## Skill categories (13 folders) — what each is for | Category folder | What agents use it for | Source | | ------------------------------------------ | --------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | | **analytics-skills** | Data lake discovery, ingestion, catalog exploration, Clean Rooms–style collaboration patterns | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills) | | **application-integration-skills** | Event-driven and streaming integration (messaging, buses, stream patterns) | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/application-integration-skills) | | **cloud-financial-management-skills** | Cost and billing operations, FinOps-friendly API workflows | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/cloud-financial-management-skills) | | **compute-skills** | Serverless, containers, EC2, API Gateway wiring, Lambda debugging | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills) | | **database-skills** | Aurora, RDS export patterns | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/database-skills) | | **developer-tools-skills** | **AWS CDK**, AWS SDK for **Python**, **JavaScript v3**, **Swift** | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/developer-tools-skills) | | **frontend-skills** | **AWS Amplify** front-end / fullstack delivery | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/frontend-skills) | | **generative-ai-skills** | **Amazon Bedrock** (models, agents, knowledge bases, guardrails, AgentCore references) | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/generative-ai-skills) | | **management-tools-skills** | **AWS CloudFormation** authoring and operations | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/management-tools-skills) | | **migration-and-modernization-skills** | **AWS Transform** / migration assistance | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/migration-and-modernization-skills) | | **networking-and-content-delivery-skills** | VPC design, peering, endpoints, Lambda egress | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/networking-and-content-delivery-skills) | | **operations-skills** | Observability, **CloudTrail** multi-Region, **CloudWatch** alarms, failure triage | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/operations-skills) | | **security-and-identity-skills** | **IAM**, **Secrets Manager** best practices | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/security-and-identity-skills) | | **storage-skills** | **S3** hardening and troubleshooting, **EFS** triage, vector storage/query | [tree](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/storage-skills) | ## Every atomic skill (43), grouped by category Each line is **one** `SKILL.md` pack. Follow the link to read the authoritative instructions and references. ### analytics-skills (7) - **[aws-cleanrooms](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills/aws-cleanrooms)** — collaborate on joined data with **AWS Clean Rooms** constraints. - **[connecting-to-data-source](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills/connecting-to-data-source)** — wire catalogs and queries to upstream sources. - **[creating-data-lake-table](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills/creating-data-lake-table)** — define and publish lake tables. - **[exploring-data-catalog](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills/exploring-data-catalog)** — navigate Glue/Athena catalog objects. - **[finding-data-lake-assets](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills/finding-data-lake-assets)** — discover datasets and locations. - **[ingesting-into-data-lake](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills/ingesting-into-data-lake)** — land data into the lake with correct partitioning hygiene. - **[querying-data-lake](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/analytics-skills/querying-data-lake)** — run analytical queries with performance guardrails. ### application-integration-skills (1) - **[aws-messaging-and-streaming](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/application-integration-skills/aws-messaging-and-streaming)** — integrate queues, topics, buses, and streams without reinventing primitives. ### cloud-financial-management-skills (1) - **[aws-billing-and-cost-management](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/cloud-financial-management-skills/aws-billing-and-cost-management)** — cost exploration, anomaly awareness, budgeting APIs. ### compute-skills (10) - **[aws-containers](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/aws-containers)** — ECS/EKS-ish delivery patterns agents should default to. - **[aws-serverless](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/aws-serverless)** — Lambda + event-centric architecture defaults. - **[connecting-lambda-to-api-gateway](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/connecting-lambda-to-api-gateway)** — edge-to-function wiring patterns. - **[connecting-lambda-to-dynamodb](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/connecting-lambda-to-dynamodb)** — function-to-table integrations. - **[creating-api-gateway-stage](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/creating-api-gateway-stage)** — stage/canary-adjacent API Gateway ops. - **[creating-ec2-image-builder-pipeline](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/creating-ec2-image-builder-pipeline)** — golden AMI automation. - **[debugging-lambda-timeouts](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/debugging-lambda-timeouts)** — timeout triage playbook. - **[launching-ec2-instance-with-best-practices](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/launching-ec2-instance-with-best-practices)** — hardened instance bootstrap patterns. - **[routing-traffic-with-route53-and-cloudfront](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/routing-traffic-with-route53-and-cloudfront)** — DNS + CDN fronting. - **[setting-up-ec2-instance-profiles](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/setting-up-ec2-instance-profiles)** — instance role posture. ### database-skills (2) - **[creating-amazon-aurora-db-cluster-with-instances](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/database-skills/creating-amazon-aurora-db-cluster-with-instances)** — provision Aurora clusters sanely. - **[exporting-rds-to-s3](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/database-skills/exporting-rds-to-s3)** — snapshot/export flows to object storage. ### developer-tools-skills (4) - **[aws-cdk](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/developer-tools-skills/aws-cdk)** — CDK constructs, stacks, deployments. - **[aws-sdk-js-v3-usage](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/developer-tools-skills/aws-sdk-js-v3-usage)** — idiomatic JS v3 clients. - **[aws-sdk-python-usage](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/developer-tools-skills/aws-sdk-python-usage)** — boto3 ergonomics for agents emitting scripts. - **[aws-sdk-swift-usage](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/developer-tools-skills/aws-sdk-swift-usage)** — Swift SDK guidance for Apple-side stacks. ### frontend-skills (1) - **[aws-amplify](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/frontend-skills/aws-amplify)** — Amplify Gen-style web/mobile delivery. ### generative-ai-skills (1) — flagship depth below - **[amazon-bedrock](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/generative-ai-skills/amazon-bedrock)** — full Bedrock surface: models, converse APIs, agents, KBs, guardrails, **AgentCore** references. ### management-tools-skills (1) - **[aws-cloudformation](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/management-tools-skills/aws-cloudformation)** — template authoring + stack operations. ### migration-and-modernization-skills (1) - **[aws-transform](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/migration-and-modernization-skills/aws-transform)** — Transform-oriented migrations. ### networking-and-content-delivery-skills (4) - **[configuring-vpc-endpoints-for-private-aws-service-access](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/networking-and-content-delivery-skills/configuring-vpc-endpoints-for-private-aws-service-access)** — PrivateLink-style private access. - **[connecting-vpcs-with-peering](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/networking-and-content-delivery-skills/connecting-vpcs-with-peering)** — peering stitching. - **[creating-production-vpc-multi-az](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/networking-and-content-delivery-skills/creating-production-vpc-multi-az)** — baseline VPC layout. - **[enabling-lambda-vpc-internet-access](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/networking-and-content-delivery-skills/enabling-lambda-vpc-internet-access)** — NAT / egress correctness for VPC Lambdas. ### operations-skills (4) - **[aws-observability](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/operations-skills/aws-observability)** — metrics, logs, traces patterns. - **[setting-up-cloudtrail-multi-region](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/operations-skills/setting-up-cloudtrail-multi-region)** — audit trail completeness. - **[setting-up-cloudwatch-alarm-notifications](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/operations-skills/setting-up-cloudwatch-alarm-notifications)** — alarming that humans actually respond to. - **[troubleshooting-application-failures](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/operations-skills/troubleshooting-application-failures)** — cross-service triage playbook. ### security-and-identity-skills (2) - **[aws-iam](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/security-and-identity-skills/aws-iam)** — identity and least-privilege patterns. - **[creating-secrets-using-best-practices](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/security-and-identity-skills/creating-secrets-using-best-practices)** — **AWS Secrets Manager** ergonomics. ### storage-skills (4) - **[securing-s3-buckets](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/storage-skills/securing-s3-buckets)** — block public access, policy hygiene. - **[storing-and-querying-vectors](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/storage-skills/storing-and-querying-vectors)** — vector storage/query for RAG-style apps. - **[troubleshooting-efs](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/storage-skills/troubleshooting-efs)** — shared file system triage. - **[troubleshooting-s3-files](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/storage-skills/troubleshooting-s3-files)** — object storage failure modes. **Sanity check:** 7+1+1+10+2+4+1+1+1+1+4+4+2+4 = **43** atomic skills—matches the reproducible command below. ## Flagship deep-dive: **amazon-bedrock** (why it is larger than the others) The **[amazon-bedrock](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/generative-ai-skills/amazon-bedrock)** skill is the **generative AI anchor** for the whole toolkit. The **`SKILL.md`** is the entry; **`references/`** carries focused deep pages (for example **AgentCore** runtime, gateway, memory, registry/evaluations, **Guardrails**, **Knowledge Bases**, **Converse** API usage in Python and TypeScript, **model selection**, **prompt caching**, **cost tracking**, **quota health**). **Why it matters:** agents without this pack hallucinate ARN formats, confuse **on-demand** vs **provisioned throughput**, and reach for IAM actions that conflict with enterprise SCPs—you still need **[Bedrock governance posts](/blog/why-aws-bedrock-is-the-fastest-path-to-enterprise-genai/)** and **[multi-agent supervisor patterns](/blog/aws-bedrock-multi-agent-supervisor-pattern/)**, but this skill lowers the baseline error rate for _tool-shaped_ workflows. Second **flagship for delivery teams:** pair **[aws-cdk](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/developer-tools-skills/aws-cdk)** + **[aws-serverless](https://github.com/aws/agent-toolkit-for-aws/tree/main/skills/compute-skills/aws-serverless)** when your bottleneck is repeatable IaC—not raw chat answers. ## When the toolkit clashes with enterprise reality > **What breaks** — A platform team publishes “use Agent Toolkit everywhere,” but **SOC** rejects **credential-less doc search** misunderstandings—or **infra** realizes **agents share the same IAM role** as CI and doubles write volume during outages. Progressive disclosure fixes **tokens**, not **blast radius**. > **Counter-case** — Solo developers with **read-only SSO** profiles sometimes move faster without MCP indirection until they need centralized audit. Pick **discovery vs. centralized MCP** deliberately; **[Kiro’s agent IDE model](/blog/kiro-ide-aws-agentic-coding/)** is a adjacent pattern worth comparing for local-vs-managed trust boundaries. **Opinion:** we recommend **centralized MCP + narrow roles** once **three or more teams**—or **external contractors**—touch the same accounts; below that threshold, README-only skills might be plenty. ## Platform review pattern — three questions auditors actually ask > **Governance rehearsal (no client named)** — (1) _Can security prove agents are distinguishable principals in IAM and CloudTrail?_ (2) _Can engineering ship without pasting root keys into laptops?_ (3) _Can finance anticipate **multiplied** AWS API bills when incidents trigger agent retries?_ The toolkit’s docs and skills **support** coherent answers—they do not eliminate policy work. Cross-read **[AWS MCP Server GA: what changed](/blog/aws-mcp-server-ga-agent-toolkit-serverless-plugin/)** for the **CloudTrail / CloudWatch** framing that pairs with **this** repository. ## Reproduce the inventory (pin your own verdict) Ubuntu/macOS/Linux with git: ```bash # Context: ephemeral clone; rerun after major merges to refresh counts. git clone --depth 1 https://github.com/aws/agent-toolkit-for-aws.git cd agent-toolkit-for-aws git rev-parse HEAD # compares to snapshot 750230758fbf23acd60d075dedd7ead4092127ce find skills -name 'SKILL.md' -type f | wc -l # expects 43 at that snapshot ``` If your count differs, **your tree is fresher—or forked**. Update internal runbooks accordingly. ## What to do this week 1. **Open** **[aws/agent-toolkit-for-aws](https://github.com/aws/agent-toolkit-for-aws)** and pick **plugin vs. plain skills** deliberately (aws-core first). 2. **Re-run** the `find` recipe above; paste the **commit SHA** into your ADR. 3. **Align** with the **[May 6, 2026 GA MCP Server post](/blog/aws-mcp-server-ga-agent-toolkit-serverless-plugin/)**—two Regions at GA, org-wide logging expectations. 4. **Prune** skills you have not reviewed; **fork** and **diff** when InnerSource needs sign-off. 5. **Pair** Bedrock agent work with **[supervisor pattern](/blog/aws-bedrock-multi-agent-supervisor-pattern/)** and **[provisioned throughput economics](/blog/aws-bedrock-provisioned-throughput-vs-on-demand-break-even-2026/)** before production load tests. ### If you only do one thing **Install aws-core (or copy a reviewed skill subset) and enforce a dedicated read-only agent role in a sandbox** before anyone connects production. Skills make agents _competent_; IAM makes them _safe_. ## Related reading - **[AWS MCP Server GA + Serverless plugin](/blog/aws-mcp-server-ga-agent-toolkit-serverless-plugin/)** — IAM, logging, plugin pairing. - **[Kiro IDE and AWS agentic coding](/blog/kiro-ide-aws-agentic-coding/)** — spec-driven agents + SSO reality. - **[Bedrock multi-agent supervisor pattern](/blog/aws-bedrock-multi-agent-supervisor-pattern/)** — orchestration beyond single agents. - **[Why Bedrock is the fastest path to enterprise GenAI](/blog/why-aws-bedrock-is-the-fastest-path-to-enterprise-genai/)** — procurement + governance framing. - **[Bedrock provisioned throughput break-even](/blog/aws-bedrock-provisioned-throughput-vs-on-demand-break-even-2026/)** — cost discipline for steady workloads. ## What this post doesn't cover - Line-by-line transcription of every **`references/*.md`** file under **amazon-bedrock**—the GitHub tree is the source. - Per-assistant **MCP JSON** samples that rot weekly (use the README you cloned). - A full **AgentCore** production architecture—start at AWS runtime docs plus **[AWS MCP + AgentCore pointer](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/runtime-mcp.html)** in the companion post. - Legal review of third-party assistants; your **DPA** and **AI addenda** still govern external models. --- **Need help curating skills, agent IAM, or Bedrock rollout?** [FactualMinds is an AWS Select Tier Consulting Partner](/aws-partner/)—[tell us what you are building](/contact-us/). ## FAQ ### When is installing the full skills tree locally a bad idea compared with plugin-only or MCP discovery? If your developers already struggle with skill drift and unreviewed third-party instructions, dumping every category into ~/.cursor/skills/ increases the chance an agent loads the wrong procedure for a task. Prefer plugin bundles (aws-core first) or runtime discovery via the managed AWS MCP Server when you want a single organizational pattern. Local full-tree installs make sense for air-gapped labs or when you are forking and curating a subset under change control. ### Does the Agent Toolkit replace the need for IAM policies and human code review? No. Skills are curated guidance, not authorization. A skill can describe a valid pattern that your SCPs still forbid, or suggest a security group change that violates your network standard. Treat skills like internal runbooks: helpful, not sovereign. Pair them with environment-separated roles, permission boundaries, and review gates—the same framing as GA MCP Server rollout. ### What is the fastest way to mis-count or mis-quote the skill inventory? Rely on a stale blog screenshot. The repository adds and splits skills over time; always clone main and search for SKILL.md yourself (or pin a commit SHA in your internal docs). As of snapshot commit 750230758fbf23acd60d075dedd7ead4092127ce we counted exactly 43 SKILL.md files—your checkout may differ after the next merge. ### How does the Agent Toolkit relate to AWS Labs MCP servers I already use? The README positions the Agent Toolkit for AWS as the successor path AWS recommends for enterprise controls: IAM condition keys scoped to agents, CloudWatch metrics, CloudTrail auditing, and skills that underwent structured evaluation—compared with earlier AWS Labs drops that still work but may not get the same product emphasis. Migrate when your security review asks for clearer agent-vs-human segregation in policy. ### Which plugin should most teams install first—aws-core, aws-agents, or aws-data-analytics? Unless you are building Bedrock-heavy agent applications or Glue/Athena data-lake pipelines this week, start with aws-core. It bundles the broadest day-to-day cloud delivery surface (selection, IaC patterns, SDK usage, observability hooks). Add aws-agents when AgentCore/Bedrock agent construction is on the critical path; add aws-data-analytics when analysts and data engineers—not app teams—are the primary agent users. ### Can agents use AWS documentation search without AWS credentials? AWS states documentation search and skill discovery paths can operate without credentials for onboarding friction reduction; invoking AWS APIs through the managed MCP Server still requires proper authenticated principals. Separate “read the map” from “move the infra” when you explain this to auditors. --- *Source: https://www.factualminds.com/blog/aws-agent-toolkit-for-aws-skills-guide/*