kirodotdev · shawnawshk · Jan 7, 2026 · Jan 7, 2026
diff --git a/serverless-dev/POWER.md b/serverless-dev/POWER.md
@@ -0,0 +1,72 @@
+---
+name: "serverless-dev"
+displayName: "AWS Serverless Development"
+description: "Build production-ready serverless applications on AWS using AWS SAM, Lambda, API Gateway, EventBridge, and other serverless services following AWS best practices"
+keywords: ["serverless", "lambda", "sam", "api gateway", "eventbridge", "dynamodb", "s3", "step functions", "sqs", "sns", "cloudformation", "lambda durable functions", "workflow"]
+mcpServers: ["awslabs.aws-serverless-mcp-server", "aws-knowledge-mcp-server"]
+author: "AWS"
+---
+
+# Onboarding
+
+## Step 1: Validate AWS SAM CLI
+Before building serverless applications, ensure AWS SAM CLI is installed:
+- **AWS SAM CLI**: Required for building and deploying serverless applications
+  - Verify with: `sam --version`
+  - Install from: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/install-sam-cli.html
+  - **CRITICAL**: If SAM CLI is not installed, guide the user to install it before proceeding
+
+## Step 2: Validate AWS CLI
+- **AWS CLI**: Required for AWS operations
+  - Verify with: `aws --version`
+  - Check credentials: `aws sts get-caller-identity`
+  - If not configured, guide user to run: `aws configure`
+
+## Step 3: Validate Docker (Optional but Recommended)
+- **Docker**: Required for local testing and building container-based Lambda functions
+  - Verify with: `docker --version`
+  - Note: Docker is optional but highly recommended for `sam build --use-container` and `sam local` commands
+
+# When to Load Steering Files
+
+- Initializing new serverless projects → `sam-init-workflow.md`
+- Building and deploying applications → `sam-build-deploy.md`
+- Creating Lambda functions → `lambda-best-practices.md`
+- Building long-running workflows with Lambda Durable Functions → `lambda-durable-functions.md`
+- Working with API Gateway → `api-gateway-patterns.md`
+- Event-driven architectures with EventBridge, SQS, SNS → `event-driven-patterns.md`
+- DynamoDB integration → `dynamodb-patterns.md`
+- Local testing and debugging → `local-testing.md`
+- Security and IAM → `security-iam.md`
+- Performance optimization → `performance-optimization.md`
+
+# Core Principles
+
+## Always Use SAM for Serverless Development
+- Prefer AWS SAM over raw CloudFormation for Lambda and API Gateway
+- Use SAM CLI commands: `sam init`, `sam build`, `sam deploy`, `sam local invoke`
+- Leverage SAM's simplified syntax for serverless resources
+
+## Infrastructure as Code
+- All infrastructure defined in `template.yaml` (SAM template)
+- Use SAM policy templates for common IAM patterns
+- Version control all infrastructure code
+
+## Security First
+- Apply least privilege IAM permissions
+- Use SAM policy templates when possible
+- Enable AWS X-Ray tracing for observability
+- Use environment variables for configuration, AWS Secrets Manager for secrets
+
+## Performance and Cost Optimization
+- Right-size Lambda memory and timeout
+- Use Lambda Layers for shared dependencies
+- Implement proper error handling and retries
+- Consider Lambda SnapStart for Java functions
+- Use provisioned concurrency only when needed
+
+## Testing Strategy
+- Test locally with `sam local invoke` and `sam local start-api`
+- Use `sam build` before deployment
+- Implement unit tests for Lambda handlers
+- Use `sam logs` for debugging deployed functions
diff --git a/serverless-dev/README.md b/serverless-dev/README.md
@@ -0,0 +1,111 @@
+# AWS Serverless Development Kiro Power
+
+A comprehensive Kiro Power for building production-ready serverless applications on AWS using SAM (Serverless Application Model).
+
+## What This Power Provides
+
+This power gives Kiro instant expertise in:
+
+- **AWS SAM** - Initialize, build, and deploy serverless applications
+- **Lambda Functions** - Best practices for handlers, performance, and error handling
+- **API Gateway** - REST and HTTP APIs with authentication and authorization
+- **Event-Driven Architecture** - EventBridge, SQS, SNS, S3 events, DynamoDB Streams
+- **DynamoDB** - Single-table design, access patterns, and optimization
+- **Local Testing** - SAM local invoke and API testing
+- **Security & IAM** - Least privilege policies, secrets management, encryption
+- **Performance Optimization** - Cold start reduction, memory tuning, cost optimization
+
+## Installation
+
+### From Local Path (Development)
+
+1. Clone or download this repository
+2. Open Kiro IDE
+3. Go to Powers panel
+4. Click "Add power from Local Path"
+5. Select the `serverless-dev` directory
+
+### From GitHub (Once Published)
+
+1. Open Kiro IDE
+2. Go to Powers panel
+3. Click "Add power from GitHub"
+4. Enter the repository URL
+
+## Prerequisites
+
+This power requires:
+
+- **AWS SAM CLI** - Install from https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/install-sam-cli.html
+- **AWS CLI** - Configured with credentials
+- **Docker** (optional but recommended) - For local testing and container builds
+
+The power will validate these dependencies on first use.
+
+## Usage
+
+Once installed, the power activates automatically when you mention serverless-related keywords:
+
+- "Create a Lambda function"
+- "Build a serverless API"
+- "Set up DynamoDB table"
+- "Deploy with SAM"
+- "Add EventBridge rule"
+
+## Example Prompts
+
+**Initialize a new project:**
+```
+Create a new serverless API with Python Lambda functions and DynamoDB
+```
+
+**Add functionality:**
+```
+Add an EventBridge rule that triggers a Lambda function when orders are placed
+```
+
+**Optimize performance:**
+```
+Optimize this Lambda function for better cold start performance
+```
+
+**Deploy:**
+```
+Build and deploy this application using SAM
+```
+
+## Steering Files
+
+The power includes specialized guidance for:
+
+- `sam-init-workflow.md` - Project initialization
+- `sam-build-deploy.md` - Build and deployment
+- `lambda-best-practices.md` - Lambda function patterns
+- `api-gateway-patterns.md` - API Gateway configuration
+- `event-driven-patterns.md` - Event-driven architectures
+- `dynamodb-patterns.md` - DynamoDB integration
+- `local-testing.md` - Local development and testing
+- `security-iam.md` - Security and IAM best practices
+- `performance-optimization.md` - Performance tuning
+
+## Best Practices Included
+
+- SAM policy templates for least privilege
+- Arm64 architecture for better price-performance
+- X-Ray tracing enabled by default
+- Structured logging patterns
+- Error handling and retry strategies
+- Cold start optimization techniques
+- Cost optimization recommendations
+
+## Contributing
+
+To improve this power:
+
+1. Add or update steering files in the `steering/` directory
+2. Update `POWER.md` with new keywords or workflows
+3. Test locally before sharing
+
+## License
+
+This power is provided as-is for use with Kiro IDE.
diff --git a/serverless-dev/mcp.json b/serverless-dev/mcp.json
@@ -0,0 +1,28 @@
+{
+  "mcpServers": {
+    "awslabs.aws-serverless-mcp-server": {
+      "command": "uvx",
+      "args": [
+        "awslabs.aws-serverless-mcp-server@latest",
+        "--allow-write",
+        "--allow-sensitive-data-access"
+      ],
+      "env": {
+        "AWS_PROFILE": "default",
+        "AWS_REGION": "us-west-2",
+        "FASTMCP_LOG_LEVEL": "ERROR"
+      },
+      "disabled": false,
+      "autoApprove": []
+    },
+    "aws-knowledge-mcp-server": {
+      "type": "http",
+      "url": "https://knowledge-mcp.global.api.aws",
+      "disabled": false,
+      "autoApprove": [
+        "aws___read_documentation",
+        "aws___search_documentation"
+      ]
+    }
+  }
+}
diff --git a/serverless-dev/steering/api-gateway-patterns.md b/serverless-dev/steering/api-gateway-patterns.md
@@ -0,0 +1,178 @@
+# API Gateway Patterns
+
+## REST API with SAM
+
+```yaml
+ServerlessRestApi:
+  Type: AWS::Serverless::Api
+  Properties:
+    StageName: Prod
+    Cors:
+      AllowMethods: "'GET,POST,PUT,DELETE,OPTIONS'"
+      AllowHeaders: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key'"
+      AllowOrigin: "'*'"
+    Auth:
+      DefaultAuthorizer: MyCognitoAuthorizer
+      Authorizers:
+        MyCognitoAuthorizer:
+          UserPoolArn: !GetAtt UserPool.Arn
+
+GetItemFunction:
+  Type: AWS::Serverless::Function
+  Properties:
+    Events:
+      GetItem:
+        Type: Api
+        Properties:
+          RestApiId: !Ref ServerlessRestApi
+          Path: /items/{id}
+          Method: get
+```
+
+## HTTP API (Recommended for Lower Cost)
+
+```yaml
+HttpApi:
+  Type: AWS::Serverless::HttpApi
+  Properties:
+    CorsConfiguration:
+      AllowOrigins:
+        - "*"
+      AllowMethods:
+        - GET
+        - POST
+      AllowHeaders:
+        - Content-Type
+
+MyFunction:
+  Type: AWS::Serverless::Function
+  Properties:
+    Events:
+      HttpApiEvent:
+        Type: HttpApi
+        Properties:
+          ApiId: !Ref HttpApi
+          Path: /items
+          Method: get
+```
+
+## Request/Response Patterns
+
+### Lambda Proxy Integration (Default)
+Function receives full request and returns formatted response:
+
+```python
+def lambda_handler(event, context):
+    # event contains: httpMethod, path, queryStringParameters, headers, body
+    return {
+        'statusCode': 200,
+        'headers': {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*'
+        },
+        'body': json.dumps({'message': 'Success'})
+    }
+```
+
+### Path Parameters
+```yaml
+Events:
+  GetItem:
+    Type: Api
+    Properties:
+      Path: /items/{id}
+      Method: get
+```
+
+Access in handler:
+```python
+item_id = event['pathParameters']['id']
+```
+
+### Query Parameters
+```python
+query_params = event.get('queryStringParameters', {})
+limit = query_params.get('limit', '10')
+```
+
+## Authentication
+
+### Cognito Authorizer
+```yaml
+Auth:
+  DefaultAuthorizer: MyCognitoAuth
+  Authorizers:
+    MyCognitoAuth:
+      UserPoolArn: !GetAtt UserPool.Arn
+```
+
+### Lambda Authorizer
+```yaml
+Auth:
+  DefaultAuthorizer: MyLambdaAuth
+  Authorizers:
+    MyLambdaAuth:
+      FunctionArn: !GetAtt AuthFunction.Arn
+      Identity:
+        Headers:
+          - Authorization
+```
+
+## API Gateway Best Practices
+
+### Enable Throttling
+```yaml
+MethodSettings:
+  - ResourcePath: "/*"
+    HttpMethod: "*"
+    ThrottlingBurstLimit: 100
+    ThrottlingRateLimit: 50
+```
+
+### Enable Caching (REST API only)
+```yaml
+MethodSettings:
+  - ResourcePath: "/*"
+    HttpMethod: "GET"
+    CachingEnabled: true
+    CacheTtlInSeconds: 300
+```
+
+### Request Validation
+```yaml
+RequestValidator:
+  Type: AWS::ApiGateway::RequestValidator
+  Properties:
+    RestApiId: !Ref ServerlessRestApi
+    ValidateRequestBody: true
+    ValidateRequestParameters: true
+```
+
+### API Keys and Usage Plans
+```yaml
+ApiKey:
+  Type: AWS::ApiGateway::ApiKey
+  Properties:
+    Enabled: true
+
+UsagePlan:
+  Type: AWS::ApiGateway::UsagePlan
+  Properties:
+    ApiStages:
+      - ApiId: !Ref ServerlessRestApi
+        Stage: Prod
+    Throttle:
+      RateLimit: 100
+      BurstLimit: 200
+```
+
+## Error Handling
+
+Return proper HTTP status codes:
+- 200: Success
+- 201: Created
+- 400: Bad Request
+- 401: Unauthorized
+- 403: Forbidden
+- 404: Not Found
+- 500: Internal Server Error