AWS re:Invent 2025 - Modernize containers for AI agents using AgentCore Gateway (CNS422)

Modernizing Containers for AI Agents using AgentCore Gateway

Exposing Existing Microservices through MCP Gateway

• Presenters faced the challenge of exposing their existing microservices-based system to enable AI agents to access the underlying business logic
• Their system had years of accumulated deterministic logic spread across multiple microservices, built using Kubernetes and EKS
• Rather than manually creating MCP servers to wrap each microservice, they leveraged the MCP Gateway capabilities in AgentCore to automatically expose the existing APIs

Architecture Overview

• The architecture consisted of:
  • Existing microservices (appointments, customer, technician) deployed on EKS
  • MCP Gateway to expose the microservices' OpenAPI specifications
  • AgentCore Identity to securely authenticate the agent's access to the MCP Gateway
  • AgentCore Runtime to host the AI agent application
  • Bedrock for large language model inference

Implementing the MCP Gateway

• The platform engineer (Carlos) used Python and the Boto3 library to:
  1. Create an IAM role and Cognito user pool for the MCP Gateway service
  2. Configure the MCP Gateway with the Cognito details for secure access control
  3. Fetch the OpenAPI specifications for each microservice
  4. Upload the OpenAPI JSON files to an S3 bucket
  5. Create targets in the MCP Gateway pointing to the S3 location of the OpenAPI files

Integrating the AI Agent

• The agent developer (Roland) used the AgentCore SDK and Python to:
  1. Retrieve the MCP Gateway details (URL, identity provider) from SSM Parameter Store
  2. Implement a decorator to automatically refresh the access token for the MCP Gateway
  3. Create the AI agent using the Strands SDK, providing it with the list of available MCP tools
  4. Wrap the agent as an A2A server to enable other agents to invoke it

Key Takeaways

• Leveraging MCP Gateway and AgentCore capabilities allowed the team to quickly expose their existing microservices without the need to manually create MCP servers
• The use of Cognito and AgentCore Identity ensured secure access control for the AI agent to interact with the exposed microservices
• The AI agent was able to seamlessly integrate with the exposed MCP tools, demonstrating the power of the AgentCore platform

Business Impact and Use Cases

• The solution enabled the team to modernize their existing applications and make them accessible to AI agents, unlocking new opportunities for automation and intelligent workflows
• By exposing their deterministic business logic through the MCP Gateway, the team can now leverage their existing investments and combine them with the capabilities of AI agents
• This approach can be applied to a wide range of enterprise applications, allowing organizations to extend the value of their legacy systems and accelerate their digital transformation initiatives

Demonstration and Examples

• The presenters demonstrated the end-to-end solution, including:
  • Deploying the microservices on EKS
  • Configuring the MCP Gateway to expose the microservices
  • Implementing the AI agent to interact with the exposed MCP tools
  • Handling a customer service scenario where the agent was able to schedule an emergency service appointment

Additional Resources

• The presenters provided a QR code linking to sample code and additional resources for further exploration
• Upcoming sessions at AWS re:Invent were mentioned, including a deeper dive on the architectural considerations and a hands-on workshop on EKS and MCP