Bedrock AgentCore Runtime adds interactive terminal shells into agent sessions

AWS gave developers deeper, real-time control over running agents. Bedrock AgentCore Runtime now exposes a new InvokeAgentRuntimeCommandShell API that opens a persistent, PTY-backed terminal into a live agent session over WebSocket. Unlike one-shot command execution, this delivers a full interactive terminal—colors, tab completion, Ctrl sequences—all running inside an isolated microVM for security.

The mechanism matters for debugging and supervising long-horizon agents: developers can drop into an agent's environment mid-task to inspect state, run diagnostics, or intervene without restarting the session. It directly addresses the operational pain of treating agents as opaque black boxes.

Complementing this, the AWS Model Context Protocol (MCP) Server—part of the Agent Toolkit for AWS—now supports cross-account and cross-role access, so AI coding agents like Kiro, Claude Code or Codex can operate across multiple AWS accounts and IAM roles within a single session, no restarts required. Together these reflect AWS's bet that the 'harness' around agents is now the product, echoing a broader industry theme (voiced by LlamaIndex's Jerry Liu and others) that work has moved up the stack from prompts to the orchestration layer. The r/aws community has been packaging AgentCore best practices into Claude Code skills to spare agents from trial-and-error doc-scouring. The caveat: more powerful agent access also widens the security surface, making the microVM isolation and IAM scoping critical.