AWS DevOps Agent now reviews code before you ship it

Key Takeaways

• AWS DevOps Agent now includes release readiness review and autonomous release testing in preview
• The agent checks code against your natural language standards, dependency risks, and AWS Well-Architected best practices
• Tests run in AWS-managed isolated environments before changes enter the pipeline

AWS DevOps Agent can now assess your code changes before they hit production. The new release management capability, available in preview, adds two features: release readiness review that evaluates changes against your standards, and autonomous release testing that generates and runs tests tailored to each specific change.

This matters because AI coding tools have created a bottleneck. Development teams generate pull requests faster than reviewers and testers can process them. Code sits in queues. Reviews get rubber-stamped under deadline pressure. Test environments drift from production reality. AWS is betting that an AI agent can close the gap between code velocity and quality control.

What does release readiness review actually check?

The release readiness review feature evaluates every code change against three categories: production requirements, dependency safety, and whatever standards you define in plain English. You tell the agent what matters to your organization, like encryption requirements, network access rules, or logging standards. If you provide nothing, the agent falls back to general best practices.

The agent specifically checks for cross-repository dependency risks that could break other services, access control changes against AWS Well-Architected Framework guidelines, and compliance with your custom rules. Findings surface in the DevOps Agent console and as comments on pull requests in GitHub or GitLab.

Developers can also trigger reviews from their IDE using the Kiro extension or Claude Code plugin. This lets them catch dependency risks, standards violations, and access control issues before committing the change to version control.

“The practice of DevOps aims to make software change and operations smooth and increasingly autonomous, and AWS DevOps Agent delivers on both.”

— Swami Sivasubramanian, VP of Database, Analytics, and Machine Learning at AWS

How autonomous release testing differs from your existing test suite

Static test suites run the same checks regardless of what changed. The autonomous release testing feature reasons about what each specific change does and constructs tests targeting that logic. For web and API-based applications, it generates tests covering functional correctness, behavioral regressions, and integration scenarios that a manually maintained test plan might miss.

These tests run in customer-provisioned, production-like environments before the change merges. Every test run produces structured artifacts: metrics, logs, traces, and an execution summary. Reviewers get a consistent record of what was tested and what happened.

The agent also runs your software in an AWS-managed isolated environment during the review phase, executing lightweight user journey tests to verify the software builds, runs, and passes basic functional checks before entering the pipeline.

Setting up release management in the DevOps Agent

Getting started requires at least one GitHub or GitLab repository connected to your Agent Space. Once connected, the DevOps Agent indexes your code and builds a knowledge graph of cross-repository and cloud dependencies.

To customize reviews, navigate to Knowledge, then the Instructions tab. Find the Release readiness review instruction set and write your internal standards in plain English. You can define infrastructure requirements like encryption or network access rules, best practices that warn without blocking such as logging standards, and sensitive data classification rules for specific applications or resources.

The preview adds no cost to existing AWS DevOps Agent subscriptions. Both GitHub and GitLab are supported for the pull request feedback integration.

The debate: AI gatekeeper or black box?

Developer reactions are mixed. On Hacker News, discussion centered on the transition from AI coding assistant to autonomous gatekeeper. Some users questioned whether AI should make deployment decisions without human oversight. Others pointed out that AI models catch functional and security issues that humans miss under time pressure.

On Reddit's r/devops, skepticism focused on how the AWS-managed isolated environment handles complex legacy dependencies. Users praised the integration with existing PR workflows but worried about edge cases where the agent lacks context about why code exists.

The agent does not block deployments unilaterally. It provides findings and recommendations. The final merge decision remains with the human reviewer, though how teams choose to use those findings is up to them.

What the DevOps Agent already does

The release management features extend an agent that has been generally available for post-deployment operations. The DevOps Agent already autonomously investigates incidents, provides root cause analysis and mitigation steps, and delivers recommendations to prevent recurring issues. It spans AWS, multicloud, and on-premises environments.

With the preview, AWS positions the agent as support from code creation to production. The pitch: AI generates more code, so AI should also help review and test that code before it ships.

Frequently Asked Questions

Is AWS DevOps Agent release management free?

The preview adds no additional cost to existing AWS DevOps Agent subscriptions.

Which source control platforms does AWS DevOps Agent support?

GitHub and GitLab are both supported for pull request feedback integration.

Can I customize what the release readiness review checks?

Yes. You write your internal standards in plain English in the Instructions tab. The agent applies those rules during review. Without custom standards, it uses general best practices.

Does AWS DevOps Agent block deployments automatically?

No. The agent provides findings and recommendations. The final merge decision stays with the human reviewer.

Where do the autonomous tests run?

Tests run in customer-provisioned, production-like environments before the change merges. Lightweight checks also run in an AWS-managed isolated environment during review.

Source: AWS News Blog