What is Amazon Bedrock AgentCore?

Amazon Bedrock AgentCore is AWS's full-stack platform for deploying, operating, and securing production AI agents at enterprise scale. Announced in preview in July 2025 and reaching general availability for core services in early 2026, AgentCore provides eight integrated capabilities: Runtime (serverless agent deployment), Gateway (unified tool access), Memory (context retention across sessions), Identity (authentication and authorization), Browser (web interaction), Code Interpreter (secure code execution), Observability (monitoring and debugging), Evaluations (continuous quality scoring), and Policy (fine-grained control over agent actions). It supports nearly 100 AI models including Claude, GPT-5.4, and Llama.

What is the difference between Amazon Bedrock Agents and AgentCore?

Amazon Bedrock Agents (the original service) allows you to build agents that connect to your APIs and knowledge bases. AgentCore is the enterprise-grade evolution — it adds the infrastructure layer that makes agents production-ready: persistent memory across sessions, fine-grained policy controls that intercept tool calls before execution, continuous quality evaluation, identity management for agent authentication, and a stateful runtime environment. AgentCore is to Bedrock Agents what RDS is to raw EC2 database installs — you can build without it, but production deployments need what it provides.

How does AgentCore Policy work?

AgentCore Policy is a security control layer that intercepts agent tool calls before they execute. You define policies that specify what actions agents are allowed to take, under what conditions, and with what human approval requirements. For example: 'This agent may read from the customer database but not write. It may send emails only to internal addresses. Any action involving over $1,000 requires human approval.' Policies are evaluated in real time as the agent decides to use tools — blocking unauthorized actions before they reach downstream systems. This is critical for deploying agents in regulated industries where unauthorized actions carry legal and financial risk.

How much does Amazon Bedrock AgentCore cost?

Amazon Bedrock AgentCore pricing in 2026 is usage-based. AgentCore Runtime charges per agent invocation and per compute second. Memory charges per storage GB and per retrieval operation. Policy and Evaluations are charged per evaluation run. The underlying model inference (Claude, GPT-5.4, etc.) is billed separately at standard Bedrock model pricing. For small to medium deployments (under 1,000 agent sessions/day), total AgentCore costs are typically $50–$500/month above model inference costs. High-scale enterprise deployments should request AWS pricing for committed-use discounts. There is a free tier for initial development and testing.

Enterprise AIApril 3, 20268 min read

Amazon Bedrock AgentCore: How to Deploy Production AI Agents on AWS in 2026

AgentCore Policy and Evaluations just went generally available — completing AWS's full-stack agent deployment platform. Here is what changed, what it does, and how enterprises are using it to run AI agents safely at scale.

TL;DR

Amazon Bedrock AgentCore reached full GA in April 2026 with Policy and Evaluations now available. It gives enterprise teams a complete platform for deploying production AI agents: serverless runtime, persistent memory, fine-grained policy controls (intercepts tool calls before execution), identity management, continuous quality scoring, and observability. 2M+ SDK downloads in 5 months. Supports 100 models including Claude and GPT-5.4. Critical for regulated industries where agent authorization and audit trails are non-negotiable.

What Just Became Generally Available

In April 2026, AWS announced general availability for two of the most critical AgentCore capabilities: Policy and Evaluations. These were the last major components of the AgentCore platform to reach GA, completing the full enterprise agent deployment stack that AWS has been building since July 2025.

AgentCore Policy allows organizations to define precise behavioral boundaries for AI agents — intercepting tool calls before they execute, blocking unauthorized actions, and requiring human approval for high-stakes operations. Without Policy, enterprises had to build their own authorization layers around agents. With it, agent governance is handled at the infrastructure level.

AgentCore Evaluations provides continuous quality monitoring — scoring agent outputs against custom rubrics, detecting regressions when models are updated, and generating audit-ready reports of agent performance over time. For regulated industries (healthcare, finance, legal), this evaluation trail is now required infrastructure, not optional.

The AgentCore Platform: All 8 Capabilities

Capability	What It Does	GA Status	Key Use Case
Runtime	Serverless agent deployment and execution	GA (2025)	Deploy agents without managing infrastructure
Gateway	Unified tool access and API connections	GA (2025)	Connect agents to internal APIs, databases, SaaS
Memory	Context retention across sessions + episodic memory	GA (early 2026)	Agents that remember past interactions
Identity	Authentication and authorization for agent actions	GA (early 2026)	Secure agent-to-system authentication
Browser	Web interaction for agents	GA (early 2026)	Agents that browse, form-fill, and extract web data
Code Interpreter	Secure sandboxed code execution	GA (early 2026)	Agents that write and run analysis code safely
Observability	Monitoring, tracing, and debugging	GA (early 2026)	Production monitoring and incident response
Evaluations	Continuous quality scoring and regression detection	GA (April 2026)	Audit trails, model-swap safety, quality assurance
Policy	Fine-grained control over agent actions	GA (April 2026)	Enterprise governance, compliance, risk management

Why AgentCore Policy Is the Most Important New Feature

The reason enterprises have been slow to deploy AI agents in production is not model capability — it is control. An agent that can read from a database can also write to it. An agent that can send emails can send them to the wrong recipients. An agent that can execute code can run harmful code.

AgentCore Policy solves this at the infrastructure level. Policies are defined as rules that the AgentCore Runtime enforces before any tool call reaches the underlying system. The agent's language model never sees a "blocked" result — the policy layer prevents the tool call from being made at all.

Example policy rules organizations are using in April 2026:

Financial services: "Agent may read customer account balances. Agent may not initiate any transfer or payment. All actions on customer accounts require logging with timestamp and agent session ID."
Healthcare: "Agent may access de-identified patient data. Agent may not access data for patients not in the current session's authorized list. All data access is logged for HIPAA audit."
HR automation: "Agent may draft offer letters. Agent may not send offer letters without human approval. Salary figures above $150K require VP-level review."
Customer service: "Agent may issue refunds up to $50. Refunds $50–$500 require manager approval. Refunds over $500 require escalation to human agent."

AgentCore Memory: Agents That Learn From Experience

The Memory capability reached GA in early 2026 with a significant new feature: Episodic Memory. Traditional agent memory stores facts about the user and context. Episodic memory stores what the agent did in past sessions — which approaches worked, which failed, what the user preferred — and applies those lessons to future interactions.

Practical example: A data analysis agent that helps a CFO prepare quarterly reports uses Episodic Memory to remember that the CFO always wants a specific format, prefers charts over tables for revenue data, and flagged incorrect rounding in a prior session. The agent applies all of this to the next session without being told again.

Memory also solves the context window problem for long-running agents. Instead of trying to fit months of interaction history into a single context window, AgentCore Memory stores and retrieves relevant past information as structured memory objects — surfacing what is relevant to the current task without overloading the model's context.

AgentCore vs. Competitors: AWS vs. Azure vs. Google

Platform	Agent Platform	Policy Controls	Memory	Model Choice
AWS	Bedrock AgentCore	Native policy layer (GA April 2026)	Episodic + semantic (GA)	100+ models incl. Claude, GPT-5.4, Llama
Microsoft Azure	Azure AI Foundry Agents	RBAC + content filters	Azure AI Memory (preview)	OpenAI, Phi, Mistral, Meta
Google Cloud	Vertex AI Agent Builder	IAM + grounding policies	In-context + external DB	Gemini family + third-party
Anthropic	Claude API + MCP	Prompt-level controls	External (via MCP)	Claude models only

Getting Started: AgentCore SDK in 3 Steps

The AgentCore SDK reached 2 million downloads in its first five months, driven by its straightforward developer experience. Here is the minimal path from zero to a deployed agent:

// Step 1: Install the AgentCore SDK

pip install amazon-bedrock-agentcore

// Step 2: Define your agent with tools and policy

from bedrock_agentcore import Agent, Policy, Tool agent = Agent( model="anthropic.claude-opus-4-6", tools=[read_database, send_email, query_erp], policy=Policy( allow=["read_database"], require_approval=["send_email"], deny=["delete_records", "write_database"] ), memory=True # Enable episodic memory )

// Step 3: Deploy to AgentCore Runtime

agent.deploy( name="customer-service-agent", evaluation_rubric="accuracy,helpfulness,policy_compliance" )

The Runtime handles scaling, logging, memory persistence, and policy enforcement automatically. The agent is accessible via REST API and WebSocket for real-time streaming. Full documentation available at docs.aws.amazon.com/bedrock/agentcore.

Build AI Agents Without AWS Infrastructure

Not on AWS? HappyCapy lets you build and deploy AI agents for your business workflows without managing cloud infrastructure.

Try HappyCapy Free

Related Guides

Sources

AWS News Blog: Introducing Amazon Bedrock AgentCore — aws.amazon.com/blogs/aws
AboutAmazon: New Amazon Bedrock AgentCore capabilities — aboutamazon.com/news/aws
AWS Bedrock AgentCore Documentation — docs.aws.amazon.com/bedrock/agentcore
AI Product Launches News April 2026 — blog.mean.ceo/ai-product-launches-news-april-2026
Amazon Bedrock: AI Platform Guide 2026 — thinkmovesolutions.com