How I Deployed My First AI Agent to AWS AgentCore

Today I deployed my first AI Agent to production on AWS AgentCore.

I took an agent based on Claude Agent SDK that I built and was running locally with tools and Google integration, and deployed it to the cloud - with all the functionality it already had.

The Process

I already had an AWS account that I had never used. I asked Claude what I needed to do so it could help me deploy the agent.

It guided me step by step: create an IAM user, access key, install AWS CLI, configure and verify the infrastructure.

I launched Claude Code and told it I wanted to deploy the agent to the cloud. It read and learned what was needed, just had to configure an Anthropic API key, and off it went.

It worked for a few minutes, verified everything was working and told me we’re live!

I tried it myself and saw it worked but couldn’t use the Google connection. That needed to be configured separately, obviously I didn’t give up, plan mode and we handle that too. (Thanks Google for making everything complicated)

The final step: a quick Streamlit interface to talk to the agent.

The result: From local agent to production in under an hour - a personal AI assistant that reads and sends emails, updates calendar, works in Drive, summarizes YouTube videos - all running serverless on AWS.

The Combination of Claude Agent SDK and AgentCore

One of the things that helps me learn and implement new things is writing and explaining to myself.

Claude Agent SDK is a framework for building agents - provides Agent loop, tools, context management.

AgentCore is infrastructure for deploying agents. It provides:

• Observability: What the agent does at every step and decision. The SDK has basic Observability (logging, callbacks) but AgentCore adds full CloudWatch traces.
• Gateway: Entry point to the agent (API endpoint)
• Identity: Identity and permissions management
• Memory: Short and long term memory
• Runtime: The environment that runs the agent in the cloud

What Do You Need to Use AgentCore?

Configure AWS Credentials: AWS Access Key ID, AWS Secret Access Key, Region (e.g., us-east-1).

Install AgentCore CLI and AWS CLI for authentication. API key from Anthropic or AWS.

How to Get Credentials?

Go to AWS Console, click your name in the top right corner → Security credentials, scroll to “Access keys” → Create access key. Choose “Command Line Interface (CLI)” → confirm → Create. Copy and save.

Important: Not recommended to create Access Key for root user as it has unlimited permissions.

What to do instead? Separate IAM user: Go to IAM in console, Users → Create user. Name, permissions: “Attach policies directly”, check AdministratorAccess (fine for development, restrict in production). Next → Create user.

Access keys for IAM user: Click on the user you created, Security credentials → Create access key, Command Line Interface (CLI), get keys.

• Root user - Full access to everything including billing and account deletion
• IAM user - Can restrict permissions, easily revoke if exposed

Installation and Verification

After installing AWS CLI, run in terminal:

aws configure

Enter the keys, Default region name, Default output format (json).

Verify:

aws sts get-caller-identity

See your details in the response.

Deploy Files

From the local project folder, install AgentCore. From here Claude Code created the necessary files:

• agentcore_entry.py: Entry point, the file AgentCore runs to call the agent
• .bedrock_agentcore.yaml: Deploy configuration - agent name, region, runtime settings
• policy.json: IAM permissions - what the agent is allowed to do in AWS
• .dockerignore, requirements.txt, uv.lock

And finally the moment of truth:

agentcore deploy

What I Used from AgentCore

• Runtime, AgentCore Memory
• CodeBuild Integration - Automatic ARM64 container build in the cloud - no local Docker needed
• Observability: GenAI Dashboard, CloudWatch Logs (all prints and errors), X-Ray traces (tracking every request - what happened, how long it took, where it got stuck)
• IAM Auto-Setup - All agent permissions: Execution Role for runtime, CodeBuild Role for building, ECR Repository for images
• Secrets Manager Integration - Connecting ANTHROPIC_API_KEY from Secrets Manager to runtime

Additional options I didn’t use: Gateway (turn APIs into tools), Evaluations (automated agent tests), Identity (when there are multiple users).