Agentic AI Lens - AWS Well-Architected

Agents reason, not only respond: A single user request might trigger multiple LLM inference calls, tool invocations, memory retrievals, and inter-agent communications, each adding latency, cost, and failure surface. Traditional request-response optimization doesn't address iterative reasoning loops.

Agents act autonomously: Agents invoke tools, modify data, and interact with external systems without explicit human instruction at each step. This autonomy demands security controls, permission boundaries, and human oversight patterns purpose-built for autonomous operations.

Agent behavior is stochastic: LLM-powered decisions are inherently non-deterministic, the same input might produce different outputs across invocations. Reliability strategies must account for this through behavioral monitoring, evaluation frameworks, and graceful degradation rather than deterministic testing alone.

Agents collaborate: Multi-agent systems introduce coordination overhead, handoff complexity, and distributed failure modes. Orchestration patterns, communication protocols, and conflict resolution mechanisms become first-class architectural concerns.

Agents remember: Persistent memory across sessions enables personalization and learning, but introduces data integrity, privacy, and cost management challenges that stateless applications don't face.

Bounded autonomy: Every agent operates within explicitly defined scope boundaries, with guardrails that constrain behavior regardless of inputs received (see AGENTSEC04).

Transparency and explainability: Agent decisions are logged, traced, and auditable, enabling teams to reconstruct exactly what happened during any execution (see AGENTOPS05).

Human oversight: Tiered oversight models match the level of human review to the risk and reversibility of each agent action, preserving human judgment where it matters most (see AGENTREL02-BP05).

Goal alignment: Evaluation frameworks continually assess whether agents achieve intended objectives rather than pursuing misaligned goals (see AGENTOPS06).

Organizational sustainability: Agent adoption preserves critical human expertise and institutional knowledge rather than creating dependencies on systems that only original developers understand (see AGENTSUS03).

Amazon Bedrock provides access to foundation models from multiple providers, Anthropic, OpenAI, Meta, Amazon, Mistral, NVIDIA, and others, with built-in capabilities for guardrails, knowledge bases, prompt management, and model evaluation.

Amazon Bedrock AgentCore provides purpose-built infrastructure for deploying and operating agents at scale. AgentCore is framework-agnostic and model-agnostic. It is designed to support agentic frameworks such as Strands Agents, LangGraph, CrewAI, or your own, alongside major model providers. Its capabilities include Runtime for serverless agent hosting, Gateway for MCP-compatible tool integration, Memory for managed agent state, Identity for agent authentication, Observability for distributed tracing, Evaluations for quality assessment, and Policy for Cedar-based access control.

Strands Agents is an open source, model-driven framework for building agents with native support for MCP tools, A2A protocol, and multi-agent patterns (Graph, Swarm, and Workflow). Strands supports multiple model providers including Amazon Bedrock, Anthropic, OpenAI, Ollama, and others.

MCP and A2A are open protocols for agent-to-tool and agent-to-agent communication that enable interoperability across frameworks, platforms, and the broader agent ecosystem.

Kiro is an agentic IDE that accelerates agent development through spec-driven workflows, steering files for team standards, and hooks for automated quality checks.

Operational excellence: Running and improving autonomous agent systems through systematic operational practices, including prompt lifecycle management, behavioral monitoring, and human-in-the-loop governance.

Security: Securing agent identities, tool access, and data flows while protecting against prompt injection, privilege escalation, and manipulation of autonomous operations.

Reliability: Building agent systems that execute tasks predictably, recover from failures automatically, and maintain partial functionality under adverse conditions.

Performance efficiency: Optimizing cognitive pipelines, model selection, memory access, and multi-agent coordination to deliver responsive and scalable agent performance.

Cost optimization: Designing agents with cost as a primary consideration, right-sizing model and memory capabilities, and implementing full cost visibility.

Sustainability: Building agent systems with modular, reusable architectures that maximize resource efficiency and maintain sustainable adoption patterns.

Designing a new agentic AI system or adding agentic capabilities to an existing application

Reviewing an existing agentic AI deployment for architectural improvements

Evaluating the reliability, security, or cost profile of an agent-based workflow

Establishing organizational standards for agentic AI development and operations

AGENTOPS01: Define agent roles, success criteria, and handoff procedures

AGENTREL02: Design for atomic tasks, least-privilege permissions, and clear instruction protocols

AGENTSEC03: Establish agent identity, least-privilege access, and strong authentication

AGENTSEC08: Validate inputs and filter outputs before going to production

AGENTOPS05: Implement tracing, anomaly detection, and operational dashboards

AGENTOPS06: Establish testing and evaluation frameworks with LLM-as-judge

AGENTPERF02: Optimize cognitive pipelines, model selection, and execution paths

AGENTCOST01: Control reasoning loop costs and multi-agent coordination overhead

AGENTCOST02: Right-size model selection and optimize token consumption

AGENTREL04: Implement arbiter patterns, capability taxonomies, and fallback mechanisms

AGENTPERF05: Optimize orchestration patterns and multi-agent collaboration models

AGENTSEC06: Secure inter-agent communication, trust boundaries, and coordination

AGENTCOST05: Implement cost attribution across multi-agent workflows

AGENTSEC04: Implement guardrails and human-in-the-loop for critical decisions

AGENTSEC07: Protect human oversight and detect rogue agents

AGENTREL06: Integrate with legacy systems reliably with fallbacks and idempotency