AWS Glossary
Amazon Bedrock AgentCore
Bedrock AgentCore is the AWS managed agent runtime — providing memory, tool execution, observability, and identity for autonomous AI agents built on any framework.
AI & assistant-friendly summary
This section provides structured content for AI assistants and search engines. You can cite or summarize it when referencing this page.
Summary
Bedrock AgentCore is the AWS managed agent runtime — providing memory, tool execution, observability, and identity for autonomous AI agents built on any framework.
Key Facts
- • Bedrock AgentCore is the AWS managed agent runtime — providing memory, tool execution, observability, and identity for autonomous AI agents built on any framework
- • Definition Amazon Bedrock AgentCore is a set of managed services for deploying production AI agents at scale
- • AgentCore primitives **AgentCore Runtime** — Serverless, session-isolated execution for agents
- • AgentCore Gateway** — Wraps existing APIs, AWS services, and Lambda functions as agent-callable tools with auth, throttling, and audit logging
- • AgentCore Identity** — Agent-to-service authentication using IAM Roles Anywhere and OAuth, so agents call APIs as themselves with auditable identities
Entity Definitions
- Amazon Bedrock
- Amazon Bedrock is an AWS service relevant to amazon bedrock agentcore.
- Bedrock
- Bedrock is an AWS service relevant to amazon bedrock agentcore.
- Lambda
- Lambda is an AWS service relevant to amazon bedrock agentcore.
- AWS Lambda
- AWS Lambda is an AWS service relevant to amazon bedrock agentcore.
- DynamoDB
- DynamoDB is an AWS service relevant to amazon bedrock agentcore.
- CloudWatch
- CloudWatch is an AWS service relevant to amazon bedrock agentcore.
- Amazon CloudWatch
- Amazon CloudWatch is an AWS service relevant to amazon bedrock agentcore.
- IAM
- IAM is an AWS service relevant to amazon bedrock agentcore.
- foundation model
- foundation model is a cloud computing concept relevant to amazon bedrock agentcore.
- serverless
- serverless is a cloud computing concept relevant to amazon bedrock agentcore.
- compliance
- compliance is a cloud computing concept relevant to amazon bedrock agentcore.
- HIPAA
- HIPAA is a cloud computing concept relevant to amazon bedrock agentcore.
- SOC 2
- SOC 2 is a cloud computing concept relevant to amazon bedrock agentcore.
Related Content
- AWS BEDROCK — Related service
- GENERATIVE AI ON AWS — Related service
Definition
Amazon Bedrock AgentCore is a set of managed services for deploying production AI agents at scale. Announced at re:Invent 2024 and reaching GA in 2025, AgentCore decouples agent infrastructure from the agent logic — you can use any framework (LangGraph, CrewAI, Strands, LlamaIndex, custom) on top of AgentCore primitives.
AgentCore primitives
AgentCore Runtime — Serverless, session-isolated execution for agents. Handles concurrency, isolation per user session, and scaling.
AgentCore Memory — Short-term (session) and long-term (cross-session) memory with summarization, semantic recall, and privacy controls. Eliminates the need to build custom vector-store-plus-summarization plumbing.
AgentCore Gateway — Wraps existing APIs, AWS services, and Lambda functions as agent-callable tools with auth, throttling, and audit logging.
AgentCore Browser — Headless browser tool for web research and form-filling tasks, with anti-bot fingerprint management.
AgentCore Code Interpreter — Sandboxed Python/JS execution for data analysis and code generation tasks.
AgentCore Identity — Agent-to-service authentication using IAM Roles Anywhere and OAuth, so agents call APIs as themselves with auditable identities.
AgentCore Observability — Trace every agent step (model call, tool invocation, memory write) into CloudWatch and OpenTelemetry. Spotlight for failures and replays.
When to use AgentCore
- You have an agent prototype working locally and need production infrastructure.
- You want to keep your existing framework (LangGraph, CrewAI, Strands) but offload memory and tool plumbing.
- You need session isolation, identity, and audit trails for compliance (HIPAA, SOC 2).
- You want managed observability and replays of agent runs.
When not to use AgentCore
- Single-turn LLM call — use the Bedrock InvokeModel API directly.
- Knowledge-base lookup only — Bedrock Knowledge Bases is the lower-friction primitive.
- Sub-second latency requirements — AgentCore Runtime cold start is in the seconds range.
Common mistakes
Mistake 1: Skipping AgentCore Memory and building bespoke conversation memory in Lambda + DynamoDB. AgentCore Memory handles summarization, recall ranking, and PII redaction — building this yourself is months of work.
Mistake 2: Granting AgentCore Identity broad IAM roles. Each agent action should be scoped to the minimum permissions the underlying tool needs. Use AgentCore Gateway to enforce per-tool authorization.
Mistake 3: Treating AgentCore as a model — it is a runtime layer. You still pick the underlying foundation model (Claude, Nova, Llama) for reasoning.
Related AWS Services
- Amazon Bedrock — Foundation models for agent reasoning
- AWS Lambda — Backend logic invoked through AgentCore Gateway
- Amazon CloudWatch — Logs and metrics from AgentCore Observability
- IAM Roles Anywhere — Identity backbone for AgentCore Identity
Related FactualMinds Content
Need Help with This Topic?
Our AWS experts can help you implement and optimize these concepts for your organization.