Search⌘ K
AI Features
Home
Courses
Introduction to Generative AI and Amazon Bedrock

AgentCore Services

Explore how to configure and integrate Amazon Bedrock AgentCore services for AI agents. Learn setup of built-in tools like code interpreter, web browser, and file system, configure Gateway for centralized access, manage persistent memory across sessions, and secure authentication with AgentCore Identity. Understand how these components combine into production-grade agent architectures that are scalable and secure on AWS.

We'll cover the following...

AgentCore changes how teams build AI agent infrastructure, moving from custom infrastructure to managed AWS services. The previous lesson covered what each AgentCore service does and when to use it. This lesson focuses on configuring, invoking, and integrating each service. You’ll start with built-in tools such as the code interpreter, web browser, and file system. Then you’ll configure AgentCore Gateway for centralized tool access, AgentCore Memory for cross-session persistence, and AgentCore Identity for secure credential delegation. Finally, you’ll combine these services into one architecture. You’ll configure each service through AWS APIs and scope access with IAM policies, following a managed-service approach that uses AgentCore’s managed capabilities instead of building and operating custom infrastructure for the same functions.

Built-in tools and code interpreter

AgentCore provides ready-to-use tools that agents can invoke directly, eliminating the need to write custom Lambda functions for common capabilities. These built-in tools are attached to agent action groups through configuration rather than code, and each one runs within a managed execution environment with enforced security boundaries.

The three built-in tools

Three built-in tools ship with AgentCore, each targeting a distinct class of agent tasks:

  • Code interpreter: This tool executes agent-generated Python in a fully sandboxed environment isolated from the host system and network. It handles data analysis, chart generation, file processing, and multi-step computations that exceed what direct LLM reasoning can reliably perform.

  • Web browser: This tool retrieves and parses web content on behalf of the agent, enabling real-time information gathering with network isolation controls that restrict which domains the agent can access.

  • File system: This tool provides scoped read and write access to structured data, allowing agents to persist intermediate results or consume input files within tightly controlled permission boundaries.

Each tool is attached to a Bedrock Agent action group by specifying the tool type in the action group configuration. The agent’s orchestration layer then discovers and invokes these tools during reasoning, just as it would invoke any other action group.

Code interpreter

The code interpreter deserves particular attention because it extends an agent’s capabilities beyond text generation into executable computation. When an agent determines that a task requires calculation, data transformation, or visualization, it generates Python code and submits it to the interpreter. Each execution runs in its own ...