Machine Learning

Deploy AI agents on Amazon Bedrock AgentCore using GitHub Actions

by
by 0 comments
Deploy AI agents on Amazon Bedrock AgentCore using GitHub Actions

Recently, AWS announced Amazon Bedrock AgentCore, a flexible service that helps developers intuitively create and manage AI agents across different frameworks and models, whether they are hosted on Amazon Bedrock or other environments. Specifically, AgentCore Runtime provides a secure, serverless, and purpose-built hosting environment to deploy and run AI agents or tools. AgentCore is runtime framework agnostic, working seamlessly with popular frameworks like Langgraph, Strands, and CrewAI to deploy your AI agents and tools with automatic scaling and built-in security.

In this post, we demonstrate how to use a GitHub Actions Workflow AgentCore to automate the deployment of AI agents at runtime. This approach provides a scalable solution with enterprise-level security controls, providing full continuous integration and delivery (CI/CD) automation. By implementing a comprehensive pipeline, we enable seamless agent deployments with AWS best practices, including OpenID Connect (OIDC) authentication, least-privilege access controls, and environmental separation. Our solution facilitates efficient updates to existing agents and integrates continuous security scans and rigorous code quality checks. The result is a robust deployment strategy that helps reduce operational complexity, increase security, and accelerate AI agent development in enterprise environments.

Benefits of Amazon Bedrock AgentCore Runtime

AgentCore Runtime is the ideal service for production agent deployments:

  • Provides a framework agnostic environment to run your agents
  • Works with large language models (LLMs) such as those offered by Amazon Bedrock and Anthropic Cloud
  • Provides session isolation by running each user session in a dedicated microVM with isolated CPU, memory, and file system resources
  • Supports both real-time conversations and long-running workloads up to 8 hours
  • Provides built-in capabilities for authentication and observation

solution overview

We have developed a comprehensive CI/CD pipeline with GitHub Actions that streamlines the deployment of agents in compliance with security standards. Pipelines are available as a ready-to-use solution that can seamlessly integrate with your existing development workflow. The solution includes the following key components:

The following figure shows the architecture for the solution.

Data flow consists of the following steps:

  1. A developer commits code changes from his local repository to the GitHub repository. In this solution, the GitHub action is triggered manually, but it can be automated.
  2. The GitHub action triggers the build phase.
  3. GitHub’s OIDC uses tokens to authenticate with AWS and access resources.
  4. GitHub Actions invokes commands to build and push the agent container image from the Dockerfile directly to Amazon ECR.
  5. AWS Inspector triggers an advanced security scan when an image is uploaded.
  6. An AgentCore runtime instance is created using the container image.
  7. The agent can further query the Amazon Bedrock model and invoke tools according to its configuration.

In the following sections, we walk through the steps to deploy the solution:

  1. Download the source code from the GitHub repo.
  2. Create your agent code.
  3. Set up a GitHub secret.
  4. Create an IAM role and policies.
  5. Create a GitHub Actions workflow.
  6. Trigger and monitor the pipeline.
  7. Verify deployment.

Prerequisites

Before you can use our secure CI/CD pipeline to deploy agents to the AgentCore runtime, verify that you have the following conditions:

download source code

Clone the source code repository: bedrock-agentcore-runtime-cicd

git clone https://github.com/aws-samples/sample-bedrock-agentcore-runtime-cicd.git

The repository folder has the following structure:

bedrock-agentcore-runtime-cicd/
├── .github/
│   └── workflows/
│       └── deploy-agentcore.yml         # file contains the set of action to build and deploy the agent on AgentCore Runtime
│       └── test-agent.yml               # after deployment this file is used to test agent via manual workflow dispatch
├── agents/
│   ├── strands_agent.py                 # uses BedrockAgentCoreApp app that creates an AI agent using the Strands framework with Claude as the underlying model
│   ├── requirements.txt                 # contains dependencies 
├── scripts
│   ├── create_iam_role.py               # IAM role required for Bedrock AgentCore Runtime
│   ├── deploy_agent.py                  # deploys a custom agent to AWS Bedrock's AgentCore Runtime platform, which allows you to run containerized AI agents on AWS infrastructure 
│   └── setup_oidc.py                    # OIDC setup for Github Authentication and Authorization to access AWS account to deploy required services
│   └── cleanup_ecr.py                   # keeps 9 recent images in ECR registry, can be customized
│   └── create_guardrail.py              # setup minimum guardrail for content filtering, can be customized according to use case
│   └── test_agent.py                    # contains test cases
└── Dockerfile                           # contain instructions to build Docker image
└── README.md

create agent code

Build your agent with the framework of your choice using the AgentCore Runtime Toolkit. The toolkit uses BedrockAgentCoreApp to build an application that provides a standardized way to package your AI agent code into a container that can run on the AgentCore Runtime managed infrastructure. It also uses app.entrypointA Python decorator that marks a function as the main entry point. When an Amazon Bedrock agent receives an incoming API request, this function fetches and processes the user’s request. In this sample agent code, when someone calls your Amazon Bedrock agent using the API, the AgentCore runtime will automatically call the strands_agent_bedrock(payload) function.

In this post, we use agents/strands_agent.py File to create an agent using the Strands Agents Framework:

"""
This module defines a conversational AI agent that can perform calculations
using the Strands framework.
"""
from bedrock_agentcore.runtime import BedrockAgentCoreApp
from strands import Agent
from strands.models import BedrockModel
from strands_tools import calculator
# Initialize the Bedrock AgentCore application
app = BedrockAgentCoreApp()
# Configure the Claude model for the agent with guardrail
model_id = "us.anthropic.claude-sonnet-4-20250514-v1:0"
# Load guardrail ID if available
guardrail_config = None
try:
    with open("guardrail_id.txt", "r", encoding="utf-8") as f:
        guardrail_id = f.read().strip()
        if guardrail_id:
            guardrail_config = {
                "guardrailIdentifier": guardrail_id,
                "guardrailVersion": "1",
            }
            print(f"Loaded guardrail: {guardrail_id}")
except FileNotFoundError:
    print("No guardrail file found - running without guardrail")
model = BedrockModel(model_id=model_id, guardrail=guardrail_config)
# Create the agent with tools and system prompt
agent = Agent(
    model=model,
    tools=(calculator),
    system_prompt="You're a helpful assistant. You can do simple math calculation.",
)
@app.entrypoint
def strands_agent_bedrock(payload):
    """
    Main entrypoint for the Bedrock AgentCore Runtime.
    This function is called by AWS Bedrock AgentCore when the agent receives
    a request. It processes the user input and returns the agent's response.
    Args:
        payload (dict): Request payload containing user input
                       Expected format: {"prompt": "user question"}
    Returns:
        str: The agent's text response to the user's prompt
    """
    # Extract the user's prompt from the payload
    user_input = payload.get("prompt")
    # Process the input through the agent (handles tool selection and model inference)
    response = agent(user_input)
    # Extract and return the text content from the response
    return response.message("content")(0)("text")
if __name__ == "__main__":
    # Run the application locally for testing
    # In production, this is handled by Bedrock AgentCore Runtime
    app.run()

Set GitHub Secret

The GitHub Actions workflow must access the resources in your AWS account. In this post, we use the IAM OpenID Connect identity provider and IAM roles with IAM policies to access AWS resources. OIDC lets your GitHub Actions workflows access resources in AWS without the need to store AWS credentials as long-lived GitHub secrets. These credentials are stored as GitHub secrets in your GitHub repository settings under Mystery Option. For more information see Using secrets in GitHub actions.

Create IAM roles and policies

To run agents or tools in the AgentCore runtime, you need an IAM execution role. For information about creating an IAM role, see Creating an IAM role.

In this post, we create the required trust policy and execution role for the AgentCore runtime. See IAM Permissions for AgentCore Runtime for more details.

The following code is for the AgentCore runtime trust policy:

{
  "Version": "2012-10-17",
  "Statement": (
    {
      "Sid": "AssumeRolePolicy",
      "Effect": "Allow",
      "Principal": {
        "Service": "bedrock-agentcore.amazonaws.com"
      },
      "Action": "sts:AssumeRole",
      "Condition": {
            "StringEquals": {
                "aws:SourceAccount": "accountId"
            },
            "ArnLike": {
                "aws:SourceArn": "arn:aws:bedrock-agentcore:region:accountId:*"
            }
       }
    }
  )
}

The following code is for the AgentCore runtime execution role:

{
        "Version": "2012-10-17",
        "Statement": (
            {
                "Effect": "Allow",
                "Action": (
                    "bedrock:InvokeModel",
                    "bedrock:InvokeModelWithResponseStream",
                    "bedrock:Converse",
                    "bedrock:ConverseStream"
                ),
                "Resource": (
                    "arn:aws:bedrock:*::foundation-model/us.anthropic.claude-sonnet-4-*",
                    "arn:aws:bedrock:*::foundation-model/anthropic.claude-*",
                    "arn:aws:bedrock:*:*:inference-profile/us.anthropic.claude-sonnet-4-*",
                    "arn:aws:bedrock:*:*:inference-profile/anthropic.claude-*"
                )
            },
            {
                "Effect": "Allow",
                "Action": (
                    "ecr:GetAuthorizationToken",
                    "ecr:BatchCheckLayerAvailability",
                    "ecr:GetDownloadUrlForLayer",
                    "ecr:BatchGetImage"
                ),
                "Resource": "arn:aws:ecr:::repository/bedrock-agentcore-*"
            },
            {
                "Effect": "Allow",
                "Action": (
                    "logs:CreateLogGroup",
                    "logs:CreateLogStream",
                    "logs:PutLogEvents"
                ),
                "Resource": "arn:aws:logs:*:*:*"
            }
        )
    }

Create GitHub Actions workflow

View the CI/CD workflow file here .github/workflows/deploy-agentcore.yml For details on creating a workflow. The following steps will be executed by the workflow:

  • It uses the default Ubuntu Github runner for a given task in the pipeline.
  • Installs the required dependencies mentioned in the workflow requirement.txt file.
  • It creates the Docker image and deploys it to the ECR repository.
  • The image has been scanned with Amazon Inspector to identify potential vulnerabilities.
  • AgentCore deploys the runtime agent as an endpoint.
  • Tests the agent endpoint to verify workflow functionality.

Trigger and Monitor Pipeline

This pipeline can be triggered by changing a code in the agent folder or manually using the workflow dispatch option. This may further change depending on your organization’s branch strategy. update code in .github/workflows/deploy-agentcore.yml To change this trigger behavior.

line pipe

detailed steps

testing agent

Once the agent is deployed, we will verify its functionality by triggering testing agent Workflow manually through workflow dispatch option.

test agent pipeline

testing agent

AgentCore runtime version and endpoint

Amazon Bedrock AgentCore implements automated versioning for the AgentCore runtime and lets you manage various configurations using endpoints. Endpoints provide a way to reference specific versions of the AgentCore runtime. For more details and sample code, see AgentCore runtime versions and endpoints.

cleanliness

To avoid future charges, complete the following steps:

  1. Delete ECR images from Amazon ECR console created through deployment using GitHub Actions.
  2. Delete an agent deployed in the AgentCore runtime.

conclusion

In this post, we demonstrated a comprehensive approach to using GitHub Actions for more secure and scalable deployment of AI agents on the AgentCore runtime. Our solution provides a robust, automated, and controlled environment for generative AI applications, solving critical enterprise deployment challenges by automating dependency management, implementing continuous code quality checks, performing comprehensive vulnerability scanning, and facilitating consistent deployment processes. By removing infrastructure complexities, this pipeline helps developers focus on agent logic and functionality, while providing a framework-agnostic approach that supports seamless management of multiple AI agents at scale. As AI agents continue to transform enterprise capabilities, this solution represents a significant step toward streamlining AI agent development and operational management, offering a standardized, secure, and efficient deployment mechanism for modern generative AI applications.

As a next step, you can use Amazon Queue to intelligently enhance and optimize your AI agent deployment pipeline, transforming your CI/CD processes with advanced, context-aware automation.

About the authors

Praful Gupta There is an Assoc. Delivery Consultant at AWS based in Gurugram, India. Having started his professional journey with Amazon a year ago, he specializes in DevOps and Generative AI solutions, helping customers in their cloud transformation journey. Outside of work, she enjoys networking with fellow professionals and spending quality time with family. Connect on LinkedIn here: linkedin.com/in/prafffulgupta11/

-Anshu Bathla AWS has a key consultant – SRC, based in Gurugram, India. He works with clients across a variety of verticals to help strengthen their security infrastructure and achieve their security goals. Apart from work, Anshu likes reading books and gardening in her home garden. Connect on LinkedIn here: http://linkin.com/in/anshu-bathla/

Related Articles

Databricks announces New York R&D Hub

Getting AI governance right without slowing everything down

Scaling content review operations with multi-agent workflow

7-Eleven’s Journey to Unity Catalog Success

Top 10 Python Libraries for AI and Machine...

Enterprise AI Agent Trends | Databricks Blog

2025 in Review: Databricks SQL, faster for every...

Axi Bio and Databricks: Accelerating AI-powered liquid biopsies...

Agent Bricks Knowledge Assistant Now Generally Available: Transforming...

Alibaba Just Open-Sourced Voice Cloning That Works in...

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.