AWS AI Coding Bot Kiro Linked to User Errors, Prompting New Safeguards

Background

Amazon Web Services (AWS) launched Kiro, an AI‑powered coding assistant, in July. Designed to move beyond rapid‑build tools, Kiro writes code based on detailed specifications, aiming to boost developer efficiency. AWS also previously relied on its Amazon Q Developer chatbot for code assistance.

Incidents Involving Kiro

Two separate events highlighted challenges with the new tool. In the first case, described by Amazon as “user error, not AI error,” an “extremely limited event” impacted a single service in parts of mainland China. The second incident, also attributed to user error, did not affect a “customer facing AWS service.” Both situations stemmed from engineers having broader permissions than intended, a user access control issue rather than an AI autonomy problem.

Company Response and Safeguards

After the December incident, AWS implemented several safeguards. These include mandatory peer review of changes, enhanced staff training, and stricter permission controls for AI‑assisted actions. By default, Kiro now “requests authorisation before taking any action,” reinforcing human oversight.

Employee Sentiment

Some AWS staff remain skeptical about the utility of AI tools for the bulk of their work, citing the risk of error. Nevertheless, the company has set an internal target for 80 percent of developers to use AI for coding tasks at least once a week and is closely tracking adoption rates.

Broader Context

The incidents occurred against a backdrop of a previous 15‑hour AWS outage in October 2025 that forced multiple customer applications, including OpenAI’s ChatGPT, offline. AWS reports strong customer growth for Kiro and emphasizes the potential efficiency gains for both customers and employees.

Future Outlook

With the new safeguards in place, AWS aims to balance rapid AI‑driven development with robust safety measures, hoping to increase confidence among engineers while expanding AI adoption across its cloud services.