記事公開日
What are Kiro Powers? | Part 1: Hands-on Setup and AWS Environment Construction
Key Takeaways
We explore how the introduction of Kiro's new feature, "Kiro Powers," enhances requirements definition and design processes through hands-on verification. By comparing "With Powers" vs. "Without Powers" using the same prompt, we clarify the differences in design specificity and architectural quality.
- Infrastructure-Focused Detailed Design:
By utilizing the "Build AWS infrastructure with CDK and CloudFormation" Power, Kiro moves beyond simple functional definitions to generate data models conscious of AWS CDK implementation and detailed port 443 communication tables (Inbound/Outbound). - Automatic Application of Best Practices:
Kiro autonomously references official AWS documentation and Well-Architected designs. This results in cost-optimized proposals (such as removing NAT Gateways) and IAM role configurations based on the Principle of Least Privilege. - Verification as an Autonomous AI Agent:
In our verification, Kiro acted as an "Autonomous AI Agent" when Powers were enabled, proactively researching and supplementing missing information. This demonstrates a process that generates design documents with strong business justification.
Introduction
Hi everyone. This is Okada from the DX Solution Sales Division.
Recently, a new Kiro feature called "Kiro Powers" was announced.
Many of you might be wondering, "What exactly are Kiro Powers?" or "What can I achieve by using them?"
In this post, I will demonstrate how requirements definition and design change when using the Spec feature with and without Kiro Powers, by executing the same prompt to generate a simple CloudFormation template.
For an overview of Kiro, please see the blog post below.
What are Kiro Powers?
In short, Kiro Powers is a feature that provides the AI with a "specific, dedicated manual" and allows it to use it only when necessary.
"I fed the AI a massive amount of documentation seeking accuracy, but it ended up giving me unintended answers."
This happens because providing too much information at once can cause the AI to become confused, making it difficult to prioritize information.
Kiro Powers solves this challenge!
For a detailed explanation of Kiro Powers, please refer to the official AWS blog below.
[Verification] How do requirements definition and design change with and without Kiro Powers?
To identify the differences in requirements and design when Kiro Powers is introduced, we conducted the following simple verification.
Verification Overview:
Run the same simple and ambiguous prompt requesting CloudFormation template generation with and without Powers.
Observe how the requirements definition and design document change when using the Spec feature.
Prompt:
Enable secure login to an EC2 instance in an AWS private subnet. Use a method that is as low-cost and easy to operate as possible.
Verification 1: Without Powers
First, we proceed without Powers.
Execute the prompt in Spec mode.
As a result, a requirements definition was returned.
It organized the elements to be created. To compare it with the "With Powers" version, we'll approve this requirements document as is.
After approving the requirements, the design document was generated.
Now, let's see how this changes when Powers are enabled.
Verification 2: With Powers
Now, we follow the exact same steps with Powers enabled.First, we install the relevant Power.
Select the lightning bolt "Powers" icon in the sidebar and install "Build AWS infrastructure with CDK and CloudFormation."
It is ready once it appears under "Installed."
Just like before, we execute the prompt in Spec mode.
This time, Kiro notifies us that the Power has become active.
Looking inside, it states:
1. An extension (Power) named "aws-infrastructure-as-code" is turned on.
2. It can build Well-Architected infrastructure using AWS CDK.
3. It can write code referencing the latest documentation, best practices, and sample code.
4. It assists with pre-deployment code verification, security checks, and troubleshooting.
The requirements definition was returned.
"Automatic updates by AWS managed services" is explicitly mentioned, which was not seen in the "Without Powers" version.
Additionally, while the previous version didn't specify implementation tools, "Deployment via AWS CDK" is now clearly stated.
We approve the requirements document and proceed to design.
In a behavior not seen without Powers, Kiro now researches on its own and acts as an "Autonomous AI Agent."
Kiro then compiled the design document.
Reviewing the content, the Security Group directionality is detailed in a table showing exactly which ports (e.g., 443) should be allowed (Inbound/Outbound).
- Inbound: HTTPS (443) from VPC CIDR range
- Outbound: All traffic (default) **EC2 Instance Security Group**: - Outbound: HTTPS (443) to VPC Endpoint Security Group
Regarding cost optimization, it incorporates business justifications such as "Eliminating NAT Gateways to minimize data transfer costs" as part of the test criteria.
*For any* deployment configuration, the system should use VPC endpoints instead of
NAT Gateways to minimize data transfer costs
Furthermore, for Least Privilege, it defines "Security correctness ensuring least privilege principles are enforced" as a property.
*For any* IAM role configuration, the system should enforce least privilege principles for both EC2 instances and users
Summary
Comparison Table| Item | With Powers (CDK/Infra Structure Focus) | Without Powers (Feature/Behavior Focus) |
|---|---|---|
| Design Focus | "How to build" Focuses on data models and infra settings optimized for AWS CDK implementation. |
"What to achieve" Focuses on component definitions and general functional requirements. |
| Data Model | Jest / CDK Testing Framework Focuses on validation as infrastructure-as-code. |
Jest / CDK Testing Framework Focuses on functional validity. |
| Error Handling | Emphasis on operation and construction issues, such as deployment errors. | Emphasis on user experience behavior, such as timeouts. |
While both designs proposed "Secure access via Session Manager," the "With Powers" version provided infrastructure settings optimized for CDK implementation. The design focus clearly shifted toward "How to build."
Powers can be easily installed by anyone, so please give it a try.
In the next post, we will move into the implementation phase. We will see if the differences become even more apparent during actual coding. Stay tuned!
↓ QES will continue to actively share information about Kiro!
We aim to become Japan's #1 resource for Kiro! Our mission is to evangelize this technology by empowering end-users with top-tier education and technical support.
If you have requests like "I want to know more about this service" or need help with "AWS environment construction/migration," please feel free to contact us via our Inquiry Form. For complex inquiries, our sales representative will contact you directly. Also, please check out the links below!
<QES Related Solutions/Blogs>
<White Paper Released by AWS Security Promotion Consortium (ASC-J), in which QES Participates>
※ Amazon Web Services, the "Powered by Amazon Web Services" logo, and other AWS trademarks used in this blog are trademarks of Amazon.com, Inc. or its affiliates in the United States and other countries.
