# Server-side vs client-side tools on Amazon Bedrock (2026)

Anchors: [What's New — AgentCore Gateway server-side tool execution (Feb 2026)](https://aws.amazon.com/about-aws/whats-new/2026/02/amazon-bedrock-server-side-tool-execution-agentcore-gateway/), [Server-side tool use](https://docs.aws.amazon.com/bedrock/latest/userguide/tool-use-server-side.html), [AgentCore Gateway overview](https://aws.amazon.com/bedrock/agentcore/faqs/).

| Dimension | Client-side tool loop | Server-side custom Lambda (Responses API) | Server-side AgentCore Gateway |
|-----------|----------------------|-------------------------------------------|-------------------------------|
| Who runs the tool | Your app / edge | Bedrock invokes Lambda | Bedrock → Gateway → targets |
| Protocol boilerplate | You implement model ↔ tool loop | MCP-shaped Lambda `tools/list` + `tools/call` | Gateway translates MCP ↔ OpenAPI / Lambda / Smithy |
| Multi-tool discovery at scale | Manual catalog in prompt | Limited to registered Lambdas | **Semantic search** (`x_amz_bedrock_agentcore_search`) |
| Auth surface | App credentials | Same IAM as caller on Lambda | Gateway **OAuth + IAM** |
| Streaming tool results | DIY | Yes (Responses API) | Yes + optional SSE progress |
| When to choose | Tight control, low tool count | Few trusted Lambdas, no Gateway yet | Many enterprise APIs, shared tool estate |

## Opinionated default

- **≤5 tools, team owns orchestration** → keep client-side or single Lambda tools.
- **≥10 tools / multiple teams / OAuth SaaS APIs** → AgentCore Gateway with server-side execution.
- **Need deterministic policy on every tool call** → Gateway + IAM; do not bounce tokens through the browser for tool RAM.

## Anti-patterns

- Putting hundreds of tool schemas in the system prompt (tool overload / wrong selection).
- Mixing classic Agents Classic orchestration with Responses server-side Gateway without a cutover plan (Agents Classic entered maintenance in the June 2026 lifecycle batch).
