We use cookies for our website. By continuing to browse the site, you agree to our use of cookies.

Home Blog News What’s New in Amazon Bedrock AgentCore: Creating Agents with a Broader Knowledge Base and Continuous Learning

What’s New in Amazon Bedrock AgentCore: Creating Agents with a Broader Knowledge Base and Continuous Learning

Source: aws.amazon.com/blogs

The foundational models powering modern agents are incredibly capable. They can analyze complex problems, plan multi-step workflows, and generate highly detailed responses. However, most agents operate far below their true potential. The bottleneck isn’t intelligence—it’s access to the necessary context and feedback loops.

A customer support agent tasked with answering questions about a company’s return policy cannot help if it lacks access to the SharePoint document where that policy is defined. A research agent compiling a market overview will provide an incomplete picture if it cannot retrieve up-to-date information beyond its training data. A financial advisory agent will deliver suboptimal recommendations if the real-time market data it requires is hidden behind a paywall it cannot bypass. Furthermore, most teams lack a systematic way to know whether their agents are performing better or worse post-deployment.

A powerful model is merely a starting point. What makes an agent truly effective in production is access to everything required to complete a full job: the right knowledge, resources for action, and feedback loops for continuous improvement.

On June 17, AWS introduced new capabilities for Amazon Bedrock AgentCore—a platform designed for building, connecting, and optimizing agents. In this post, AWS experts explain how these features bridge every gap: connecting agents to organizational, web, and premium knowledge; helping teams find and fix production errors; and implementing controls that scale alongside evolving agent capabilities. Together, they will help developers build more powerful agents faster, manage them with scalable controls, and continuously improve them.

Agents That Know and Encompass More

AI agents on AgentCore feature built-in access to three tiers of knowledge, each expanding what agents can encompass and achieve.

The Organizational Knowledge Tier: Amazon Bedrock Managed Knowledge Base

The most valuable corporate data is scattered across SharePoint, Google Drive, Confluence, S3, and internal wikis. Traditionally, making this data accessible to agents required building custom ingestion pipelines, configuring retrieval, and keeping data synchronized. This meant months of engineering effort before an agent could answer a basic business question.

Bedrock Managed Knowledge Base is now available on AgentCore to offload this heavy lifting from developers. Users simply connect their unstructured data sources, and AgentCore handles the rest. AWS manages the vector store, embeddings, and re-ranking models used during retrieval, as well as scalability challenges like rate limiting, so engineering teams can focus on building agents rather than maintaining pipelines. At its core is an agentic retriever that goes far beyond traditional RAG. Instead of merely searching for text snippets closest to the query, it plans queries across enterprise knowledge bases, connects related concepts across different documents, evaluates intermediate results, and re-ranks them before delivering an answer. For complex, multi-part queries covering several topics at once, the agentic retriever provides significantly broader and more complete coverage than basic search. The agent transitions from answering “I don’t have access to this” to providing a synthesized response grounded in real business knowledge—without the need to build pipelines or tune search parameters.

The World Knowledge Tier: Web Search on AgentCore

Internal knowledge has its gaps. Regulations change, markets fluctuate, and competitors constantly launch new products. To perform at their best, agents need to understand what is happening in the world outside the organization—for research, fact-checking, customer service, and market intelligence.

The AWS team introduced Web Search—a new tool for developers building AI agents. It delivers information from the web while keeping data within the customer’s secure AWS environment. Built on the same Amazon search infrastructure that powers Alexa+, Amazon Quick Suite, and Kiro, Web Search is optimized for agentic retrieval, returning high-value snippets that maximize information density per token. It also employs a multi-source grounding approach, combining public web information with Amazon’s proprietary Knowledge Graph. This graph appends structured entity data, verified facts, and real-time information such as stock prices or sports scores. Web Search on AgentCore keeps queries within AWS security and compliance boundaries, removing the need to onboard third-party vendors or handle extra orchestration, authentication, and billing tasks. Whether developers are building research agents verifying public sources, compliance agents tracking regulatory changes, or simply ensuring model responses remain up to date, AI can now analyze the live internet just as easily as it accesses internal knowledge.

“At Sony, we are building an enterprise AI agent platform on AgentCore, where teams across different business units can develop, share, and reuse AI agents—ranging from knowledge assistants to workflow automation agents—each tailored to their specific needs. Our corporate knowledge is distributed across repositories like SharePoint, Confluence, and Amazon S3, encompassing complex documents such as PDFs, presentations, and spreadsheets containing charts and graphs. Now that Bedrock Managed Knowledge Base and Web Search are available in AgentCore, we can equip agents with advanced search tools and live web grounding under a unified governance model, without building these capabilities from scratch. This accelerates our vision of transforming how people work, leveraging AI as a company-wide catalyst.”
Masahiro Ohba, Senior General Manager, Sony Group Corporation

The Premium Knowledge Tier: AgentCore Payments and AI Traffic Monetization via AWS WAF

The best information isn’t always free. Financial market streams, licensed research, proprietary datasets, premium APIs. If an agent lacks access to paid resources, it delivers a suboptimal response, and the user will never know what was missed.

Accessing paid content is a two-sided challenge: agents need a way to pay, and providers need a way to get paid. AgentCore Payments, announced in preview last month, addresses the agent side, enabling agents to discover, access, and settle payments for premium services and content directly during task execution. AI Traffic Monetization via WAF, now generally available, solves the provider side, giving content owners the ability to control agent access: block it, allow it, or charge for it. Since both features run on the same platform, providers using WAF automatically recognize agents verified on AgentCore. The result is a trusted channel: lower friction for verified agents and fair compensation for providers. Together, these capabilities build the infrastructure for both sides of the agent economy, allowing them to access everything, not just what happens to be free.

Want to implement a modern AI infrastructure within the AWS ecosystem? Contact Wise IT specialists, an official AWS partner, for a free consultation:

Agents That Learn from Every Interaction

Giving agents better access to knowledge is only half the equation. Developers also need to know whether an agent is actually achieving its goals, and catch it quickly when it isn’t.

This is harder than it sounds. The most dangerous agent failures aren’t the ones that throw errors. They are the ones that look perfectly fine on dashboards: an agent confirming an order modification it never executed; an agent hallucinating product availability when an API times out; or an agent skipping an approval step while dashboards show a 99% success rate. These failures generate no error logs. They surface through customer complaints weeks later, often after thousands of sessions have been impacted. And even when teams realize something is wrong, fixing it is mostly guesswork. Developers tweak a prompt, adjust a tool description, or modify orchestration logic, hoping it helps, without a structured way to know if the change actually improved things or quietly broke something else.

AWS announced new optimization capabilities in AgentCore that turn production traces into continuous improvement. Together, they form a closed loop: understanding what agents are actually doing, generating data-driven fixes, validating them before release, and confirming their effectiveness.

Understanding What Agents Do: Available in preview starting today, AgentCore tools provide rich insights into failures, user intents, and task trajectories across hundreds of sessions, uncovering patterns that no single dashboard or individual trace review could reveal. Failure analysis identifies recurring patterns of failure, including “silent” behavioral anomalies that emit no error signals, deeply explains their root causes, and ranks them by impact so developers can instantly see which problems harm users most and prioritize fixing them. Intent insights group queries based on what users were actually trying to accomplish, giving teams a true picture of agent usage. Trajectory insights cluster the paths agents take during execution, helping to detect standard workflows and anomalies. Users can enable continuous monitoring with daily or weekly reports or launch targeted investigations after a deployment or a surge in complaints, getting results within minutes.

Fixing with Confidence: Once you know what needs to change, recommendations and A/B testing (now generally available) help you take action. Recommendations analyze traces and evaluation results, proposing specific enhancements to system prompts and tool descriptions based on actual agent behavior. Batch evaluation runs these recommendations against a designated test dataset and generates aggregate scores, allowing developers to catch regressions before changes reach production. A/B testing provides a controlled comparison between agent versions using live traffic distribution, delivering clear evidence that a change performs well in production before it is fully promoted. This works seamlessly regardless of where agents run: on the AgentCore runtime, AWS Lambda, Amazon EKS, or non-AWS environments.

This is what continuous improvement looks like when it is built directly into the platform.

“At FUJISOFT, we build AI agents to accelerate software development and operations. Our Character Capsule framework packages agent roles, skills, and procedures into reusable capsules that run on local coding tools like Copilot and Kiro, or scale to multi-agent orchestration on AgentCore. As we deployed more agents, our biggest challenge was ‘silent’ failures that looked normal but surfaced later, making troubleshooting pure guesswork. The optimization features in AgentCore changed everything. They analyze our production traces to identify failure patterns, explain why they occur, and rank them by impact. We then receive recommendations to enhance our prompts and tool descriptions, which we can A/B test on live traffic before committing. Upgrading agents is now a continuous, data-driven cycle rather than trial and error.”
Kazumi Matsuda, Senior Manager, AI Advancement Department, FUJISOFT

Stronger Controls as Agent Capabilities Grow: New Policy Enhancements

More capable agents mean a larger attack surface. Furthermore, agents introduce a security challenge unprecedented in traditional software: they are probabilistic. Agents make judgments, and judgments can be influenced by context. The new vulnerability vector isn’t the corporate network—it’s the agent’s context, where prompt injection and memory poisoning require no hacking skills, only persuading the agent to make a flawed judgment.

The way to secure something probabilistic is to use something deterministic: not another brain, but guardrails around it. Policy capabilities in AgentCore already provide deterministic, real-time controls that dictate what an agent can and cannot do with tools and data at the gateway layer. AWS is expanding these capabilities with Bedrock Guardrails integration (now generally available), which evaluates every agent action for prompt injection attempts, harmful content, and sensitive data leaks. These checks run at the gateway level, external to the agent’s execution code, meaning the agent cannot see them within its context, cannot reason its way around them, and cannot convince itself that they don’t apply.

Guardrails are the first of many detection signals that AgentCore policies can act upon—and they won’t be limited to the platform’s native tools. Soon, AgentCore will allow developers to stream detection signals from leading security providers, including Check Point, Zscaler, Rubrik, Netskope, and SentinelOne, into those same policies. The underlying principle remains identical regardless of the signal source: while detection may be probabilistic, policy enforcement is always deterministic, executing a definitive “allow” or “deny” decision based on defined thresholds. Because every tool and context source on AgentCore passes through the gateway, any new capability an agent gains is automatically managed under this identical security layer.

From Idea to Working Agent in Minutes: AgentCore Harness Now Available

An agent is more than just a model. If the model is the brain, the harness is the body: everything the brain needs to get the job done. It drives the orchestration loop, invokes tools, manages the context window, maintains state across steps, recovers from errors, and isolates individual sessions. The harness shapes an agent’s execution performance just as much as the model itself. Building a robust harness is where most teams spend their time today.

The AgentCore harness, generally available today, delivers all of this foundational infrastructure as a fully managed service. Instead of writing loop code, users define an agent via configuration: the model it leverages, the tools it calls, the skills it accesses, and the instructions it follows. AgentCore assembles and executes this loop automatically. From this single definition, you can spin up a working agent in minutes, operating within its own isolated sandbox environment. It comes equipped with a file system and shell, cross-session memory, pre-built skills (including an AWS-curated catalog), and web browsing capabilities. This isn’t just a boilerplate starter tool your organization will quickly outgrow; this initial configuration is exactly what you can scale into full production. And when you require custom orchestration, you can export your harness into code while staying on the exact same platform, without rebuilding anything from scratch.

Beyond speed, this unlocks genuine choice that the market doesn’t yet offer. Current harness alternatives lock developers into specific silos. Open-source options force teams to self-host and maintain the harness; managed services lock users into proprietary environments; and model-provider harnesses are strictly optimized for their own models. AWS engineers have decoupled the harness from the model, allowing you to select any model and switch between them mid-session without altering the agent’s logic. As the frontier of technology moves and the optimal model for a task changes, your agent’s foundation remains untouched.

Choice is only part of the value. Because the harness is integrated into a single platform rather than being a separate hosting layer wrapped around a framework, it reaches tools through the very same gateway that enforces security policies and connects the agent to organizational knowledge, web search, and premium services. Identity, memory, and observability all derive from this same platform, meaning every action the agent takes is governed and tracked from the very first call, with no extra plumbing required. The agent you declare on day one is the agent you run on day one thousand, built on the exact same foundation throughout.

“Twilio customers are building AI agents that operate across voice, text, and digital channels, featuring real-time intelligence and persistent memory that make every interaction feel conversational. By pairing the AgentCore harness with Twilio Conversations, developers can go from idea to live agent without re-engineering infrastructure. The best customer experiences happen when great AI and great communications infrastructure are built together.”
Omar Paul, VP of Product, Twilio

Getting Started

The following capabilities are generally available today: AgentCore harness, Bedrock Managed Knowledge Base, Web Search, Guardrail integration, recommendations, and A/B testing. Insights and payments are available in preview.

Want to implement a modern AI infrastructure within the AWS ecosystem? Contact Wise IT specialists, an official AWS partner, for a free consultation: