As an administrator, you can control which models and MCP servers are available to your users. These governance controls are managed through the Kiro console under Settings > Shared settings.
By default, users can access any model supported by Kiro. You can restrict this by toggling on model access management and selecting an approved list of models. You can also set a default model that is automatically applied to all clients.
For details, see Models.
By default, users can use any MCP server in their Kiro client. You can either disable MCP entirely or specify an allow-list of vetted MCP servers through an MCP registry. These policies can be set at the organization level or overridden per account.
For details, see MCP tools.
By default, users cannot generate API keys to use with Kiro CLI. You can enable users to generate API keys.
For details, see API keys.
By default, users can use the web_search and web_fetch tools to search the web and fetch content from URLs. You can disable web tools for all users in your account or organization.
For details, see Web tools.
Governance