‘User error, not AI,’ caused AWS service disruption in December 2025, says Amazon

Amazon Web Services (AWS) has clarified that a service interruption in December 2025 happened due to human error, specifically misconfigured access controls, rather than any fault in its AI tools. The company pushed back against reports suggesting its internal AI coding agent, Kiro, autonomously caused the outage.

The disruption, which lasted approximately 13 hours, affected a single customer-facing feature – AWS Cost Explorer (a tool for visualising, understanding, and managing AWS costs and usage) in one of the two regions in mainland China. Amazon described the event as an “extremely limited” incident that did not impact broader services such as compute, storage, databases, AI technologies, or other core infrastructure.

Amazon’s Kiro AI not be blamed for AWS outage

According to reporting from the Financial Times, citing anonymous sources familiar with the matter, engineers deployed Kiro – an agentic AI coding assistant capable of taking autonomous actions – to resolve an issue. The tool reportedly decided to “delete and recreate” its operating environment, leading to the outage. Normally, Kiro requires approval from two human reviewers before pushing changes to production, but due to the permissions oversight, it inherited broader access rights from its human operator, bypassing standard safeguards.

Amazon, in a press statement, firmly attributed the root cause to “user error—specifically misconfigured access controls—not AI.” The company highlighted that the involvement of AI tools was coincidental, and the same misconfiguration could occur with any developer tool or manual action. “In both instances [referring to reported cases], this was user error, not AI error,” an AWS spokesperson said.

The company noted that Kiro, by default, requests authorisation before taking actions, but the engineer in this case had “broader permissions than expected — a user access control issue, not an AI autonomy issue.”

Amazon implements safeguards

Reports indicate this was one of at least two production issues in recent months involving Amazon’s AI tools, though the second reportedly did not affect customer-facing AWS services. Amazon has responded by implementing “numerous safeguards,” including additional internal training and tightened oversight of permission management and automated systems.

The company maintains that its AI tools, including Kiro, serve as productivity aids rather than operational risks, and it continues to refine access policies and workflows.