Building AI Agents with Amazon Bedrock AgentCore Runtime: A Complete Setup Guide
Amazon Bedrock AgentCore Runtime represents a significant leap forward in deploying AI agents at scale. This serverless platform enables developers to run AI agents with extended execution times, session isolation, and built-in observability. In this blog, we'll walk through a complete setup of a Bedrock AgentCore sample application that demonstrates the platform's capabilities.
What is Bedrock AgentCore Runtime?
Bedrock AgentCore Runtime is AWS's serverless container platform specifically designed for AI agents. Unlike traditional serverless functions with strict time limits, AgentCore supports workloads up to 8 hours, making it perfect for complex AI workflows that require extended processing time.
Key Features
- Extended Execution: Up to 8-hour workloads for complex AI tasks
- Session Isolation: Each user session runs in a dedicated microVM
- Framework Agnostic: Compatible with LangGraph, Strands, CrewAI, or custom frameworks
- Model Flexibility: Works with any LLM (Bedrock, OpenAI, etc.)
- Built-in Observability: Integrated CloudWatch monitoring
Architecture Overview
The sample application consists of three main components:
- CDK Infrastructure Stack: Creates ECR repository and IAM execution roles
- AI Agent Runtime: Containerized agent using the Strands framework
- Memory Integration: Bedrock Memory for conversation continuity
┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐
│ CDK Stack │ │ AgentCore │ │ Bedrock │
│ │ │ Runtime │ │ Memory │
│ • ECR Repo │───▶│ │───▶│ │
│ • IAM Roles │ │ • Agent Container│ │ • Session Store │
│ • Permissions │ │ • Strands Agent │ │ • Context │
└─────────────────┘ └──────────────────┘ └─────────────────┘
Prerequisites
Before starting, ensure you have:
- AWS CLI configured with appropriate credentials
- Node.js 18+ and npm
- Python 3.10+
- AWS CDK v2 installed globally:
npm install -g aws-cdk - Docker (optional, for local testing)
Required AWS Permissions
Your AWS credentials need these permissions:
bedrock-agentcore:*-
iam:CreateRole,iam:AttachRolePolicy ecr:CreateRepositorycloudformation:*logs:*
Also, you would have to enable Claude 4 model in your region:
Infrastructure Setup with CDK
The CDK stack creates the necessary AWS resources:
ECR Repository
const agentRepository = new ecr.Repository(this, 'AgentRepository', {
repositoryName: 'bedrock-agentcore-sample',
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
IAM Execution Role
const executionRole = new iam.Role(this, 'AgentCoreExecutionRole', {
assumedBy: new iam.ServicePrincipal('bedrock-agentcore.amazonaws.com'),
inlinePolicies: {
AgentCorePolicy: new iam.PolicyDocument({
statements: [
new iam.PolicyStatement({
actions: [
'bedrock:InvokeModel',
'bedrock-agent:CreateEvent',
'bedrock-agent:GetMemory',
'logs:CreateLogGroup',
// ... additional permissions
],
resources: ['*'],
}),
],
}),
},
});
Agent Implementation
The core agent uses the Strands framework with Bedrock Memory integration:
from bedrock_agentcore import BedrockAgentCoreApp
from strands import Agent
import boto3
app = BedrockAgentCoreApp()
agent = Agent()
@app.entrypoint
def invoke(payload):
user_message = payload.get("prompt", "Hello!")
session_id = "custom-session-12345678901234567890123"
# Memory integration for conversation continuity
memory_client = boto3.client('bedrock-agent', region_name='eu-central-1')
# Store user message and retrieve context
# Get agent response with enhanced context
# Store agent response for future context
return {"result": result.message, "sessionId": session_id}
Deployment Process
The deployment is automated through a Python script that handles both infrastructure and agent deployment:
1. Infrastructure Deployment
npm install
npx cdk bootstrap --region eu-central-1
npx cdk deploy
2. Agent Deployment
cd agent
pip install bedrock-agentcore strands-agents bedrock-agentcore-starter-toolkit
agentcore configure -e my_agent.py --region eu-central-1
agentcore launch
3. Once deployed, you will see the runtime in AgentCore interface:
Configuration Details
The agent configuration is managed through .bedrock_agentcore.yaml:
default_agent: my_agent
agents:
my_agent:
name: my_agent
entrypoint: my_agent.py
platform: linux/arm64
aws:
region: eu-central-1
network_configuration:
network_mode: PUBLIC
observability:
enabled: true
Memory Integration
One of the standout features is the integration with Bedrock Memory for conversation continuity:
# Store conversation events
memory_client.create_event(
memoryId=MEMORY_ID,
actorId=ACTOR_ID,
sessionId=session_id,
eventTimestamp=datetime.utcnow(),
payload={"message": user_message, "role": "user"}
)
# Retrieve conversation context
memory_response = memory_client.get_memory(
memoryId=MEMORY_ID,
actorId=ACTOR_ID,
sessionId=session_id
)
Testing Your Agent
Once deployed, test your agent:
cd agent
agentcore invoke '{"prompt": "What can you help me with?"}'
Bonus deployment
Let's quickly add CloudFront and Api Gateway with Lambda that will call this agent:
Lambda looks like:
import json
import boto3
import uuid
from datetime import datetime
def handler(event, context):
try:
# Parse request
body = json.loads(event['body'])
prompt = body.get('prompt', '')
# Create AgentCore client (same region)
client = boto3.client('bedrock-agentcore', region_name='eu-central-1')
# Generate consistent session ID (same as agent uses)
session_id = 'custom-session-12345678901234567890123'
# Call AgentCore Runtime
payload = json.dumps({"prompt": prompt})
response = client.invoke_agent_runtime(
agentRuntimeArn='arn:aws:bedrock-agentcore:eu-central-1:{accountId}:runtime/my_agent-{customString}',
runtimeSessionId=session_id,
payload=payload,
qualifier="DEFAULT"
)
# Parse response
response_body = b''.join(response['response']).decode('utf-8')
response_data = json.loads(response_body)
return {
'statusCode': 200,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, OPTIONS',
'Access-Control-Allow-Headers': 'Content-Type'
},
'body': json.dumps({
'response': response_data['result']['content'][0]['text'],
'sessionId': session_id
})
}
except Exception as e:
print(f"Error: {str(e)}")
return {
'statusCode': 500,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
'body': json.dumps({'error': str(e)})
}
Api Gateway definition:
I also added CloudFront with S3 as OAC origin. So once visiting our CloudFront url we can see:
Let's test the memory:
Now I open another tab and ask about my name:
Best Practices for Production
Security
- Use least privilege IAM policies
- Implement proper session management
- Enable CloudWatch logging for monitoring
Performance
- Configure appropriate memory and CPU limits
- Use ARM64 platform for cost optimization
- Implement proper error handling and retries
Monitoring
- Enable observability in agent configuration
- Set up CloudWatch alarms for error rates
- Monitor execution duration and costs
Cleanup
To remove all resources:
npx cdk destroy
# Delete the AgentCore Runtime from console or CLI
Conclusion
Bedrock AgentCore Runtime provides a powerful platform for deploying AI agents with enterprise-grade features. The combination of extended execution times, session isolation, and built-in observability makes it ideal for complex AI workflows.
The sample application demonstrates how to:
- Set up infrastructure with CDK
- Deploy agents with memory integration
- Implement conversation continuity
- Monitor and observe agent performance
This setup provides a solid foundation for building production-ready AI agents that can handle complex, long-running tasks while maintaining conversation context across sessions.
For more details, refer to the AWS Bedrock AgentCore Documentation.
Top comments (0)