AWS DevOps Agent FAQs

AWS DevOps Agent is your always-available teammate that spans software change and operations across AWS, multicloud, and on- prem environments. It reviews code for release readiness and runs autonomous release testing so your team ships to production with confidence. Post-deployment, it autonomously investigates incidents, provides root cause analysis and mitigation steps, and delivers targeted recommendations to reduce recurring issues. It continuously learns your environment, building deep understanding of your services, dependencies, and operational patterns, so release reviews get more relevant, investigations get faster, and recommendations more precise. Ship faster, reduce MTTR, and drive operational excellence.

AWS DevOps Agent delivers three core benefits:

• Disciplined release management: Reviews code changes for release readiness with dependency, access control, and adherence to standards checks. Runs functional verification to confirm your software builds and runs as expected in an AWS-managed verification environment. Generates change-specific release tests to catch regressions and integration failures. All integrated into your developer workflow.
• Autonomous incident response: Automatically investigates incidents the moment alerts trigger, reducing mean time to resolution (MTTR) from hours to minutes
• Proactive site reliability:: Analyzes patterns across historical incidents to provide targeted recommendations that strengthen observability, infrastructure, deployment pipelines, and application resilience
• On-demand SRE task handling: Leverage AWS DevOps Agent's deep understanding of your environment to simplify and automate SRE tasks through a natural language interface. Build custom agents that run on a cadence or in response to events, like a daily database health report or an agent that flags log anomalies for review.
• Production intelligence: Automatically discovers your applications and maps their dependencies into a dynamic topology, correlating telemetry, code, and deployment data to power all capabilities. Add reusable skills that encode your runbooks and operational practices so the agent executes tasks consistently and improves over time.

Yes. AWS DevOps Agent resolves and proactively prevents incidents, optimizes application reliability and performance, and handles on-demand SRE tasks across AWS, multicloud, and on-prem environments. Integrate with your existing observability tools to correlate telemetry, code, and deployment data to reduce MTTR and drive operational excellence. For Azure environments, the agent connects natively through Microsoft Entra ID to discover and investigate Azure resources and correlate Azure DevOps pipeline deployments with incidents. For on-premises and other non-AWS environments, the agent connects via built-in observability integrations (such as Datadog, Splunk, and Dynatrace) or private MCP servers to access telemetry, logs, and infrastructure data from your existing tools. This means you get a single operations teammate that correlates signals across your entire environment rather than investigating each platform in isolation.

You can interact with AWS DevOps Agent in several ways:

• Web app: Interact with AWS DevOps Agent through the standalone web app to view agent activity and findings, ask operational questions, trigger release readiness reviews, create custom charts and reports, and steer agent actions.
• Collaboration tools: Receive findings and coordinate incident response directly in Slack, ServiceNow, and PagerDuty.
• IDE and coding agents: Access AWS DevOps Agent via MCP, ACP, and A2A protocols, including through Kiro via Kiro Power for DevOps Agent and the Claude Code plugin. Invoke its capabilities from coding agents, planning agents, or the tools your team already uses without switching context.
• Headless Mode: All AWS DevOps Agent capabilities are available for you to use in your agents via the AWS DevOps Agent managed MCP/A2A endpoints.

AWS DevOps Agent integrates with AWS Support to combine autonomous AI investigation with human expertise. During any investigation, you can escalate to AWS Support with one click, automatically providing Support engineers with complete investigation context including root cause analysis, telemetry correlation, and mitigation plans. This integration accelerates resolution by eliminating the need to manually gather and explain incident details. Customers receive monthly DevOps Agent credits based on their Support plan. Visit the AWS DevOps Agent pricing page for more details.

AWS DevOps Agent and AWS Security Agent are different but complementary. Use AWS DevOps Agent release management to review code changes for release readiness by checking adherence to standards, dependency impacts, and access controls, and run autonomous release testing in production-like environments to catch regressions and integration failures before they reach production. Use AWS Security Agent to perform threat modeling, conduct on-demand penetration testing, and automated security reviews to surface vulnerabilities across the SDLC so developers can build secure applications from the start.

Amazon CloudWatch investigations helps you accelerate operational investigations across your AWS environment. CloudWatch investigations is available at no additional cost and works within your AWS environment. AWS DevOps Agent goes further by serving as your always- available operations teammate across AWS, multicloud, and on-prem environments. It integrates with your observability tools (including CloudWatch), code repositories, and CI/CD pipelines, correlating telemetry, code, and deployment data to identify root causes, provide detailed mitigation plans, and deliver proactive recommendations that prevent future incidents. Beyond incident response, AWS DevOps Agent handles on-demand SRE tasks, enabling you to ask questions, create custom charts and reports, and get instant contextual answers about your environment. For pricing of AWS DevOps Agent, visit the pricing page.

Yes, AWS DevOps Agent can connect to AWS and third-party observability tools to introspect relevant alarms, metrics, logs, and traces contained in your existing observability tools. AWS DevOps Agent offers built-in integrations with observability tools such as Amazon CloudWatch, Dynatrace, Datadog, New Relic, Splunk, Grafana, and Prometheus. You can also connect to other observability tools by connecting to your own private or remote MCP servers to integrate with additional tools including proprietary systems, specialized platforms, other observability solutions, customer-managed version control systems, internal infrastructure and runbooks in Confluence.

Yes, AWS DevOps Agent can connect to AWS and third-party pipeline tools to introspect deployments and code diffs as it searches for an incident's root cause. AWS DevOps Agent offers built-in integrations with CI/CD pipelines like GitHub, GitLab, and Azure DevOps. You can also connect to other tools by connecting to your own MCP server.  For release management (preview), AWS DevOps Agent integrates with your version control and pipeline tools to deliver release readiness reviews and autonomous release testing.

Yes, AWS DevOps Agent can connect to your ticketing tools to trigger root cause investigations from tickets or alarms and publish its findings and suggested mitigation plans back to the originating ticket. You can also connect AWS DevOps Agent to your team's collaboration tools to enable it to publish its activity and findings in team collaboration channels. You can also send events from any event source to AWS DevOps Agent's webhook.

AWS DevOps Agent offers built-in integrations with observability tools such as Amazon CloudWatch, Dynatrace, Datadog, New Relic, Splunk, Grafana, Prometheus, and CI/CD pipelines like GitHub and GitLab. You can extend AWS DevOps Agent beyond its built-in integrations by connecting to private or remote MCP servers, enabling integrations with additional tools such as your organization's custom tools, specialized platforms, or proprietary ticketing systems. AWS DevOps Agent also integrates with collaboration tools such as Slack, ServiceNow, and PagerDuty, streamlining incident response coordination. You can also send events from any event source to AWS DevOps Agent's webhook.

With AWS DevOps Agent, you pay for the time the agent spends on operational tasks, billed per second. There are no upfront commitments. You can start and stop using the agent at any time. You are responsible for fees incurred for other AWS services that you use and connect to AWS DevOps Agent, for example, Amazon CloudWatch Logs Insights queries or trace retrievals. These fees are billed through the respective services at standard rates and are not included in the DevOps Agent pricing. Pricing details are available on the AWS DevOps Agent pricing page, with charges beginning April 10, 2026.

AWS DevOps Agent release management is available at no additional cost during preview

AWS Support customers receive monthly credits toward DevOps Agent usage based on a percentage of their AWS Support charge. Credits are issued by the 10th of each month, apply to charges within that month, and expire at month-end if unused. Learn more about AWS Support plans.

Yes, you do need an AWS account to use AWS DevOps Agent.

If you are an administrator, log into the AWS Management Console within a designated AWS account that handles the agent's setup, access controls, and billing. Organize agent environments using "Agent Spaces," logical containers that define the scope and configuration for individual agent instances. Each Agent Space operates independently, allowing you to configure multi-account access, establish connections to third-party platforms (observability tools, pipelines, ticketing and collaboration systems), and manage organizational access permissions. Agent Spaces also serve as deployment points for custom integrations via remote MCP (Model Context Protocol) servers.

If you are an on-call engineer or an SRE who needs to work collaboratively with AWS DevOps Agent to resolve incidents and drive service improvements, you can interact with AWS DevOps Agent via a standalone AWS DevOps Agent web app. Via this web app, customers of AWS DevOps can view agent activity and findings and steer agent actions.

An Agent Space defines the scope of what AWS DevOps Agent can access as it performs tasks through IAM roles and tool integrations. You can create multiple Agent Spaces, typically aligned with team responsibilities or service boundaries, and extend them with integrations to observability tools, CI/CD pipelines, and incident management systems.

Yes, you can use AWS DevOps Agent with any existing or new AWS resources existing in one or many accounts.

Connect at least one GitHub or GitLab repository to your Agent Space. AWS DevOps Agent will index your code and build a knowledge graph of cross-repository and cloud dependencies. Once connected, you can trigger release readiness reviews automatically via pull requests, on-demand through chat, or from your IDE through the Kiro or Claude Code plugin. To tailor reviews to your internal standards, add plain-English instructions in the agent’s Global Instructions that define your organization's requirements for infrastructure, security, observability, and data handling.

No, AWS DevOps Agent does not use your content to train models.

AWS DevOps Agent uses Amazon Bedrock foundation models.

AWS DevOps Agent is available at these Regions. The system is designed to retrieve operational data from multiple AWS Regions across all AWS accounts that have been granted access within the configured Agent Space, enabling comprehensive visibility into distributed infrastructure and applications regardless of their geographic deployment. This multi-Region data collection capability ensures that the agent can perform thorough incident analysis and preventative recommendations across an organization's entire AWS footprint while maintaining centralized processing and control.

AWS DevOps Agent encrypts all customer data at rest using AES- 256 encryption with AWS-managed keys. Customer Managed Keys (CMK) are also supported. Data is stored in the Region in which you create your Agent Spaces.

AWS DevOps Agent maintains detailed journals that log every reasoning step and action taken, creating complete transparency into agent decision-making processes. Additionally, all agent activities are automatically captured by AWS CloudTrail within the hosting AWS account.