One advantage of AWS is short-lived credentials (hopefully, as long as it's configured correctly!)

So go ahead and dump your AWS SSO tokens to the LLM by accident, but it's going to take longer than a day to train a new model and ship it out to the world.

Also, I think kiro only uses AWS Bedrock, IIRC, so no training data goes back to the LLM manufacturers? At least I would hope so.

Database passwords, API keys to services with arduous rotation procedures, that's where the real exploits will come from in coming months, I think.