Documentation

Privacy & Security

Kiro is an AWS application that works as a standalone agentic IDE. Kiro's security framework is built around AWS's security infrastructure and follows practices to protect your development environment and data. Cloud security at AWS is the highest priority. As an AWS customer, you benefit from a data center and network architecture that is built to meet the requirements of the most security-sensitive organizations.

Security is a shared responsibility between AWS and you. The shared responsibility model describes this as security of the cloud and security in the cloud:

  • Security of the cloud – AWS is responsible for protecting the infrastructure that runs AWS services in the AWS Cloud. AWS also provides you with services that you can use securely. Third-party auditors regularly test and verify the effectiveness of our security as part of the AWS Compliance Programs. To learn about the compliance programs that apply to Kiro, see AWS Services in Scope by Compliance Program.

  • Security in the cloud – Your responsibility is determined by the AWS service that you use. You are also responsible for other factors including the sensitivity of your data, your company’s requirements, and applicable laws and regulations

This documentation helps you understand how to apply the shared responsibility model when using Kiro. It shows you how to configure Kiro to meet your security and compliance objectives. You also learn how to use other AWS services that help you to monitor and secure your Kiro resources.

Copied!Data protection

The AWS shared responsibility model applies to data protection in Kiro. As described in this model, AWS is responsible for protecting the global infrastructure that runs all of the AWS Cloud. You are responsible for maintaining control over your content that is hosted on this infrastructure. You are also responsible for the security configuration and management tasks for the AWS services that you use. For more information about data privacy, see the Data Privacy FAQ.

Copied!Data storage

Kiro stores your questions, its responses, and additional context, such as code, to generate new responses to your requests. For information about how data is encrypted, see Data encryption. For information about how AWS may use some questions that you ask Kiro and its responses to improve our services, see Kiro service improvement.

Copied!AWS Regions where content is stored and processed

Your content, such as prompts and responses, will be stored in the US East (N. Virginia) Region.

When you use any features in Kiro, your user content will be processed in a US Region. For more information, see Cross-region processing.

Copied!Cross-region processing

The following sections describe how cross-region inference and cross-region calls are used to provide the Kiro service.

Copied!Cross-region inference

Kiro is powered by Amazon Bedrock, and uses cross-region inference to distribute traffic across different AWS Regions to enhance large language model (LLM) inference performance and reliability. With cross-region inference, you get increased throughput and resilience during high demand periods, as well as improved performance.

Cross region inference doesn’t affect where your data is stored. For information on where data is stored when you use Kiro, see Data protection.

Copied!Supported regions for Kiro cross-region inference

Supported Kiro geographyInference regions
United States
  • US East (N. Virginia) (us-east-1)
  • US West (Oregon) (us-west-2)
  • US East (Ohio) (us-east-2)

Copied!Data encryption

This topic provides information specific to Kiro about encryption in transit and encryption at rest.

Copied!Encryption in transit

All communication between customers and Kiro and between Kiro and its downstream dependencies is protected using TLS 1.2 or higher connections.

Copied!Encryption at rest

Kiro encrypts your data using AWS owned encryption keys from AWS Key Management Service (AWS KMS). You don’t have to take any action to protect the AWS managed keys that encrypt your data. For more information, see AWS owned keys in the AWS Key Management Service Developer Guide.

Copied!Service improvement

To help Kiro provide the most relevant information, we may use certain content from Kiro, such as questions that you ask Kiro and its responses, for service improvement. This page explains what content we use and how to opt out.

Copied!Kiro content used for service improvement

We may use certain content from Kiro for service improvement. Kiro may use this content, for example, to provide better responses to common questions, fix Kiro operational issues, for de-bugging, or for model training. Content that Kiro may use for service improvement includes, for example, your questions to Kiro and the responses and code that Kiro generates.

Info

If you have an Amazon Q Developer Pro subscription and access Kiro through your AWS account with the Amazon Q Developer Pro subscription, then Kiro will not use your content for service improvement.

Copied!How to opt out

In Kiro, for the Free Tier, adjust your settings in the IDE. For more information, see Opt out of data sharing in the IDE.

Copied!Opt out of data sharing in the IDE

By default, Kiro collects usage data, errors, crash reports, and content for service improvement. This page explains how to opt out of sharing your data in Kiro, including the core application, first-party extensions, and participating third-party extensions. Note that if you opt out, you'll be opting out of sharing both your telemetry and content. For information on how Kiro uses this data, see Kiro service improvement.

Copied!Opting out of sharing your client-side telemetry and content

To opt out of sharing your telemetry data in Kiro, use this procedure:

  1. Open Settings in Kiro.
  2. Switch to the User sub-tab.
  3. Choose Application, and from the drop-down choose Telemetry and Content.
  4. In the Telemetry and Content drop-down field, select Disabled to disable all product telemetry and user data collection.\

Copied!Types of telemetry collected

  • Usage data — Information such as the Kiro version, operation system (Windows, Linux, or macOS), and the anonymous machine ID.
  • Performance metrics — The request count, errors, and latency for various features:
    • Login
    • Tab completion
    • Code generation
    • Steering
    • Hooks
    • Spec generation
    • Tools
    • MCP

Copied!Monitoring and tracking the use of Kiro

Monitoring is an important part of maintaining the reliability, availability, and performance of Kiro. AWS provides the following monitoring tools and features to monitor and record Kiro activity:

  • AWS CloudTrail captures API calls and related events made by or on behalf of your AWS account and delivers the log files to an Amazon Simple Storage Service (Amazon S3) bucket that you specify. You can identify which users and accounts called AWS, the source IP address from which the calls were made, and when the calls occurred. All Kiro actions are logged by CloudTrail and generate entries in the CloudTrail log files.
  • Amazon CloudWatch monitors your AWS resources and the applications you run on AWS in real time. You can collect and track metrics, create customized dashboards, and set alarms that notify you or take actions when a specified metric reaches a threshold that you specify.

Copied!Compliance validation for Kiro

To learn whether an AWS service is within the scope of specific compliance programs, see AWS services in Scope by Compliance Program and choose the compliance program that you are interested in. For general information, see AWS Compliance Programs.

You can download third-party audit reports using AWS Artifact. For more information, see Downloading Reports in AWS Artifact. If you are signing in to Kiro with GitHub or Google, you will not be able to download third-party audit reports using AWS Artifact.

Your compliance responsibility when using AWS services is determined by the sensitivity of your data, your company's compliance objectives, and applicable laws and regulations. AWS provides the following resources to help with compliance:

  • Security Compliance & Governance – These solution implementation guides discuss architectural considerations and provide steps for deploying security and compliance features.
  • HIPAA Eligible Services Reference – Lists HIPAA eligible services. Not all AWS services are HIPAA eligible.
  • AWS Compliance Resources – This collection of workbooks and guides might apply to your industry and location.
  • AWS Customer Compliance Guides in the AWS Config Developer Guide – Understand the shared responsibility model through the lens of compliance. The guides summarize the best practices for securing AWS services and map the guidance to security controls across multiple frameworks (including National Institute of Standards and Technology (NIST), Payment Card Industry Security Standards Council (PCI), and International Organization for Standardization (ISO)).
  • Evaluating Resources with Rules – The AWS Config service assesses how well your resource configurations comply with internal practices, industry guidelines, and regulations.
  • AWS Security Hub – This AWS service provides a comprehensive view of your security state within AWS. Security Hub uses security controls to evaluate your AWS resources and to check your compliance against security industry standards and best practices. For a list of supported services and controls, see Security Hub controls reference.
  • Amazon GuardDuty – This AWS service detects potential threats to your AWS accounts, workloads, containers, and data by monitoring your environment for suspicious and malicious activities. GuardDuty can help you address various compliance requirements, like PCI DSS, by meeting intrusion detection requirements mandated by certain compliance frameworks.
  • AWS Audit Manager – This AWS service helps you continuously audit your AWS usage to simplify how you manage risk and compliance with regulations and industry standards.

Copied!Resilience in Kiro

The AWS global infrastructure is built around AWS Regions and Availability Zones. AWS Regions provide multiple physically separated and isolated Availability Zones, which are connected with low-latency, high-throughput, and highly redundant networking. With Availability Zones, you can design and operate applications and databases that automatically fail over between zones without interruption. Availability Zones are more highly available, fault tolerant, and scalable than traditional single or multiple data center infrastructures.

For more information about AWS Regions and Availability Zones, see AWS Global Infrastructure.

Copied!Infrastructure security in Kiro

As a managed service, Kiro is protected by AWS global network security. For information about AWS security services and how AWS protects infrastructure, see AWS Cloud Security. To design your AWS environment using the best practices for infrastructure security, see Infrastructure Protection in Security Pillar AWS Well‐Architected Framework. You use AWS published API calls to access Kiro through the network. Clients must support the following:

  • Transport Layer Security (TLS). We require TLS 1.2 and recommend TLS 1.3.
  • Cipher suites with perfect forward secrecy (PFS) such as DHE (Ephemeral Diffie-Hellman) or ECDHE (Elliptic Curve Ephemeral Diffie-Hellman). Most modern systems such as Java 7 and later support these modes.

Additionally, requests must be signed by using an access key ID and a secret access key that is associated with an IAM principal. Or you can use the AWS Security Token Service (AWS STS) to generate temporary security credentials to sign requests.

Copied!URL fetching

In the Kiro chat module, you can paste a specific URL for your device to fetch and use it as context to help Kiro answer your query or solve your task. You are responsible for the URL content that you fetch and ensuring that your use complies with any applicable third-party terms and laws.

Copied!Autopilot versus Supervised Mode

In Kiro, Autopilot is enabled by default. You can toggle between Autopilot and Supervised mode at any time. Autopilot mode enables the agent to execute code changes, such as creating, modifying, searching, and deleting files in your codebase and run commands that impact the filesystem.

Copied!Autopilot Mode

In Autopilot mode, Kiro works autonomously:

  • Kiro executes multiple steps without requiring approval for each one
  • Kiro makes decisions based on its understanding of your requirements
  • You can toggle autopilot on/off in the chat interface
  • You can interrupt autopilot at any time to regain manual control

Copied!Supervised Mode

In supervised mode, Kiro works interactively with the user, requiring their approval and guidance at each step:

  • Kiro suggests actions such as file creation, modification and deletion, but waits for user confirmation before proceeding
  • Kiro asks clarifying questions when needed
  • You can review and approve each generated document or code change, thus maintaining full control over the development process

When operating in either of these modes, you can view individual or all file changes made by the agent by selecting View all changes in the Chat module. Additionally, you can also select Revert all changes to restore your files to their previous state in the filesystem locally.

Copied!Trusted commands

By default, the Kiro agent in Autopilot or Supervised mode is only allowed to run the following read-only commands without human approval:

  • ls
  • cat
  • echo
  • pwd
  • which
  • head
  • tail
  • find
  • grep

Any command that needs to be executed outside the above list will require human approval prior to execution.

Additionally, you can create your own trusted commands list by searching for Kiro Agent: Trusted Commands in your settings. You can add shell commands to auto-accept if requested by the Kiro Agent, and all other commands will be auto-denied.

Copied!Security best practices

Kiro provides a number of security features to consider as you develop and implement your own security policies. The following best practices are general guidelines and don’t represent a complete security solution. Because these best practices might not be appropriate or sufficient for your environment, treat them as helpful considerations rather than prescriptions.

Copied!Protecting your resources

When using GitHub or Google authentication with Kiro, be aware that the Kiro agent operates within your local environment and may access:

  • Local files and repositories
  • Environment variables
  • AWS credentials stored in your environment
  • Other configuration files with sensitive information

Copied!Recommendations

  1. Workspace Isolation
    • Keep sensitive projects in separate workspaces
    • Use .gitignore to prevent access to sensitive files
    • Consider using workspace trust features in your IDE
  2. Use a Clean Environment
    • Consider creating a dedicated user account or container environment for Kiro
    • Limit access to only the repositories and resources needed for your current project
  3. Manage AWS Credentials Carefully
    • Use temporary credentials with appropriate permissions
    • Consider using AWS named profiles to isolate Kiro's access
    • For sensitive work, remove AWS credentials from your environment when not needed
  4. Repository Access Control
    • When using GitHub authentication, review which repositories Kiro can access
    • Use repository-specific access tokens when possible
    • Regularly audit access permissions

By following these practices, you can enjoy Kiro's capabilities while maintaining appropriate security boundaries for your development environment.

Page updated: July 14, 2025