AWS uses New York summit to move agents into cloud operations

AWS used its June 18 AWS Summit in New York to move agentic AI into the routine work of cloud teams. AWS Vice President of Agentic AI Swami Sivasubramanian gave the keynote Thursday and tied the announcements to a clear target: agents that can find knowledge and use tools. The same agents need policy controls and release discipline.

AWS changes

AWS added several capabilities to Amazon Bedrock AgentCore, the company's platform for production AI agents. The strongest theme was agent grounding: teams can connect agents to corporate knowledge and web sources. Paid content enters the same architecture through controlled access.

The new Amazon Bedrock Managed Knowledge Base targets enterprise retrieval-augmented generation, or RAG. Developers get native data connectors and Smart Parsing for document preparation. An Agentic Retriever handles complex queries that require more than one step, and AgentCore Gateway connects that retrieval layer to agent workflows.

AWS announced Web Search on AgentCore as a managed tool for current web results with citations. Teams can use it while customer data stays inside the AWS environment. Regulated users need that boundary before they let agents answer questions from live external sources.

AWS WAF added AI traffic monetization for publishers and content owners. They can set a price for bot access and meter use. Payment providers collect fees, and AWS grants scoped access at the edge. Publishers can treat AI crawler access as an application security policy that revenue teams can price.

AgentCore harness reached general availability. Developers define model choices and tool access in configuration. They put skills and instructions there as well, then AWS handles the orchestration loop.

AWS previewed AWS Context, a service that maps relationships across enterprise data into a knowledge graph. Agents can use that graph at runtime to respect business rules and domain context.

Security launches expanded the same pattern. AWS opened a gated preview for AWS Continuum for code vulnerabilities, which ranks findings by business impact and checks exploitability. It then drives fixes through a customer's workflow.

AWS Security Agent, now part of Continuum, added threat modeling in preview and pull request scanning across major Git platforms. Developers can use Kiro and the Claude Code plugin to review and remediate issues inside their coding flow. MCP integrations add another path into the same process.

For builders, AWS introduced Kiro for iOS in gated preview. AWS also added release readiness review to AWS DevOps Agent and previewed continuous modernization in AWS Transform. Those launches point at a larger workflow: start a coding session from a phone and test a release against natural language standards. Teams can send debt fixes as pull requests after they define modernization baselines.

AWS added Amazon S3 annotations, which attach up to 1 GB of mutable, queryable context to S3 objects. AI agents can inspect that context without a separate metadata store, which helps data teams describe lineage and business meaning close to the object.

Provider comparison

AWS now faces Microsoft and Google Cloud in a race to own the agent control plane. Microsoft uses Microsoft Foundry for model and app development. Copilot Studio gives business teams a low-code path for agents inside Microsoft 365 workflows.

Google Cloud positions Gemini Enterprise Agent Platform as a place to build agents and govern them on its AI stack. The Google pitch suits teams that center analytics and AI work around Gemini and BigQuery.

AWS argues from infrastructure ownership. Bedrock and AgentCore sit close to IAM and the AWS data plane, so AWS can sell agent adoption as an extension of controls that cloud teams know.

That split should guide platform choice. Microsoft fits organizations that want agents inside Microsoft 365 and Dynamics workflows. Google Cloud fits teams that center AI work on Gemini and BigQuery. AWS fits companies that keep sensitive data and production operations on AWS.

You need more than model token rates for price comparisons. Agent platforms create charges across retrieval and tool execution. Storage and search add separate lines.

A Bedrock AgentCore plan starts with model calls and runtime use. Retrieval adds ingestion and vector storage. Web Search adds call volume. Teams should include observability event volume in the model. Microsoft buyers need to watch Copilot Studio message capacity and Azure AI Foundry resource costs. Google Cloud buyers should price Gemini token use and BigQuery query volume when agents use warehouse data.

Publishers evaluating AWS WAF monetization need a separate model. Charging bots can offset crawler load. Finance and platform teams then own payment operations and access policy design.

Migration considerations

Teams on AWS should start with identity and data boundaries. Give each agent a role, constrain its tools and log agent actions through the same audit process you use for services.

Move RAG workloads in phases. Put high-value document sets into Managed Knowledge Base first, then compare answer quality and latency against your current vector pipeline. Compare cost after you measure ingestion, storage and retrieval use.

Use Web Search for tasks that need current public facts, such as market research or vendor monitoring. Keep internal policy and customer data in private knowledge systems. Put source code behind stricter controls.

S3 annotations fit data lakes with weak metadata discipline. Start with one bucket or prefix, attach business context to objects, then measure how agents and analysts use it.

For security, treat Continuum and AWS Security Agent as a workflow change. Security teams should define risk scoring rules before developers see automated pull requests. Development leads should decide who approves agent-generated fixes and which tests block release.

For Kiro for iOS, set rules for mobile approvals. Developers may start or steer sessions from a phone. Code review still needs repository policy, test evidence and traceable approval.

Repo owners need baselines before they let AWS Transform run continuous modernization. They should define accepted frameworks and patterns, then use Transform to create pull requests against that standard.

Business impact

AWS wants customers to view agents as operators inside cloud workflows. AWS brings more buyers into the room with that frame. The AI lead still cares about model quality. The platform lead cares about IAM and logging. The security lead cares about blast radius and proof of exploitability. The data lead cares about provenance and permissions.

Enterprises get the strongest case when teams remove handoffs. An agent that can read a knowledge base and call a tool removes search time. If it can open a pull request, it shortens the path across ticketing and engineering queues.

Teams take on risk when agents compress work. Agents with tool access can create incidents at machine speed if teams skip authorization design. AWS answered that concern by putting AgentCore and Continuum near governance controls. WAF and S3 annotations extend that control plane to content access and data context.

AWS gave CIOs a short test at the summit: choose one workflow with measurable toil, known data owners and clear rollback. Build it on AgentCore if the data and operating controls live on AWS. Compare it with Microsoft if the workflow sits in Microsoft 365. Compare it with Google Cloud if Gemini and BigQuery anchor the team's AI estate.

Use the same scorecard across providers: unit cost per successful task and audit evidence per action.

AWS used the New York announcements to put its agent strategy in plain terms. AWS wants to own the controlled path from enterprise knowledge to agent action. Customers should judge the launches by custom glue retired and manual reviews removed. The audit team should decide the rest.