Module Overview
This module focuses on running agents on a managed runtime. Amazon Bedrock AgentCore provides microVM isolation, memory, a tool gateway, identity, browser and code-execution sandboxes, and policy-based guardrails — all framework-agnostic.
Learning Objectives
- Describe AgentCore Runtime's microVM isolation and session model.
- Use AgentCore Memory, Gateway, and Identity in an agent deployment.
- Deploy agents via the AgentCore CLI on an ARM64 runtime.
- Enforce guardrails with Cedar policies and orchestrate multi-agent systems on AgentCore.
Topics Covered
Amazon Bedrock AgentCore
- Overview and the agentic AI stack
- AgentCore Runtime — microVM isolation, session management, execution windows (framework-agnostic: LangGraph, CrewAI, LlamaIndex, Strands, OpenAI Agents SDK)
- Building and integrating agents (Strands Agents framework; integrating LangGraph)
- AgentCore Memory — short-term, long-term, and cross-session persistence
- AgentCore Gateway — exposing APIs, Lambda functions, and MCP servers as agent tools, with managed inbound/outbound auth
- AgentCore Identity — IAM, OAuth, user-delegated access, and secrets management
- AgentCore Browser and Code Interpreter — web automation and secure code execution
- Deploying agents to production — AgentCore CLI, CodeBuild, ECR, ARM64 runtime
- Multi-agent orchestration — supervisor patterns and A2A
- AgentCore Observability — CloudWatch, X-Ray, OTEL, and third-party monitoring
- AgentCore policy and guardrails — Cedar policies and real-time tool-call interception
Key Concepts & Terminology
MicroVM isolation, tool gateway, agent identity, Cedar policy, OTEL tracing.
Tools & Frameworks Referenced
Amazon Bedrock AgentCore (Runtime, Memory, Gateway, Identity, Browser, Code Interpreter), Strands Agents, Cedar, CloudWatch, X-Ray, OpenTelemetry.
Prerequisites
Modules 20–22 (function calling, MCP, LangGraph, A2A).