Data protection

The AWS shared responsibility model applies to data protection in Kiro Web. As described in this model, AWS is responsible for protecting the global infrastructure that runs all of the AWS Cloud. You are responsible for maintaining control over your content that is hosted on this infrastructure. You are also responsible for the security configuration and management tasks for the AWS services that you use. For more information about data privacy, see the Data Privacy FAQ.

Kiro Web stores your task descriptions, chat messages, code changes, and additional context to execute tasks and generate responses. For information about how data is encrypted, see Data encryption.

During the preview, all Kiro Web content, such as task descriptions, chat messages, and code changes, is stored in the US East (N. Virginia) Region.

With cross-region inferencing, your content may be processed in a different Region within the United States. For more information, see Cross-region processing.

Kiro Web uses cross-region inference to distribute traffic across different AWS Regions to enhance large language model (LLM) inference performance and reliability. With cross-region inference, you get increased throughput and resilience during high demand periods, as well as improved performance.

Cross-region inference doesn't affect where your data is stored. All data remains stored in the US East (N. Virginia) Region during the preview.

This topic provides information specific to Kiro Web about encryption in transit and encryption at rest.

All communication between customers and Kiro Web and between Kiro Web and its downstream dependencies is protected using TLS 1.2 or higher connections.

Kiro Web encrypts your data using AWS owned encryption keys from AWS Key Management Service (AWS KMS). You don't have to take any action to protect the AWS managed keys that encrypt your data. For more information, see AWS owned keys in the AWS Key Management Service Developer Guide.

To help Kiro provide the most relevant information, we may use certain content from Kiro Web, such as task descriptions, chat messages, other inputs you provide, and the responses and code that Kiro generates, for service improvement. This page explains what content we use and how to opt out.

We may use certain content from Kiro Web for service improvement. Content that Kiro may use for service improvement includes, for example, your task descriptions, chat messages, other inputs you provide, and the responses and code that Kiro generates. Kiro may use this content, for example, to provide better responses to common questions, fix operational issues, for debugging, or for model training.

By default, Kiro Web collects content for service improvement. This section explains how to opt out of sharing your data.

To opt out of sharing your content in Kiro Web:

1. Go to Settings and select the Agent tab
2. Navigate to the Data collection section
3. Toggle off Allow AWS to use your Kiro autonomous agent content for service improvement