Connecting AI Agents to Private Resources: A Guide to Amazon Bedrock AgentCore VPC Egress
Understanding AgentCore Gateway VPC Egress
Key Terminology in VPC Connectivity
How AgentCore Gateway VPC Egress Functions
Managed VPC Resource Mode: Simplified Setup
Self-Managed Lattice Resource Mode: Enhanced Control
Getting Started with AgentCore Gateway VPC Egress
Connecting to a Private Amazon API Gateway
Integrating with a Private MCP Server on Amazon EKS
Accessing a Private REST API Endpoint
Clean Up: Ensuring Resource Management
Conclusion: Enabling Secure Access for AI Agents
Next Steps: Exploring Further Opportunities
About the Authors
Unlocking Internal APIs with Amazon Bedrock AgentCore VPC Connectivity
In today’s era of rapidly advancing AI technology, integrating AI agents within a robust production environment is a necessity. However, many organizations face challenges when these agents need access to internal APIs, databases, and other private resources secured behind Amazon Virtual Private Cloud (Amazon VPC). The complexity of managing private connectivity for multiple pathways not only hampers deployment speed but also adds significant operational overhead.
Introducing Amazon Bedrock AgentCore VPC Connectivity
Amazon Bedrock AgentCore VPC connectivity simplifies these complexities by enabling the deployment of AI agents and Model Context Protocol (MCP) servers without exposing network traffic to the public internet. With the integration of managed Amazon VPC egress through the AgentCore Gateway, organizations can seamlessly connect to private endpoints within their AWS environment.
In this blog post, we will guide you through configuring the Amazon Bedrock AgentCore Gateway for secure access to private endpoints using Resource Gateway. You’ll see firsthand how to implement two modes of deployment: managed and self-managed, and we will explore three practical scenarios that will enhance your understanding of this powerful tool.
Key Terms to Know
Before diving deeper into the technical configurations, it’s important to familiarize yourself with the following terms:
-
Resource VPC: The Amazon VPC housing your private resources, such as an MCP server or API endpoint. This VPC is crucial for the AgentCore Gateway’s functionality.
-
AgentCore Gateway Account: This is the AWS account where you manage your AgentCore Gateway resources and may differ from the Resource VPC account.
-
Resource Gateway: Acts as an entry point to your Resource VPC, provisioning Elastic Network Interfaces (ENIs) directly within the specified subnets for secure traffic flow from the AgentCore Gateway.
-
Resource Configuration: Details the specific resource AgentCore Gateway can access through the Resource Gateway. This ensures that only necessary endpoints are accessible, bolstering security.
-
Service Network Resource Association: Connects the resource configuration to the AgentCore service network, allowing private endpoint invocation.
How Does AgentCore Gateway VPC Egress Work?
AgentCore Gateway VPC egress supports two deployment modes:
1. Managed VPC Resource Mode
In this mode, AgentCore Gateway automates the setup process. You simply provide the required VPC ID, subnet IDs, and security groups. AgentCore then manages the Resource Gateway, making it particularly seamless for organizations wanting to integrate quickly. This mode also integrates well with existing network paradigms like VPC peering or AWS Transit Gateway.
Example Architecture:
When you create an AgentCore Gateway Target with managed VPC resource configuration, the request flows through the Resource Gateway to the designated private Amazon API Gateway endpoint, all governed by your security configurations.
2. Self-Managed Lattice Resource Mode
This option gives you full control over the VPC Lattice Resource Gateway and its configurations. While it requires a more in-depth setup process, it provides greater visibility and governance over resources, including the ability to manage associations dynamically.
Example Architecture:
In this mode, you pre-configure Resource Gateway and Resource Configuration. Your AgentCore Gateway Target can then reference these configurations, allowing precise traffic flow and detailed oversight of interactions with private endpoints.
Choosing the Right Mode
Your selection should be based on the architecture’s needs:
| Dimension | Managed VPC Resource | Self-Managed Lattice Resource |
|---|---|---|
| Setup Complexity | Straightforward | Advanced |
| IPv4 Consumption | 1 IP per ENI | Varies depending on configurations |
| Cross-Account Support | Not natively supported | Supported |
| Resource Gateway Lifecycle | Managed by AgentCore | Fully owned and managed by you |
| Governance and Visibility | Limited visibility | Full visibility into configurations |
| Pricing | Per-GB data processing | Includes both hourly charges and data processing fees |
Getting Started with AgentCore Gateway VPC Egress
The focus here will be on the managed VPC resource mode:
-
Prerequisites:
- Familiarity with Amazon VPC, AWS CLI, and Amazon Bedrock services.
- Ensure that your IAM principal has the necessary permissions.
-
Creating an AgentCore Gateway:
To start, run the following command:aws bedrock-agentcore create-gateway \ --name my-gateway \ --role-arn arn:aws:iam:::role/AgentCoreGatewayRole -
Connecting to a Private Amazon API Gateway:
Create a target routing traffic to a private Amazon API Gateway:aws bedrock-agentcore-control create-gateway-target \ --region us-west-2 \ --cli-input-json '{"gatewayIdentifier":"YOUR_GATEWAY_ID","name":"private-apigw","targetConfiguration":{"mcp":{"openApiSchema":{"inlinePayload":"..."}}},"privateEndpoint":{"managedVpcResource":{"vpcIdentifier":"YOUR_VPC_ID","subnetIds":["SUBNET_ID1","SUBNET_ID2"],"securityGroupIds":["SECURITY_GROUP_ID"]}}}' -
Additional Scenarios:
You can also setup targets for a private MCP server on Amazon EKS or access private REST APIs, following similar steps as above.
Clean Up
To avoid additional charges, make sure to delete all resources created during this setup:
aws bedrock-agentcore delete-gateway-target \
--gateway-identifier YOUR_GATEWAY_ID \
--target-id YOUR_TARGET_IDConclusion
As AI technologies play an increasingly vital role in business operations, it’s crucial that AI agents have reliable and secure access to necessary backend services without risking exposure to public networks. Amazon Bedrock AgentCore Gateway VPC egress provides a streamlined approach to enable this connectivity while maintaining high levels of control and security.
Next Steps
- Identify an internal API that could benefit from AI agent interactions.
- Review your existing Amazon VPC architecture and determine the best mode for your context.
- Check out the Amazon Bedrock AgentCore Gateway documentation for more configuration options and an exploration of advanced topics on GitHub.
About the Authors
Eashan Kaushik – Specialist Solutions Architect AI/ML at Amazon Web Services, focusing on cutting-edge generative AI solutions.
Thomas Mathew Veppumthara – Senior Software Engineer with nearly a decade of expertise in distributed systems and generative AI technologies.
Rohin Meduri – Software Engineer working on Amazon Bedrock AgentCore with interests in AI development and music production.
Explore the power of Amazon Bedrock AgentCore and ensure your AI solutions are seamlessly integrated into your private networks!