Do I need AWS MCP tools to use this skill?

Yes, this skill requires AWS MCP tools for accurate, up-to-date AWS information. If MCP tools are unavailable, follow the aws-mcp-setup path to configure MCP and decide between a full AWS MCP Server or a documentation-based MCP.

Which AWS Bedrock AgentCore services are covered by this skill?

The skill covers Gateway, Runtime, Memory, Identity, plus capabilities like Code Interpreter, Browser, and Observability as part of the AgentCore ecosystem.

How do I verify a deployment?

Use MCP tools to check regional availability and read deployment docs, then verify the target status in the Gateway/Runtime context and run connectivity tests to ensure the agent is reachable and functioning.

aws-agentic-ai

npx machina-cli add skill zxkane/aws-skills/aws-agentic-ai --openclaw

Files (1)

SKILL.md

6.5 KB

AWS Bedrock AgentCore

AWS Bedrock AgentCore provides a complete platform for deploying and scaling AI agents with seven core services. This skill guides you through service selection, deployment patterns, and integration workflows using AWS CLI.

AWS Documentation Requirement

CRITICAL: This skill requires AWS MCP tools for accurate, up-to-date AWS information.

Before Answering AWS Questions

Always verify using AWS MCP tools (if available):
- mcp__aws-mcp__aws___search_documentation or mcp__*awsdocs*__aws___search_documentation - Search AWS docs
- mcp__aws-mcp__aws___read_documentation or mcp__*awsdocs*__aws___read_documentation - Read specific pages
- mcp__aws-mcp__aws___get_regional_availability - Check service availability
If AWS MCP tools are unavailable:
- Guide user to configure AWS MCP using the aws-mcp-setup skill (auto-loaded as dependency)
- Help determine which option fits their environment:
  - Has uvx + AWS credentials → Full AWS MCP Server
  - No Python/credentials → AWS Documentation MCP (no auth)
- If cannot determine → Ask user which option to use

When to Use This Skill

Use this skill when you need to:

Deploy REST APIs as MCP tools for AI agents (Gateway)
Execute agents in serverless runtime (Runtime)
Add conversation memory to agents (Memory)
Manage API credentials and authentication (Identity)
Enable agents to execute code securely (Code Interpreter)
Allow agents to interact with websites (Browser)
Monitor and trace agent performance (Observability)

Available Services

Service	Use For	Documentation
Gateway	Converting REST APIs to MCP tools	`services/gateway/README.md`
Runtime	Deploying and scaling agents	`services/runtime/README.md`
Memory	Managing conversation state	`services/memory/README.md`
Identity	Credential and access management	`services/identity/README.md`
Code Interpreter	Secure code execution in sandboxes	`services/code-interpreter/README.md`
Browser	Web automation and scraping	`services/browser/README.md`
Observability	Tracing and monitoring	`services/observability/README.md`

Common Workflows

Deploying a Gateway Target

MANDATORY - READ DETAILED DOCUMENTATION: See services/gateway/README.md for complete Gateway setup guide including deployment strategies, troubleshooting, and IAM configuration.

Quick Workflow:

Upload OpenAPI schema to S3
(API Key auth only) Create credential provider and store API key
Create gateway target linking schema (and credentials if using API key)
Verify target status and test connectivity

Note: Credential provider is only needed for API key authentication. Lambda targets use IAM roles, and MCP servers use OAuth.

Managing Credentials

MANDATORY - READ DETAILED DOCUMENTATION: See cross-service/credential-management.md for unified credential management patterns across all services.

Quick Workflow:

Use Identity service credential providers for all API keys
Link providers to gateway targets via ARN references
Rotate credentials quarterly through credential provider updates
Monitor usage with CloudWatch metrics

Monitoring Agents

MANDATORY - READ DETAILED DOCUMENTATION: See services/observability/README.md for comprehensive monitoring setup.

Quick Workflow:

Enable observability for agents
Configure CloudWatch dashboards for metrics
Set up alarms for error rates and latency
Use X-Ray for distributed tracing

Service-Specific Documentation

For detailed documentation on each AgentCore service, see the following resources:

Gateway Service

Overview: services/gateway/README.md
Deployment Strategies: services/gateway/deployment-strategies.md
Troubleshooting: services/gateway/troubleshooting-guide.md

Runtime, Memory, Identity, Code Interpreter, Browser, Observability

Each service has comprehensive documentation in its respective directory:

Cross-Service Resources

For patterns and best practices that span multiple AgentCore services:

Credential Management: cross-service/credential-management.md - Unified credential patterns, security practices, rotation procedures

Additional Resources

AWS Documentation: Amazon Bedrock AgentCore
API Reference: Bedrock AgentCore Control Plane API
AWS CLI Reference: bedrock-agentcore-control commands

Source

git clone https://github.com/zxkane/aws-skills/blob/main/plugins/aws-agentic-ai/skills/aws-agentic-ai/SKILL.mdView on GitHub

Overview

How This Skill Works

This skill relies on AWS MCP tooling to fetch up-to-date AWS information and to deploy and manage seven AgentCore services (Gateway, Runtime, Memory, Identity, Code Interpreter, Browser, Observability) via the AWS CLI. It orchestrates credential management, schema optimization, runtime configuration, memory provisioning, and access control, guiding you through deployment patterns and integration steps. You will verify targets and iterate using MCP-assisted documentation as you deploy.

When to Use It

Deploy REST APIs as MCP tools using Gateway
Deploy and scale agents in serverless Runtime
Add and manage conversation memory with Memory
Manage credentials and access with Identity
Monitor, trace, and observe agent performance with Observability

Quick Start

Step 1: Ensure AWS MCP tooling is configured and available (mcp__aws-mcp__* commands).
Step 2: Choose a target service (Gateway, Runtime, Memory, Identity) and prepare resources (e.g., OpenAPI schema in S3, credentials).
Step 3: Deploy the target with MCP/CLI commands and verify target status and connectivity

Best Practices

Always verify AWS MCP tools before answering or deploying
Use MCP to search and read AWS docs and check regional availability
Prepare and upload OpenAPI schemas to S3 and link to Gateway targets
Manage API credentials securely, using credential providers when needed
After deployment, verify target status and test connectivity

Example Use Cases

Deploy a Gateway-target REST API for a product catalog and wire in credentials if using API keys
Launch and scale a conversational agent in Runtime to handle peak traffic
Attach persistence memory to a multi-turn assistant for context retention
Rotate and manage API keys and access with Identity and Secrets Manager
Enable Code Interpreter and Browser workflows with Observability metrics and tracing

Frequently Asked Questions

Add this skill to your agents