Amazon Web Services (AWS) has disputed a Financial Times report that said the company’s internal AI tooling was involved in at least two outages in December, including a mid-month disruption that lasted around 13 hours.
According to the FT, engineers allowed an agentic AI coding tool known internally as Kiro to carry out changes to a customer-facing system. The FT said the tool took actions including deciding to “delete and recreate the environment”, triggering the prolonged interruption.
AWS said the incident was not caused by AI. In a statement carried by Reuters, a spokesperson described the disruption as “extremely limited” and said it resulted from “user error — specifically misconfigured access controls — not AI”. AWS said the issue affected a single service in one of its two AWS Regions in mainland China, and did not impact compute, storage, databases, AI technologies, or other AWS services.
The contested detail goes to the heart of how cloud providers, and their enterprise customers, are introducing more autonomous tooling into production environments. AWS’s response frames the event as a familiar class of operational failure: identity, permissions, and change controls. The FT’s account places more emphasis on the workflow around AI-enabled execution — and the risks that arise when automation is allowed to make consequential changes without sufficient review and constraint.
Even if AWS’s explanation is taken at face value, the incident highlights the specific control layer that becomes more critical as agentic tools become more common. Misconfigured access controls are, by definition, a permissions problem — but the organisational question is how such misconfigurations are prevented, detected, and reversed when tools are operating at machine speed.
The report also lands against a backdrop of heightened attention on AWS reliability. In October 2025, AWS suffered a major outage that disrupted services and apps worldwide, including widely used consumer platforms, before the company said service had returned to normal. The incident affected businesses globally and added to concerns about the concentration of critical digital infrastructure.
Separately, Amazon has been encouraging engineers to prioritise internal AI development tools. In November 2025, Reuters reported that an internal memo urged staff to use Kiro rather than adopting new third-party AI coding tools, as Amazon sought to consolidate usage around its in-house system.
Reportedly, AWS has since introduced additional safeguards, including mandatory peer review for production access, following the December incidents. AWS did not disclose further technical detail beyond its characterisation of the event as limited and caused by misconfigured access controls.
Business Quarter Executive has published an explainer exploring what agentic tools change in practical terms — and why access control, review, and blast-radius limits are becoming board-level questions as automation plays a larger role in production operations. Click here to read it now.
