As we continue to see AI agents progress in their capabilities and versatility, I've been hearing from developers that most of their experience deploying agents remains local and experimental. Whether you're developing agents with tools like Strands Agents, Crew AI, LangGraph and others, the fact of the matter is moving from PoC to production-ready is mystifying, if not impossible at scale.
In this post I'll cover some basics on a new AWS service to address this and my first experience using it.
Now, as we look at this challenge I mentioned with PoC → Production, it's not surprising to see the preview launch of Amazon Bedrock AgentCore trying to fill this much needed gap for developers.
For those who aren't aware, on July 16th AWS announced AgentCore to enable developers to deploy AI agents at scale using the well know ideals of a flexible, scaleable infrastructure and essential security controls (amongst other things).
Of the many interesting things to come with this announcement is a somewhat unique mental model for an AWS service- AgentCore presents itself as a modular (think Lego pieces) toolbox of components allowing developers to pick what components they need and use them together or independently as their use case changes.
In addition to its modularity, AgentCore is attempting to set itself apart by offering both model and agent framework choice (i.e., you don't have to use Amazon Bedrock and you can use open source frameworks).
Understanding AgentCore Components 🧩
Here's a simple breakdown of the 7 AgentCore components that are in preview:
- AgentCore Runtime: a secure, serverless runtime for deploying and scaling AI agents and tools using any open-source framework, any protocol, and any model.
- AgentCore Identity: a secure, scalable agent identity and access management capability. Compatible with existing identity providers, eliminating needs for user migration or rebuilding authentication flows.
- AgentCore Memory: provides support for both short-term memory for multi-turn conversations and long-term memory that can be shared across agents and sessions.
- AgentCore Code Interpreter: enables agents to securely execute code in isolated sandbox environments. Offers advanced configuration support and seamless integration with popular frameworks.
- AgentCore Browser: provides a fast, secure, cloud-based browser runtime to enable AI agents to interact with websites at scale.
- AgentCore Gateway: a secure way for agents to discover and use tools along with easy transformation of APIs, Lambda functions, and existing services into agent-compatible tools.
- AgentCore Observability: helps developers trace, debug, and monitor agent performance in production through unified operational dashboards. Support for OpenTelemetry compatible telemetry and detailed visualizations of each step of the agent workflow.
As of this post, the preview for Bedrock AgentCore is currently only available in US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), and Europe (Frankfurt).
My experience with AgentCore Runtime 🔨
I took a day to hack with AgentCore knowing absolutely nothing about it, and though I can't say it was a completely user-friendly experience, I'll walkthrough some areas I did enjoy and what I hope the team working on it can improve as it prepares for general availability.
I started my AgentCore journey by going to the place I figured had the best setup for a true beginner: the official AWS Samples GitHub, from here there were several options for what I wanted to learn-
1) Hosting Agents on Runtime
2) Hosting an MCP Server on Runtime
3) Advanced Concepts
4) Hosting TypeScript based MCP on Runtime
I opted for the first option and the tutorials here come in three flavors as seen below
I've been working quite a bit with the Strands Agents framework and wanted to use my Antropic API key, so I followed the OpenAI example for my hack as it was the closest to what I wanted to do.
Note: While I'm usually a fan of Jupyter Notebooks I found this one a bit challenging to follow and noticed it adds a lot of complexity to what is already a somewhat complex service to use. I've given feedback to the team but wanted to share my 2 cents if you're also using some of these notebook tutorials.
The example in the notebook creates a tool for the agent which I opted out of and instead use a pre-existing Strands tool for AWS use. My code looks a bit different than what you'll find in the notebook. For context here is what my agent.py file looks like and how I prepared it for use with AgentCore Runtime.
⚠️Note: The
use_awstool looks for my AWS profile locally to authenticate using~/.aws/credentials, you'll need that setup before attempting to use this tool or any others that require AWS account use.
import os
from bedrock_agentcore.runtime import BedrockAgentCoreApp
from strands import Agent
from strands.models.anthropic import AnthropicModel
from strands_tools import use_aws
app = BedrockAgentCoreApp()
model = AnthropicModel(
client_args={
"api_key": os.getenv("api_key"),
},
# **model_config
max_tokens=1028,
model_id="claude-sonnet-4-20250514",params={"temperature": 0.3,}
)
agent = Agent(model=model, tools =[use_aws])
@app.entrypoint
def strands_agent_anthropic(payload):
"""
Invoke the agent with a payload
"""
user_input = payload.get("prompt")
response = agent(user_input)
return response.message["content"][0]['text'].replace('\\n', '\n')
if __name__ == "__main__":
app.run()
Main things to highlight here are lines of code you need in order to prepare your agent to work with Runtime, they're listed in the notebook, but I'll share here for simplicity as well:
- Import the Runtime App with
from bedrock_agentcore.runtime import BedrockAgentCoreApp - Initialize the App in your code with
app = BedrockAgentCoreApp() - Decorate the invocation function with the
@app.entrypointdecorator - Let AgentCore Runtime control the running of the agent with
app.run()
Once this is complete I need to deploy the agent to Runtime. This can be done in one of two ways, either manually (several more steps, more to manage and requires experience with docker) OR using the AgentCore starter toolkit which is a CLI toolkit that manages a lot of the deployment steps for you. For those that want to maintain full control over their agent's implementation, this section of the documentation describes how to deploy agents to Runtime without the toolkit.
Using the starter toolkit the next steps are fairly straightforward.
1) Configure the agent with default values using: agentcore configure -e agent.py in the terminal.
2) Host the agent in Runtime using: agentcore launch in the terminal.
If all goes well on the backend I should see a success message on the terminal that looks like this:
To invoke the agent I can use agentcore invoke '{"prompt": "how many VPCs do I have in us-west-2?"}' in the terminal (this is an example prompt for my particular agent which uses a Strands tool to extract information in my AWS account)
Looks like everything is working well because I can see the results from that agent interaction in my terminal:
Now let me quickly cover the painpoints I discovered along the way...
Challenges, pain points etc. 😵💫
In using the sample notebooks there is no mention of enabling observability for the agent which is a requirement as stated in step 1 of the getting started documentation.
TLDR; you need to enable CloudWatch Transaction Search in order for AgentCore Runtime to properly invoke your agent.
- This led to several hard to debug/track invokation errors in my terminal.
My particular agent was performing a boto3 operation using EC2 and thus required IAM permissions that are not default. Finding the IAM execution role for the agent to edit these permissions was particularly tricky.
- FYI you can find this agent execution role in one of three ways:
1) Searching the IAM AWS console for “agentcore'” and working backwards to find the role
2) Open the hidden yaml file generated at time of configuration and look under ‘execution role’
3) Navigate to the AgentCore AWS console → agent runtime → agent name → versions → IAM service role
Overall once I was setup correctly to use Runtime things did work smoothly and the start toolkit was valuable, however there is still a lot of room for folks to get tripped up when using this and unfortnatley the examples themselves need some sharpening to avoid common pitfalls.
In the coming weeks I'm looking to explore other components of AgentCore such as Memory and Gateway so stay tuned for that.
Don't forget to give me a 🦄 if you got this far and let me know what else you'd like to see a write up on in the comments!
Top comments (0)