Amazon Web Services has a new message for enterprises: AI agents are ready for work. Not someday. Not after three more strategy decks and a committee named “AI Transformation Council.” Now.
But AWS’s latest announcements also reveal the awkward truth behind the hype. Agents can move fast. Very fast. Sometimes too fast. So AWS is not just handing them the keys to enterprise systems. It is building the roads, traffic lights, seat belts, dashcams, and, yes, the occasional emergency brake.
At AWS Summit New York, the company rolled out a broad package of agentic AI updates. The announcements covered developer tools, cloud operations, security, enterprise search, business assistants, and the increasingly important “context layer” that helps agents understand what a company actually means when it says “customer,” “policy,” “deployment,” or “don’t break production, please.”
That last part matters. A model without context is just a very confident stranger in your data center. AWS wants to fix that.
The New Battle Is Not Bigger Models. It Is Better Context.
For the past two years, AI companies have shouted about model intelligence. Bigger models. Faster models. Cheaper models. More dazzling demos. More rabbits from more hats.
AWS is now leaning into a different argument: enterprise agents do not fail mainly because they lack brainpower. They fail because they lack context.
In its Amazon Bedrock AgentCore announcement, AWS says many agents underperform because they cannot reach the information, tools, feedback loops, and controls they need to do the full job. A support agent cannot explain a refund policy if that policy lives in SharePoint and the agent cannot access it. A research agent cannot produce a current market brief if it cannot reach fresh web information. A finance agent cannot make the best recommendation if key data sits behind a paid feed.
That is the boring-sounding problem that decides whether agents become useful coworkers or expensive autocomplete with a lanyard.
AWS’s answer is a stack of tools that lets agents reach internal knowledge, public web data, paid information, and production feedback. The company is trying to make context a managed service, not a six-month engineering scavenger hunt.
AWS Context Enters the Knowledge Graph Race
One of the biggest pieces is AWS Context, described by VentureBeat summaries as a knowledge graph service that learns from how agents use enterprise data instead of relying only on manual curation.
That is a big deal if it works as advertised.
Traditional knowledge graphs can be powerful, but they often need heavy human effort. Teams define entities, relationships, rules, and labels. Then someone maintains the whole machine. This can turn into database bonsai: beautiful, precise, and exhausting.
AWS appears to be pitching a more automatic version. According to accessible summaries of the VentureBeat report, AWS Context can infer relationships across datasets, business rules, and domain knowledge, then improve over time based on which sources agents use and trust. It is also described as integrating with AWS data services such as Glue Data Catalog, SageMaker Unified Studio, and third-party sources through APIs.
That puts AWS into the “context layer” race alongside vendors trying to make enterprise data more agent-ready. The prize is enormous. If agents cannot understand company-specific context, they stay trapped in toy demos. If they can, they start touching real workflows.
And that is where everyone starts sweating.
AgentCore Gives Agents More Places to Look
AWS’s Bedrock AgentCore updates aim to give agents three major knowledge lanes.
First, there is organizational knowledge through Bedrock Managed Knowledge Base. AWS says companies can connect sources such as SharePoint, Google Drive, Confluence, S3, and internal wikis. AgentCore then manages the vector store, embeddings, reranking, scaling concerns, and retrieval work. Translation: fewer custom pipelines, less duct tape, fewer engineers whispering “why is this chunking strategy cursed?” at midnight.
Second, there is Web Search on AgentCore. AWS says this lets agents retrieve current public information while keeping queries inside the customer’s AWS security and compliance boundary. It also says the search system combines public web information with Amazon’s proprietary knowledge graph for structured facts and real-time information.
Third, there is paid knowledge. AWS is connecting AgentCore payments with AWS WAF AI traffic monetization. The idea is simple: agents need access to premium content, and content owners need a way to allow, block, or charge for that access.
This is not just search. It is AWS sketching the commercial plumbing for an agent economy.
Agents That Learn Without Becoming Chaos Goblins
AWS also wants agents to improve after deployment. That sounds obvious. It is not.
Many production failures do not look like failures. The dashboard stays green. The agent smiles politely. Meanwhile, it confirms an action it never took, invents availability after an API timeout, or skips an approval step. No stack trace. No alarm. Just silent nonsense wearing a blazer.
AgentCore’s new optimization features target that problem. AWS says the platform can analyze production traces, surface failure patterns, cluster user intents, and group task trajectories. In plain English, it watches what agents actually do across many sessions and tries to spot recurring trouble.
Then comes the repair loop. AgentCore recommendations can suggest changes to system prompts and tool descriptions. Batch evaluation can test those changes against a defined dataset. A/B testing can split live traffic between agent versions before teams fully commit.
That matters because prompt changes are often treated like folk medicine. Someone tweaks a sentence, hopes for the best, and calls it “iteration.” AWS is trying to make agent improvement more like software engineering and less like seasoning soup in the dark.
Coding Agents Get Cloud Smarter
AWS is also going after developers directly with Agent Toolkit for AWS. The toolkit helps AI coding assistants work more effectively with AWS services by giving them access to current AWS documentation, APIs, workflows, and best practices.
The DEV Community article says the toolkit works with assistants such as Claude Code, Codex, Cursor, Kiro, and other Model Context Protocol-compatible agents. Its components include an AWS MCP Server, Agent Skills, and Agent Plugins.
The MCP Server acts as a bridge between agents and AWS services, APIs, documentation, monitoring tools, and operational data. Agent Skills provide curated knowledge packages for implementation guidance, troubleshooting, service recommendations, and workflow instructions. Plugins help connect supported coding tools to AWS capabilities.
This solves a very real problem. Coding agents can write plausible infrastructure code that is wrong, outdated, insecure, or just weird. Cloud platforms change constantly. Best practices move. Services evolve. Pricing changes. Permissions bite.
An agent that knows yesterday’s AWS can create tomorrow’s outage.
AWS is trying to make coding agents less like overexcited interns and more like junior cloud engineers who actually read the runbook.
DevSecOps Becomes the Main Event
The flashiest enterprise angle may be DevSecOps. According to TechTarget, AWS announced or previewed several agentic tools at Summit New York.
AWS Continuum expands earlier security-agent work with threat modeling and more vulnerability management features. AWS DevOps Agent release management expands root-cause analysis into automatic testing and validation before production. AWS Transform continuous modernization targets technical debt by finding and fixing issues such as framework upgrades, dependency patches, and version updates.
That is a lot of automation aimed at the software delivery pipeline.
The pitch is seductive. Let agents detect vulnerabilities, validate fixes, prepare releases, modernize codebases, and prevent bad deployments before humans finish their coffee. Lovely. Also terrifying.
TechTarget quoted AWS executives and analysts describing a market moving from vulnerability detection toward “detect, validate, fix, verify” workflows. That phrase matters. It suggests security tools are no longer content to shout, “There is a fire.” They now want to grab the hose.
Whether enterprises are ready for that is another matter.
Guardrails Are Not an Add-On. They Are the Product.
Fast Company made the sharpest observation: AWS is promising more autonomous agents while also releasing a pile of tools designed to monitor, constrain, validate, and sometimes undo them.
That is not a contradiction. It is the whole game.
In Fast Company’s interview, AWS vice president of agentic AI Swami Sivasubramanian argued that safeguards are not an admission of weakness. They are how organizations can trust agents at scale. He framed the goal as replacing manual friction with policy-driven controls that operate at modern speed.
AWS’s AgentCore policy enhancements follow that logic. The company says Bedrock Guardrails integration can evaluate agent actions for prompt injection attempts, harmful content, and sensitive data exposure. These checks run at the gateway layer, outside the agent’s own code and context.
That distinction is crucial. If a guardrail lives inside the agent’s prompt, the agent may reason around it, misunderstand it, or get manipulated. If enforcement happens at the gateway, the system can make a deterministic allow-or-deny decision.
The agent can improvise. The policy gate does not have to.
Autonomy, But With Adult Supervision
AWS’s definition of autonomy is careful. It does not mean “the agent does whatever it wants.” It means the agent can take action over time while staying aligned with business goals, policies, and escalation rules.
That is less magical. It is also more believable.
Fast Company reported that AWS’s security capability begins in “learn mode” and moves toward autonomous enforcement as confidence grows. That feels like the right pattern. Watch first. Learn the environment. Prove value. Then expand authority.
This also explains why release management, audit trails, observability, IAM policies, CloudWatch, CloudTrail, and gateway controls keep showing up across AWS’s agent announcements. Enterprises do not just need agents that act. They need agents whose actions can be limited, traced, reviewed, and explained.
The uncomfortable truth is that “fully autonomous” remains a marketing fog machine in many enterprise settings. Companies still own the outcome when an agent breaks production, leaks data, approves the wrong workflow, or “fixes” a system into a ditch.
Humans may approve fewer individual actions. They do not escape accountability.
That is the grown-up version of agentic AI. Less sci-fi robot employee. More controlled delegation with receipts.
GitHub’s Head Start No Longer Looks Untouchable
AWS is also making this push while GitHub faces pressure. TechTarget notes that GitHub has had a major head start with Copilot, but reliability concerns and billing frustration have opened the door for competitors.
That does not mean enterprises will rip out GitHub tomorrow. Large companies do not casually move code repositories like someone changing coffee shops. Brownfield migration is painful. Toolchains have roots.
But AWS does not need everyone to abandon GitHub. It just needs companies to source more agentic capabilities from AWS, especially if those companies already run workloads, data lakes, security tooling, and developer infrastructure on AWS.
That is the strategic wedge. AWS can say: your code runs here, your data lives here, your policies live here, your observability lives here, so why should your agents live somewhere else?
It is classic platform gravity. The more pieces AWS controls, the more convenient it becomes to build the next piece there too.
Convenience is not always destiny. But in enterprise software, it wins more often than idealists like to admit.
The Big Bet: Agents Need Infrastructure More Than Demos
The broader story is simple. AWS is betting that the agent era will not be won by the flashiest chatbot. It will be won by whoever provides the boring infrastructure that makes agents useful, governable, and safe enough for real work.
That includes context graphs. Managed knowledge bases. Web search. Paid-data access. Coding-agent toolkits. DevSecOps automation. Runtime harnesses. Policy gateways. Guardrails. Monitoring. Trace analysis. A/B testing. Audit trails.
Yes, that list sounds like someone emptied a cloud architect’s junk drawer. But it is also what production requires.
The next phase of AI agents will be less about “Can it do the task once in a demo?” and more about “Can it do the task every day, with current information, correct permissions, recoverable errors, measurable quality, and logs that do not make compliance teams develop a facial twitch?”
AWS’s answer is clear: agents need a workplace. Not just a model.
And AWS would very much like to be the landlord.
Sources
- AWS: New in Amazon Bedrock AgentCore — Build agents with broader knowledge and continuous learning
- DEV Community: Agent Toolkit for AWS — Making AI Coding Agents Smarter in the Cloud
- TechTarget: AWS AI Agents hone DevSecOps chops amid GitHub troubles
- Fast Company: AWS says AI agents can work on their own. It’s also building tools to keep them in line
- VentureBeat: AWS enters the context layer race with a graph that learns from agents, not manual curation
