Skip to content
/
Tier B A8 Cross-runtime harness

AI-DLC Workflows (AWS)

aws-aidlc-workflows · awslabs/aidlc-workflows · ★ 2.4k · last commit 2026-05-26

Cross-IDE adaptive software development lifecycle enforcement for AI coding agents, with mandatory audit trails and human approval gates at each phase.

Best whenThe workflow must adapt to the work (not the reverse) — fixed pipelines waste AI capability; adaptive depth calibration and human-in-the-loop approval gates …
Skip ifAI overconfidence (dedicated overconfidence-prevention rule), Skipping phases for expediency
vs seeds
superpowers(Archetype 1 — skills-only enforcement), AI-DLC uses rule/steering files, mandates a three-phase lifecycle with artifact…
Primitive shape
No installable primitives
00

Summary

awslabs/aidlc-workflows — Summary

AI-DLC (AI-Driven Development Life Cycle) is AWS's official multi-platform workflow steering rule set for AI coding agents — a cross-IDE methodology that installs into Kiro, Amazon Q Developer, Cursor, Cline, Claude Code, and GitHub Copilot and enforces a structured three-phase software development lifecycle: INCEPTION → CONSTRUCTION → OPERATIONS.

Problem it solves: AI coding agents lack consistent process discipline across different IDEs and projects; developers get variable quality outputs and no audit trail. AI-DLC imposes Inception (planning), Construction (design/build/test), and Operations phases with mandatory phase-gate documentation, adaptive depth based on task complexity, and optional security/testing extensions.

Distinctive trait: The only framework in the corpus with a three-phase lifecycle enforcement that explicitly runs on 6 different IDEs (not just one). It uses a hierarchical rule-loading strategy: a single core-workflow.md steering rule bootstraps context, then loads detailed rule files on demand from aws-aidlc-rule-details/ — preventing context bloat while ensuring completeness. Extensions (security baseline, testing strategies) use an opt-in/opt-out prompt mechanism at Requirements Analysis.

Target audience: Enterprise development teams using AI coding agents who need consistent, auditable, compliance-aware development workflows across diverse IDE choices.

Scope: 2,443 GitHub stars, MIT-0 license (AWS's no-attribution MIT variant), v0.1.8 release (April 2026), 24 contributors, active since 2025.

Differs from seeds: Most similar to kiro (Archetype 5 — structured lifecycle with steering files and phases) but cross-IDE rather than IDE-locked. Unlike superpowers (Archetype 1 — behavioral enforcement via skills), AI-DLC is a rule/steering-file system that imposes multi-phase process with mandatory artifacts, approval gates, and an audit log (audit.md).

01

Overview

awslabs/aidlc-workflows — Overview

Origin

Published by AWS Labs (awslabs GitHub organization) as the official AWS AI-driven development methodology. Released with a blog post: "AI-Driven Development Life Cycle" on the AWS DevOps blog. A formal Method Definition Paper exists (referenced in the README).

Philosophy

"AI-DLC is an intelligent software development workflow that adapts to your needs, maintains quality standards, and keeps you in control of the process."

Three core tenets:

  1. Adaptive workflow: The AI assesses complexity, workspace state, and intent — then determines which stages are needed. Not all stages run for all tasks.
  2. User control: Approval gates at each phase ensure humans remain in control of architectural decisions
  3. Quality standards: Mandatory content validation (Mermaid diagrams, ASCII art, special character escaping), mandatory audit log

Design Manifesto

The core-workflow.md opens with:

"# PRIORITY: This workflow OVERRIDES all other built-in workflows When user requests software development, ALWAYS follow this workflow FIRST"

This is a hard override — AI-DLC explicitly claims precedence over the AI agent's built-in behaviors.

The Three-Phase Lifecycle

INCEPTION PHASE
└── Workspace Detection (ALWAYS)
    Reverse Engineering (brownfield only)
    Requirements Analysis (ALWAYS, adaptive depth)
    User Stories (conditional)
    Workflow Planning (ALWAYS)
    Application Design (conditional)
    Units Generation (conditional)

CONSTRUCTION PHASE
└── Functional Design (per unit)
    NFR Requirements (per unit)
    Infrastructure Design (conditional)
    Code Generation (ALWAYS, per unit)
    Build and Test (ALWAYS)

OPERATIONS PHASE (placeholder)
└── Future deployment/monitoring workflows

Tenets

From the README, AI-DLC embraces:

  • Quality-first development
  • Human-AI collaboration (not autonomous AI)
  • Compliance-awareness (via extension system)
  • Auditability (mandatory audit.md)
02

Architecture

awslabs/aidlc-workflows — Architecture

Distribution

  • Type: methodology-doc + steering-file bundle
  • Install: Download latest release zip → extract → copy to IDE-specific location
  • License: MIT-0 (AWS's no-attribution variant)
  • Version: v0.1.8 (latest release as of 2026-05-26)

Platform-Specific Install Paths

IDE Install Method Steering File Location
Kiro cp -R aidlc-rules/aws-aidlc-rules .kiro/steering/ .kiro/steering/aws-aidlc-rules/
Amazon Q Developer Copy to .amazonq/rules/ .amazonq/rules/aws-aidlc-rules/
Cursor Copy to .cursorrules or rules dir Cursor rules system
Cline Copy to appropriate location Cline rules
Claude Code Copy to .claude/ .claude/ (AGENTS.md or similar)
GitHub Copilot Copy to .github/copilot-instructions.md Copilot instructions

Repository Structure

awslabs/aidlc-workflows/
├── .bandit, .checkov.yaml, .gitleaks.toml, .grype.yaml  # Security scanning
├── .semgrepignore, .pre-commit-config.yaml              # Pre-commit hooks
├── .kiro/steering/                                       # Kiro-ready steering
├── .claude/settings.json                                 # Claude Code settings (attribution only)
├── aidlc-rules/
│   ├── aws-aidlc-rules/
│   │   └── core-workflow.md          # MAIN: the single orchestrating rule
│   └── aws-aidlc-rule-details/
│       ├── common/                   # 10 common detail files
│       │   ├── process-overview.md
│       │   ├── session-continuity.md
│       │   ├── content-validation.md
│       │   ├── question-format-guide.md
│       │   └── welcome-message.md
│       ├── inception/               # 6 inception phase detail files
│       ├── construction/            # 7 construction phase detail files
│       ├── extensions/
│       │   ├── security/            # security-baseline files
│       │   └── testing/             # testing-strategy files
│       └── operations/
├── scripts/                         # 3 analysis/evaluation scripts
│   ├── aidlc-designreview
│   ├── aidlc-evaluator
│   └── aidlc-traceability
├── AGENTS.md
├── CHANGELOG.md
└── README.md

Rule-Loading Architecture

The hierarchical loading strategy is a key design:

  1. Agent installs core-workflow.md (single small steering file)
  2. core-workflow.md instructs agent to load common/ rules at workflow start
  3. Phase-specific detail files are loaded on-demand during each phase
  4. Extension *.opt-in.md files presented to user → user opts in/out → full extension loaded or skipped

Security Infrastructure

The repo ships enterprise-grade security scanning:

  • .bandit — Python security linter
  • .checkov.yaml — Infrastructure-as-code security scanner
  • .gitleaks.toml — Secret leakage detection
  • .grype.yaml — Vulnerability scanner
  • .pre-commit-config.yaml — Pre-commit hooks running all above

Required Runtime

  • No runtime for rule file consumption
  • Scripts in scripts/ require bash
  • Pre-commit hooks require Python tools (bandit, semgrep, gitleaks, grype)
03

Components

awslabs/aidlc-workflows — Components

Core Rule Files

Primary Steering Rule (1)

File Purpose
aidlc-rules/aws-aidlc-rules/core-workflow.md Master orchestrator — defines the three-phase lifecycle, mandatory rule-loading strategy, adaptive stage execution, question file format, and content validation requirements

Common Detail Files (10)

File Purpose
common/process-overview.md Technical reference for workflow structure with Mermaid diagram
common/session-continuity.md How to resume sessions and handle context limits
common/content-validation.md Rules for validating Mermaid diagrams, ASCII art, special characters
common/question-format-guide.md Multiple-choice (A-E) question format for user interaction
common/welcome-message.md User-facing ASCII art welcome message
common/ascii-diagram-standards.md ASCII diagram formatting standards
common/depth-levels.md How to calibrate analysis depth to task complexity
common/error-handling.md Error recovery and escalation patterns
common/overconfidence-prevention.md Instructions to prevent AI overconfidence
common/terminology.md Project-specific terminology glossary
common/workflow-changes.md How to handle scope changes mid-workflow

Inception Phase Detail Files (6)

File Purpose
inception/workspace-detection.md Detect greenfield vs brownfield, log initial request
inception/reverse-engineering.md Analyze existing codebases (brownfield only)
inception/requirements-analysis.md Adaptive requirements gathering (depth based on complexity)
inception/user-stories.md Generate user stories (conditional)
inception/workflow-planning.md Plan implementation units and sequencing
inception/units-generation.md Generate work units (conditional)
inception/application-design.md Application architecture design (conditional)

Construction Phase Detail Files (7)

File Purpose
construction/functional-design.md Per-unit functional design
construction/nfr-requirements.md Non-functional requirements per unit
construction/nfr-design.md NFR design decisions
construction/infrastructure-design.md Infrastructure design (conditional)
construction/code-generation.md Code implementation per unit
construction/build-and-test.md Build and test execution

Extension Files (4)

File Purpose
extensions/security/baseline.md Security baseline rules (opt-in)
extensions/security/baseline.opt-in.md Prompt for security extension opt-in
extensions/testing/property-based.md Property-based testing strategy (opt-in)
extensions/testing/property-based.opt-in.md Prompt for property-based testing opt-in

Scripts (3)

Script Purpose
scripts/aidlc-designreview Design review analysis script
scripts/aidlc-evaluator AI-DLC workflow evaluation script
scripts/aidlc-traceability Requirements-to-code traceability script

Output Artifacts (Generated by Agent During Workflow)

Artifact Phase Purpose
audit.md All Running log of all actions and decisions
aidlc-docs/aidlc-state.md Inception Workspace state + extension configuration
aidlc-docs/requirements.md Inception Gathered requirements
aidlc-docs/user-stories.md Inception User stories (conditional)
aidlc-docs/workflow-plan.md Inception Planned implementation units
aidlc-docs/design/ Construction Per-unit design documents
Question files Any phase Multiple-choice Q&A with humans
05

Prompts

awslabs/aidlc-workflows — Prompts

Verbatim Excerpt 1: core-workflow.md — Opening Override and Adaptive Principle

File: aidlc-rules/aws-aidlc-rules/core-workflow.md Technique: Hard override + conditional execution pattern

# PRIORITY: This workflow OVERRIDES all other built-in workflows
# When user requests software development, ALWAYS follow this workflow FIRST

## Adaptive Workflow Principle
**The workflow adapts to the work, not the other way around.**

The AI model intelligently assesses what stages are needed based on:
1. User's stated intent and clarity
2. Existing codebase state (if any)
3. Complexity and scope of change
4. Risk and impact assessment

## MANDATORY: Rule Details Loading
**CRITICAL**: When performing any phase, you MUST read and use relevant content from
rule detail files. Check these paths in order and use the first one that exists:
- `.aidlc/aidlc-rules/aws-aidlc-rule-details/` (typical with AI-assisted setup)
- `.aidlc-rule-details/` (typical with Cursor, Cline, Claude Code, GitHub Copilot)
- `.kiro/aws-aidlc-rule-details/` (typical with Kiro IDE and CLI)
- `.amazonq/aws-aidlc-rule-details/` (typical with Amazon Q Developer)

Prompting technique: Hard command injection ("OVERRIDES all other built-in workflows"). Path-fallback resolution pattern for cross-IDE compatibility. MANDATORY/CRITICAL caps emphasis — iron-law style enforcement.

Verbatim Excerpt 2: core-workflow.md — Extension Opt-In System

File: aidlc-rules/aws-aidlc-rules/core-workflow.md Technique: Deferred loading + conditional enforcement

## MANDATORY: Extensions Loading (Context-Optimized)
**CRITICAL**: At workflow start, scan the `extensions/` directory recursively but load
ONLY lightweight opt-in files — NOT full rule files.

**Loading process**:
1. List all subdirectories under `extensions/`
2. In each subdirectory, load ONLY `*.opt-in.md` files — these contain the extension's
   opt-in prompt. The corresponding rules file is derived by convention: strip the
   `.opt-in.md` suffix and append `.md`
3. Do NOT load full rule files at this stage

**Deferred Rule Loading**:
- During Requirements Analysis, opt-in prompts are presented to the user
- When the user opts IN, load the full rules file at that point
- When the user opts OUT, the full rules file is never loaded — saving context

**Enforcement**:
- Extension rules are hard constraints, not optional guidance
- Non-compliance with any applicable enabled extension rule is a **blocking finding**
  — do NOT present stage completion until resolved

Prompting technique: Deferred/lazy loading of rule context to manage token budget. Blocking gates enforced through "do NOT present stage completion until resolved" — a completion-gate pattern. The .opt-in.md.md naming convention encodes the loading logic in file naming.

Verbatim Excerpt 3: process-overview.md — Session Continuity

File: aidlc-rules/aws-aidlc-rule-details/common/process-overview.md

## Your Team's Role:
• **Answer questions** in dedicated question files using [Answer]: tags with letter
  choices (A, B, C, D, E)
• **Option E available**: Choose "Other" and describe your custom response if provided
  options don't match
• **Work as a team** to review and approve each phase before proceeding
• **Collectively decide** on architectural approach when needed
• **Important**: This is a team effort - involve relevant stakeholders for each phase

Prompting technique: Team-collaboration framing — the agent positions itself as a team member, not an autonomous actor. Q&A format with [Answer]: tags is a structured human-in-the-loop checkpoint.

09

Uniqueness

awslabs/aidlc-workflows — Uniqueness & Positioning

Differs from Seeds

Most similar to kiro (Archetype 5) — both enforce a structured lifecycle with steering files and phase-gated development. However, AI-DLC is cross-IDE (6 IDEs) while kiro is IDE-locked. Also similar to spec-driver and superpowers (Archetype 1) in enforcing phases, but AI-DLC uses rule/steering files rather than skills, and adds a mandatory audit log.

Key differentiators from all seeds:

  1. Six-IDE support: Only framework with explicit, tested support for Kiro, Amazon Q, Cursor, Cline, Claude Code, and GitHub Copilot simultaneously
  2. Adaptive depth calibration: The depth-levels.md mechanism adjusts stage selection to task complexity — not a fixed pipeline
  3. Extension opt-in/opt-out: Security and testing extensions are user-activatable at Requirements Analysis, not always-on — balancing overhead and compliance
  4. Mandatory audit log: audit.md is required output, not optional — creates an auditable record of all agent decisions
  5. Human question file format: Structured A-E multiple-choice Q&A in files — offline/async collaboration pattern vs interactive chat

Distinctive Properties

  1. Rule hierarchy with lazy loading: core-workflow.md → phase detail files → extension files — each layer loaded on-demand, minimizing context cost
  2. Hard override declaration: "OVERRIDES all other built-in workflows" — more assertive than any seed's enforcement model
  3. Blocking gates on extension violations: Non-compliance is explicitly a "blocking finding" — completion halted until resolved
  4. Brownfield vs greenfield adaptation: Reverse Engineering is a first-class stage for brownfield projects

Observable Failure Modes

  • Context fragmentation: Loading 20+ detail files across a long workflow can hit context limits — the lazy loading mitigates but doesn't eliminate this
  • Cross-IDE drift: IDE-specific path resolution adds complexity; if an IDE changes its directory convention, the fallback chain may miss
  • Question file latency: Async Q&A in files is slower than interactive chat; in fast-moving contexts, human response lag becomes the bottleneck
  • Extension enforcement without tooling: The security/testing extensions are enforced via AI judgment, not automated scanners — false negatives are possible

AWS Governance Context

As an awslabs repo with MIT-0 license (no attribution required), AI-DLC is positioned for enterprise adoption without legal friction. The security scanning infrastructure (bandit, checkov, gitleaks) signals enterprise-grade security posture.

04

Workflow

awslabs/aidlc-workflows — Workflow

Three-Phase Adaptive Lifecycle

PHASE 1: INCEPTION

Purpose: Planning, requirements, architecture Always runs: Workspace Detection, Requirements Analysis (adaptive depth), Workflow Planning Conditional: Reverse Engineering (brownfield), User Stories, Application Design, Units Generation

Stage Artifact Gate
Workspace Detection audit.md initialized + initial request logged Auto
Reverse Engineering aidlc-docs/reverse-engineering.md Manual review
Requirements Analysis aidlc-docs/requirements.md Approval gate (human Q&A)
User Stories aidlc-docs/user-stories.md Optional review
Workflow Planning aidlc-docs/workflow-plan.md Approval gate
Application Design aidlc-docs/application-design.md Approval gate
Units Generation Unit list in workflow plan Human selects units

Extension Opt-In: During Requirements Analysis, the agent presents security/testing extension opt-in prompts. User answers A/B/C/D/E format questions to enable/disable extensions.

PHASE 2: CONSTRUCTION (per unit)

Always runs: Code Generation, Build and Test Conditional per unit: Functional Design, NFR Requirements, NFR Design, Infrastructure Design

Stage Artifact Gate
Functional Design aidlc-docs/design/<unit>-functional.md Review
NFR Requirements aidlc-docs/design/<unit>-nfr.md Review
Infrastructure Design aidlc-docs/design/<unit>-infra.md Review
Code Generation Source files Build success required
Build and Test Test results Tests pass required

PHASE 3: OPERATIONS

Status: Placeholder for future deployment/monitoring workflows (not yet implemented)

Approval Gates

Gate Type Format
Requirements sign-off freetext-clarify Human answers in question files with [Answer]: tag
Workflow plan approval file-review Human reviews workflow-plan.md
Architecture approval choice-list A/B/C/D/E multiple choice
Extension opt-in choice-list A (opt in) or B (opt out) per extension

Question Format

The question-format-guide.md mandates a specific format for human interaction:

Question: [Question text]
A) Option A
B) Option B
C) Option C
D) Option D
E) Other (describe)

[Answer]: B

This structured Q&A format is written to files (aidlc-docs/questions/) for async interaction.

Adaptive Depth

The depth-levels.md file defines how to calibrate analysis depth:

  • Simple fixes: skip most conditional stages
  • New features: full inception + selective construction phases
  • Greenfield projects: full three-phase lifecycle
  • Brownfield: adds Reverse Engineering stage
06

Memory Context

awslabs/aidlc-workflows — Memory & Context

State Model

AI-DLC uses file-based persistent state written to aidlc-docs/ in the project directory.

Primary State Files

File Contents Phase
aidlc-docs/aidlc-state.md Workspace state + active extension configuration + current phase All
audit.md Running log of ALL actions, decisions, and stage completions All (mandatory)
aidlc-docs/requirements.md Gathered requirements Inception
aidlc-docs/workflow-plan.md Planned units and sequencing Inception
aidlc-docs/design/<unit>-*.md Per-unit design documents Construction
Question files Human-answered Q&A checkpoints Multiple phases

Session Continuity

The common/session-continuity.md detail file defines how to resume interrupted sessions:

  • At session start, read aidlc-docs/aidlc-state.md to determine current phase
  • Read audit.md to understand what has been completed
  • Read any open question files to see pending human responses
  • Resume from the last incomplete stage

This enables cross-session handoff — the state persists between agent sessions.

Context Budget Management

The rule-loading architecture explicitly manages context budget:

  1. Core rule only at startup: core-workflow.md is small; detail files loaded on demand
  2. Extension lazy-loading: Only *.opt-in.md files loaded initially; full extension rules only on user opt-in
  3. Progressive loading per phase: Phase-specific detail files loaded when entering that phase
  4. Reference files loaded on-demand: common/ files loaded at workflow start; per-phase files loaded as needed

Memory Persistence

  • Type: File-based (aidlc-docs/ directory)
  • Persistence: Project-scoped (files in project repo)
  • Replay: Yes — audit.md provides a full replay log

No Vector Store or Database

All state is in markdown files. No SQLite, no vector database, no external service.

07

Orchestration

awslabs/aidlc-workflows — Orchestration

Multi-Agent

No. AI-DLC is a single-agent sequential workflow. No multi-agent patterns.

Orchestration Pattern

Sequential with adaptive depth: stages run in order (Inception → Construction → Operations), but within each phase the agent decides which stages to execute based on task complexity assessment.

Isolation Mechanism

None. No worktrees, containers, or process isolation. The workflow runs in the existing project directory.

Multi-Model

No. AI-DLC is model-agnostic (works with any underlying model in Claude Code, Kiro, Cursor, etc.) but does not route different models to different roles.

Execution Mode

Interactive-loop: Each phase requires human approval before proceeding. The workflow pauses at each phase gate waiting for human input in question files.

Cross-IDE Portability

High (within same framework). The rule-loading strategy checks multiple paths in priority order:

  1. .aidlc/aidlc-rules/aws-aidlc-rule-details/
  2. .aidlc-rule-details/
  3. .kiro/aws-aidlc-rule-details/
  4. .amazonq/aws-aidlc-rule-details/

This allows the same rules to work across 6 IDEs by auto-detecting the current environment.

Extension System

The extension system is a form of conditional orchestration:

  • User opts in/out of security and testing extensions at Requirements Analysis
  • Extension rules become "hard constraints" once enabled — blocking further progress if violated
  • Extensions run at every subsequent phase, not just the one where they were enabled

Consensus

Human-in-the-loop (not automated consensus). The approval gates require human response in structured question files before proceeding.

08

Ui Cli Surface

awslabs/aidlc-workflows — UI/CLI Surface

Dedicated CLI Binary

None for end users. The workflow is accessed through the hosting IDE (Kiro, Claude Code, Cursor, etc.).

Analysis Scripts (for maintainers/evaluators)

Script Purpose
scripts/aidlc-designreview Design review analysis
scripts/aidlc-evaluator Evaluate AI-DLC workflow adherence
scripts/aidlc-traceability Trace requirements to code

These are bash scripts intended for AI-DLC maintainers and reviewers, not end users.

IDE Integration Surfaces

IDE Integration Method UI Surface
Kiro IDE .kiro/steering/ steering files Kiro steering panel
Amazon Q Developer .amazonq/rules/ Q Developer rules panel
Cursor .cursorrules or rules dir Cursor rules system
Claude Code .claude/ directory Claude Code context
GitHub Copilot .github/copilot-instructions.md Copilot instructions
Cline Cline rules directory Cline interface

Question File Interface

The primary human interaction mechanism is structured question files:

  • Agent writes questions to aidlc-docs/questions/<phase>-questions.md
  • Human responds using [Answer]: A format
  • Not a web UI — just markdown files edited by the human

Documentation

The README and Method Definition Paper (external URL) provide the primary documentation surface.

Observability

audit.md: The mandatory audit log provides full observability into what the agent did at each phase — decisions made, stages completed, questions asked and answered, extension compliance status.

Pre-commit security scanning: .pre-commit-config.yaml with bandit, checkov, gitleaks, grype, semgrep provides automated security observability for the repo itself.

Related frameworks

same archetype · same primary tool · same memory type

claude-mem (thedotmack) ★ 78k
A8 Cross-runtime harness

Background worker service captures every tool call as an observation, AI-compresses sessions, and auto-injects relevant past…

pi (badlogic/earendil) ★ 55k
A8 Cross-runtime harness

A minimal, hackable, multi-provider terminal coding agent that adapts to your workflows via npm-installable TypeScript Extensions…

Agent Skills (Addy Osmani) ★ 46k
A8 Cross-runtime harness

Encodes senior-engineer software development lifecycle as 23 auto-routed skills and 7 slash commands for any AI coding agent.

wshobson/agents Plugin Marketplace ★ 36k
A8 Cross-runtime harness

Single Markdown source for 83 domain-specialized plugins that auto-generates idiomatic artifacts for five AI coding harnesses.

TabbyML/Tabby ★ 34k
A8 Cross-runtime harness

Self-hosted AI coding assistant server (alternative to GitHub Copilot) with admin dashboard, RAG-based completions, and multi-IDE…

Compound Engineering ★ 17k
A8 Cross-runtime harness

Make each unit of engineering work compound into easier future work via brainstorm→plan→execute→review→learn cycles.