Назад към всички

aws-agentic-ai

// AWS Bedrock AgentCore comprehensive expert for deploying and managing all AgentCore services. Use when working with Gateway, Runtime, Memory, Identity, or any AgentCore component. Covers MCP target deployment, credential management, schema optimization, runtime configuration, memory management, and

$ git log --oneline --stat
stars:190
forks:36
updated:January 16, 2026
SKILL.mdreadonly
SKILL.md Frontmatter
nameaws-agentic-ai
aliasesbedrock-agentcore
descriptionAWS Bedrock AgentCore comprehensive expert for deploying and managing AI agents at scale. Use when working with any AgentCore service including Gateway, Runtime, Memory, Identity, Code Interpreter, Browser, Observability, Agent Registry, or Evaluations. Covers agent deployment, MCP tool integration, credential management, agent discovery, governance workflows, and automated quality assessment. Essential when user mentions AgentCore, agent runtime, agent registry, agent evaluation, MCP gateway, deploy agent, register MCP server, discover agents, evaluate agent quality, agent credentials, or wants to build, deploy, catalog, or monitor AI agents on AWS.
contextfork
modelsonnet
skillsaws-mcp-setup
allowed-toolsmcp__aws-mcp__*,mcp__awsdocs__*,mcp__acdocs__search_agentcore_docs,mcp__acdocs__fetch_agentcore_doc,Bash(aws bedrock-agentcore *),Bash(aws bedrock-agentcore-control *),Bash(aws bedrock-agentcore-runtime *),Bash(aws bedrock *),Bash(aws s3 cp *),Bash(aws s3 ls *),Bash(aws secretsmanager *),Bash(aws sts get-caller-identity)
hooks[object Object]

AWS Bedrock AgentCore

AWS Bedrock AgentCore provides a complete platform for deploying and scaling AI agents with nine core services. This skill covers service selection, deployment patterns, and integration workflows using AWS CLI.

How to use this skill: Identify the service(s) the user needs from the table below, then read the corresponding service README before responding. For cross-service patterns (credentials, security, registry integration), check the Cross-Service Resources section. Verify AWS-specific details using the MCP documentation tools.

AWS Documentation Requirement

Always verify AWS facts using MCP tools before answering. Two documentation sources are available:

  • AgentCore-specific docs (mcp__acdocs__*) — bundled with this plugin, provides search_agentcore_docs and fetch_agentcore_doc for AgentCore documentation
  • General AWS docs (mcp__aws-mcp__* or mcp__*awsdocs*__*) — loaded via the aws-mcp-setup dependency for broader AWS documentation

Prefer the AgentCore docs MCP for AgentCore-specific questions. If MCP tools are unavailable, guide the user through the aws-mcp-setup skill's setup flow.

Available Services

ServiceUse ForDocumentation
GatewayConverting REST APIs to MCP toolsservices/gateway/README.md
RuntimeDeploying and scaling agentsservices/runtime/README.md
MemoryManaging conversation stateservices/memory/README.md
IdentityCredential and access managementservices/identity/README.md
Code InterpreterSecure code execution in sandboxesservices/code-interpreter/README.md
BrowserWeb automation and scrapingservices/browser/README.md
ObservabilityTracing and monitoringservices/observability/README.md
Agent RegistryCatalog, discover, and govern agents/tools (Preview)services/registry/README.md
EvaluationsAutomated agent quality assessment (LLM-as-a-Judge)services/evaluations/README.md

Common Workflows

Deploying a Gateway Target

Read services/gateway/README.md before implementing — Gateway setup involves deployment strategies, IAM, and auth choices that vary significantly by use case.

  1. Upload OpenAPI schema to S3
  2. (API Key auth only) Create credential provider and store API key
  3. Create gateway target linking schema (and credentials if using API key)
  4. Verify target status and test connectivity

Credential provider is only needed for API key authentication. Lambda targets use IAM roles, and MCP servers use OAuth.

Managing Credentials

Read cross-service/credential-management.md first — credential patterns differ across services and getting them wrong causes hard-to-debug auth failures.

  1. Use Identity service credential providers for all API keys
  2. Link providers to gateway targets via ARN references
  3. Rotate credentials quarterly through credential provider updates
  4. Monitor usage with CloudWatch metrics

Discovering Agents and Tools (Agent Registry)

Read services/registry/README.md first — the registry has governance workflows, MCP endpoint options, and sync modes that affect how records become discoverable.

  1. Create a registry to catalog your organization's AI resources
  2. Register resources (MCP servers, agents, skills, custom) with descriptive metadata
  3. Submit records for approval (auto-approve for dev, manual for production)
  4. Search and discover approved resources via CLI or MCP endpoint

Agent Registry is in Preview. Available in us-east-1, us-west-2, eu-west-1, ap-northeast-1, ap-southeast-2.

Evaluating Agent Quality

Read services/evaluations/README.md first — evaluators, scoring modes, and IAM setup vary between online monitoring and on-demand testing.

  1. Instrument the agent with OpenTelemetry (ADOT) for trace collection
  2. Create evaluators (use built-in like Builtin.Helpfulness or create custom)
  3. Set up online evaluation with sampling rate and data source
  4. Monitor scores in CloudWatch dashboards; investigate low-scoring sessions

Monitoring Agents

Read services/observability/README.md for the full monitoring setup — observability configuration depends on your Runtime protocol and framework choice.

  1. Enable observability for agents
  2. Configure CloudWatch dashboards for metrics
  3. Set up alarms for error rates and latency
  4. Use X-Ray for distributed tracing

Deep-Dive References

Each service README (linked in the table above) contains sub-links to getting-started guides, troubleshooting, and advanced topics. Start with the service README and follow pointers from there.

Advanced Runtime & OAuth References

Deep-dive reference documentation for Runtime internals, deployment, OAuth integration, and communication protocols. Read these when building production Runtime deployments or configuring OAuth authentication:

  • OAuth Integration: references/agentcore-oauth-integration.md - Three-layer OAuth architecture (Inbound JWT, Outbound Credential Provider, Gateway OAuth), Cognito configuration, supported IdPs, end-to-end CDK examples
  • Runtime Core Mechanisms: references/agentcore-runtime-core.md - Container contract, MicroVM Session model, Agent lifecycle (per-request vs per-session), tool integration (MCP/HTTP), startup flow
  • Runtime Deployment & Operations: references/agentcore-runtime-deploy.md - CDK deployment (L1/L2 constructs), multi-Runtime architecture, security model, observability (OTel/CloudWatch), BedrockAgentCoreApp vs FastAPI comparison
  • Runtime Protocol Reference: references/agentcore-runtime-protocols.md - HTTP, MCP, A2A, AG-UI protocol specifications with container contracts, endpoint specs, and selection guide

Runnable Script Templates

Production-ready templates in scripts/ for common deployment patterns:

ScriptProtocolDescription
Dockerfile.runtime-templateARM64 multi-stage Docker build for AgentCore Runtime
runtime-fastapi-template.pyHTTPFastAPI Runtime with SSE streaming and MCPClient
mcp-server-template.pyMCPMCP Server with Streamable HTTP transport
a2a-server-template.pyA2AA2A Server with Agent Card discovery
agui-server-template.pyAG-UIAG-UI Server with standard AG-UI event stream
gateway-custom-resource-lambda.pyCDK Custom Resource Lambda for Gateway lifecycle

Cross-Service Resources

For patterns and best practices that span multiple AgentCore services:

Additional Resources