AWS Sovereign Cloud: AI expansion and new agent tools

Contents

For the coming months, Amazon announced at the AWS Summit a significant expansion of its AI offering in the European Sovereign Cloud. New additions will include Amazon Nova 2 Lite as well as Open-Weight models from Mistral AI and OpenAI on Amazon Bedrock. With this, AWS is broadening the model selection in the cloud, advertised as sovereign, to a range that was previously only available in the classic regions.

Mantle to secure Bedrock for sensitive workloads

Architecturally interesting is Mantle, the next-generation inferencing engine for Amazon Bedrock. AWS promises Zero Operator Access: Operating personnel will not be able to view inputs and outputs at any time – relevant for workloads with professional secrecy or strict data protection requirements. Additionally, Mantle is intended to dynamically allocate capacities to requests, which improves availability for steady-state workloads and allows for rapid scaling during peak loads.

The AWS European Sovereign Cloud, generally available since January 2026, is a cloud offering operated entirely within the EU with data residency, exclusively EU-based operating personnel, and its own corporate structure under German law. AWS is investing 7.8 billion euros in this by 2040. The first region is in Brandenburg; Local Zones in Belgium, the Netherlands, and Portugal are planned. The German operating company is headed by Kathrin Renz; the overall offering is managed by Stéphane Israël, formerly CEO of Arianespace.

According to AWS, the AWS Marketplace includes over 165 solutions optimized for the European Sovereign Cloud, covering infrastructure, DevOps, cloud operations, and AI agents. SAP Cloud ERP Private is newly generally available. New on the infrastructure side are Amazon EC2 G6 instances with NVIDIA L4 GPUs for accelerated computing; AWS Network Firewall, AWS Elastic Disaster Recovery, and AWS IAM Identity Center were already integrated previously.

Agent-based tools: Kiro, Quick, and Transform

The second focus was set by Jonathan Allen, Executive in Residence at AWS, with an inventory of agent-based software development: Those who produce code ten times faster with AI agents shift the effort to verification and operation. AWS addresses this with three product lines.

Kiro is an agent-based development environment, generally available since November 2025. It follows a specification-driven approach: User stories, design documents, and architectural sketches are created as structured specs, against which the agent then implements. With the GA, property-based testing for spec conformity, checkpointing, a Kiro CLI, and centrally managed team plans via AWS IAM Identity Center were added. In the backend, Kiro uses Anthropic Claude (most recently Opus 4.7).

Since its GA, AWS has noticeably picked up the pace with Kiro. A few days before the summit, on May 12th, AWS added an optional Requirements Analysis Engine to Kiro, which checks before any code generation whether a spec is even contradiction-free to implement. A three-stage neuro-symbolic pipeline – Refinement, Auto-Formalization, Logical Analysis – converts natural language requirements via EARS notation into formal SMT-lib logic; an automated reasoner then searches for contradictions, gaps, and permissible and impermissible behavior scenarios. Kiro detects ambiguities through the semantic entropy of multiple LLM translation samples: If the formalizations diverge logically, Kiro presents the point as a two-option question ("remove the record" – Hard or Soft Delete?). The technical foundation was documented by an AWS Applied Science team in a detailed second blog post and substantiated with current requirements engineering research.

In the same release, Parallel Task Execution accelerates the implementation phase: Kiro analyzes the dependency graph of a spec, bundles independent tasks into parallel running "Waves" with isolated contexts, and continues to work fault-tolerantly if a single task fails – shortening large specs from 60 to 90 minutes to about 15 minutes, according to AWS. A new Quick Plan mode scans the language, frameworks, and project structure of the workspace beforehand and asks tailored clarification questions at the beginning, instead of requiring each spec step to be approved individually.

Furthermore, Kiro CLI 2.4.0 introduced a /rewind command for branching from previous prompts, a model-individually adjustable reasoning depth, and, according to AWS, an 88 percent faster workspace initialization. On the compliance side, Kiro has been available in the AWS GovCloud regions (US-East/West) since February and is HIPAA-eligible since May – however, only the IDE and CLI, Kiro Web is not included (yet). In parallel, the "Kiro Powers" marketplace is filling up: AWS Observability attaches incident investigations to Kiro with a click, and an Apache Spark troubleshooting agent and an upgrade agent for Amazon EMR are intended to shorten Spark version jumps from months to weeks.

Quick and Transform for Enterprise Applications

AWS positions Amazon Quick as an evolution of Amazon Q Business, where the assistant links structured and unstructured enterprise data. AWS Transform is aimed at classic modernization projects; AWS cites over a billion lines of mainframe code transformed as a reference metric. What's new, primarily, is where Transform will run in the future: In mid-May, AWS decoupled the modernization agents from its own web console and brought them directly into agentic development environments like Kiro, Claude, Cursor, and Codex via an AWS Transform MCP server, agent plugins, and a Kiro Power. This allows a transformation to be started in the IDE, monitored in the web frontend, and continued back in the IDE – against the same job with a consistent state and now also via IAM role authentication instead of separate login.

With AWS Transform Custom, custom transformation agents for proprietary enterprise code can be built. The necessary agent builder toolkit, called Kiro power, has been generally available since May and allows partners and customers to integrate their own agents, including tools, knowledge bases, and workflows, into Transform and register them for reuse. VMware migration is also becoming more concrete: Transform now modernizes networks, compares planned VPCs against existing ones, detects CIDR conflicts before provisioning, and processes network configurations independently of the source tool.

Additionally, AWS promotes dedicated DevOps and Security agents that automatically investigate incidents, diagnose causes, and suggest fixes – the final approval remains with humans. The agent stack is supported by further model options: In Amazon SageMaker JumpStart, available since May, are, among others, GLM-5.1-FP8 from Z.ai (designed for long-running, agentic coding over many iterations) and the compact Phi-4-mini-instruct from Microsoft (reasoning under latency and memory constraints, 24 languages) – deployable with a click or SDK in your own AWS account.

Amazon presented the innovations as part of the AWS Summit. With 8800 participants, 101 sponsors, and 156 sessions, the in-house trade fair attracted a broad professional audience to the Hamburg Messe this year.

(vbr)