Guille Ojeda
Caylent Catalysts™
Generative AI Strategy
Accelerate your generative AI initiatives with ideation sessions for use case prioritization, foundation model selection, and an assessment of your data landscape and organizational readiness.
Discover our first impressions of Kiro, AWS's new agentic IDE that makes it easier for developers to go from prototype to production.
Tools like GitHub Copilot and Cursor have made developers extraordinarily productive at generating code, but they've also created a new class of technical debt: undocumented, AI-generated software that works brilliantly until someone needs to maintain it. AWS's new Kiro IDE tackles this problem head-on with what they call "spec-driven development": a structured approach that forces you to think before you code.
After testing Kiro for a few weeks (as AWS Premier Partners, we at Caylent get some benefits), I can tell you it's not just another AI coding assistant. It's AWS understanding that software development isn't about faster code generation, but about generating better, more maintainable code from the start.
The Vibe Coding Problem is Real
You know the feeling. You fire up ChatGPT or Cursor, describe what you want to build, and watch as beautiful, functional code materializes on your screen. The dopamine hit is incredible (trust me, we've all been there). Within minutes, you have a working authentication system, a REST API, or a React component that handles edge cases you hadn't even thought of.
But then reality hits. Three months later, when you need to modify that AI-generated authentication flow to support single sign-on, you stare at the code like an archaeologist examining ancient hieroglyphs. There's no documentation explaining why certain decisions were made. The variable names make sense to an AI but not to humans. The business logic is scattered across files in ways that seemed clever at the time but now feel arbitrary.
This is the result of what the industry calls "vibe coding": the practice of generating code based on feeling and intuition rather than structured planning. It's fast, it's fun, and it's creating maintenance nightmares across the industry. That's where Kiro is different: its central premise is that the solution isn't to abandon AI assistance, but to add structure to the process.
What Kiro Actually Is
Kiro is an agentic IDE built on the open-source Code OSS foundation (the same base that powers Visual Studio Code). It feels immediately familiar to developers already comfortable with VS Code, while adding AI capabilities that go far beyond code completion.
What sets Kiro apart from competitors like Cursor or GitHub Copilot isn't its model choice (it uses Claude 4 Sonnet), but its architectural philosophy. While Cursor excels at project-wide context awareness and Copilot focuses on inline assistance, Kiro positions itself as an autonomous project lead. It doesn't just help you write code; it helps you plan, document, and structure entire features before a single line is written.
The Spec-Driven Philosophy
The heart of Kiro's approach is the Kiro Specs: a workflow that transforms high-level prompts into formal specifications before any code generation occurs. Instead of going directly from idea to implementation, you're guided through a three-phase process: Requirements, Design, and Tasks.
When you describe a feature to Kiro, it doesn't immediately start generating code. Instead, it creates three structured documents:
- The requirements.md file captures user stories, ensuring that business requirements are clearly articulated and acceptance criteria are defined upfront.
- The design.md file then translates those requirements into technical architecture. This includes data flow diagrams, TypeScript interfaces, database schemas, and API endpoint definitions.
- The tasks.md file breaks the work into granular, sequenced tasks with dependencies mapped out. This isn't just a TODO list, it's a comprehensive implementation plan that accounts for the non-functional requirements that AI often overlooks.
Make sense so far? The brilliance of this approach becomes apparent when you consider the enterprise development lifecycle. These specifications aren't static documents that get created once and forgotten. They're living artifacts that evolve with your codebase. Update the code, and the specs refresh to stay in sync. Modify the specs, and the task list regenerates to reflect new requirements.
This solves one of the biggest problems with AI-generated code: institutional memory. When a developer leaves a project, their "vibe" leaves with them, but the spec remains. New team members can understand not just what the code does, but why it was built that way and how it fits into the broader system architecture.
Hands-On: Building with Kiro Specs
Let's say you want to implement a user authentication system with email verification, password reset, and role-based access control. This is exactly the kind of feature that's easy to "vibe code" but becomes a maintenance nightmare without proper documentation.
You open the chat panel, select "Spec" mode, and describe your feature in natural language. Then, rather than jumping into implementation, Kiro will probe for clarification on edge cases, security requirements, and integration points with existing systems.
The requirements.md file that emerges captures not just the happy path scenarios ("As a user, I want to reset my password so that I can regain access to my account"), but also edge cases like handling multiple reset requests, expired tokens, and rate limiting to prevent abuse. This is the kind of thorough requirement gathering that separates experienced engineers from junior developers, and Kiro can systematize it into a repeatable process.
For the design.md file, Kiro will generate detailed TypeScript interfaces, outline the database schema changes required, and define the API endpoints with proper error response structures. More importantly, it will explain the reasoning behind key decisions: why JWT tokens were chosen over session-based authentication, how the password reset flow balances security with user experience, and where the implementation integrates with existing authorization middleware.
The tasks.md file is where the work is broken down into discrete tasks, properly sequenced based on dependencies. Unit tests will be defined for each service method, loading states and error handling will be explicitly called out for the frontend components, and every decision will be documented.
Keep in mind that this process adds overhead to initial development. The value of this is realized on complex features where the upfront planning prevents costly refactoring later. And if you think about it, this is exactly what you do (or should be doing) for any complex feature.
Agent Hooks
Beyond the spec-driven workflow, Kiro introduces "Agent Hooks", an event-driven automation framework that monitors your filesystem for changes and triggers AI actions in response. Think of it as Git hooks, but powered by an AI agent that can understand context and make intelligent decisions.
I can set up a hook to automatically update the project's README.md file whenever I modify API endpoints, and the hook will monitor changes to files matching a pattern like "src/api/**/*.ts" and instruct Kiro to "analyze the updated API endpoints and refresh the API documentation section of the README with current endpoint signatures and descriptions."
Or you could monitor the entire codebase for potential security issues before commits. When triggered manually (hooks can also fire on command), it would scan for hardcoded credentials, SQL injection vulnerabilities, and common security anti-patterns.
The real power of hooks becomes apparent when you consider team-wide standards enforcement. It's governance through automation, removing the human element from routine quality checks.
Important: hooks are only as good as the instructions you provide. Vague or ambiguous instructions lead to inconsistent behavior (you know how it is with AI). The system works best when you provide specific, actionable guidance that leaves little room for interpretation.
Agent Steering
Perhaps the most enterprise-focused feature in Kiro is "Agent Steering": a system for providing persistent project knowledge through markdown files stored in the .kiro/steering/ directory. This addresses a fundamental problem with AI coding assistants: they lack institutional memory about your specific project's conventions, architectural decisions, and business context.
When you run Kiro's "Setup Steering for Project" command, it creates three foundational files. The product.md file captures your product's purpose, target users, and key features, essentially the business context that helps Kiro understand why certain technical decisions matter. The tech.md file documents your technology stack and technical constraints. The structure.md file outlines file organization, naming conventions, and architectural patterns.
You can also write custom steering files tailored to your project's needs, such as api-standards.md file that defines your REST conventions, a testing.md file to document your testing approach, or a security.md file with security requirements.
These steering files support three inclusion modes. Files marked with "inclusion: always" are included in every interaction, perfect for fundamental standards that should influence all code generation. Files with "inclusion: fileMatch" are loaded only when working with files that match specific patterns. Files with "inclusion: manual" are available on-demand when you reference them explicitly in chat.
MCP Integration
MCP allows Kiro to securely connect to external data sources and specialized tools without exposing sensitive information. The most immediately useful MCP integration is the AWS Documentation server, which provides Kiro with access to current AWS service documentation, API references, and best practices. Instead of relying on training data that might be outdated, Kiro can query live and up to date AWS documentation.
More significantly for enterprises, MCP enables integration with private knowledge bases, internal APIs, and proprietary documentation systems. You can configure Kiro to access your company's internal wiki, coding standards repositories, or architecture decision records without sending that sensitive information to external AI services. The MCP server acts as a secure intermediary, processing queries locally and providing only relevant, sanitized responses to the AI model.
Performance and Pricing Reality Check
Kiro is currently free during its public preview phase, but AWS has announced a three-tier pricing model for general availability. The free tier will include 50 agent interactions per user per month, enough for light experimentation but not serious development work. The Pro tier at $19 per user per month provides 1,000 agent interactions, while the Pro+ tier at $39 per month offers 3,000 interactions.
Performance-wise, Kiro feels responsive for most operations. Spec generation typically completes in 30-45 seconds for moderate complexity features, while agent hook execution ranges from 2-5 seconds for simple tasks to 2+ minutes for comprehensive code analysis.
Understanding the Limitations
Teams focused on rapid prototyping or early-stage product development might find the spec-driven approach too structured and time-consuming. If you're building quick proof-of-concepts or need to iterate rapidly on uncertain requirements, Cursor's more conversational approach or Copilot's lightweight assistance might serve you better.
Kiro also requires a mindset shift that not all developers will embrace (though I would argue that every developer should, even if not with Kiro). Engineers accustomed to diving directly into code implementation might initially resist the structured planning phase. This works great for teams that already value documentation and architectural planning, but could feel constraining for developers who prefer exploratory coding approaches.
Where Kiro Fits in Your Stack
Kiro is particularly suitable for enterprise teams that prioritize maintainability and documentation over raw development speed. If your organization struggles with technical debt from AI-generated code, or if you need to ensure that AI assistance aligns with established architectural patterns, Kiro's spec-driven approach offers genuine value.
The migration path from existing tools is straightforward thanks to the VS Code foundation. Extensions, themes, and keyboard shortcuts transfer seamlessly, reducing the friction of evaluation and adoption. However, teams would need to invest time in creating steering files and configuring hooks to realize Kiro's full potential. I'd suggest you plan for 2-3 weeks of setup and team training to see meaningful productivity gains.
Looking ahead, Kiro represents AWS's bet that the future of AI-assisted development lies not in maximizing code generation speed, but in systematizing the entire development process. The spec-driven approach forces developers to think more deliberately about requirements and architecture, potentially producing more maintainable software even if the initial development takes longer.
For organizations that have been burned by AI-generated technical debt (or for those who have been accumulating technical debt but haven't realized it yet), Kiro's structured approach offers a compelling alternative. For teams that thrive on rapid iteration and creative exploration, the additional process overhead might feel constraining.
Generative AI & LLMOps
Guille Ojeda
Guille Ojeda is a Software Architect at Caylent and a content creator. He has published 2 books, over 100 blogs, and writes a free newsletter called Simple AWS, with over 45,000 subscribers. Guille has been a developer, tech lead, cloud engineer, cloud architect, and AWS Authorized Instructor and has worked with startups, SMBs and big corporations. Now, Guille is focused on sharing that experience with others.
View Guille's articlesAccelerate your GenAI initiatives
Leveraging our accelerators and technical experience
Browse GenAI Offerings
Related Blog Posts
Amazon Q Developer for AI-Driven Application Modernization
Discover how Amazon Q Developer is redefining developer productivity -featuring a real-world migration of a .NET Framework application to .NET 8 that transforms weeks of manual effort into just hours with AI-powered automation.
Application Modernization
Generative AI & LLMOps
Amazon Bedrock AgentCore: Redefining Agent Infrastructure as Undifferentiated Heavy Lifting
Explore how Amazon Bedrock AgentCore and the Agent Marketplace are industrializing, standardizing, and commoditizing the underlying agent infrastructure, helping organizations eliminate the operational toil and risk that have slowed the adoption of agentic systems.
Generative AI & LLMOps
Why Healthcare and Life Sciences Need Agentic AI Architectures
Explore how agentic AI architectures can address the complexity, uncertainty, and personalization needs of modern healthcare by mirroring medical team dynamics, enabling dynamic reasoning, mitigating bias, and delivering more context-aware and trustworthy medical insights.
Generative AI & LLMOps