The Agent Within
Book a demo
The Agent Within Product

AWS-native AI agent scaffold for your AWS account

A backbone, not a bot

The Agent Within is a production-ready AI agent backbone deployed into your AWS account, with all core components wired together so you can launch and extend agents without building the plumbing yourself.

  • Scaffold deployed in under an hour — once kickoff inputs and approvals are in place.
  • First tailored enterprise agent delivered by our team in 2–8 weeks (depending on integrations and scope).
Get a technical walkthrough What you get on day one Deployment timeline

We’ll walk your technical and business stakeholders through the actual architecture, stack choices, and how it would land in your environment.

Day one

What you get on day one

Everything below is delivered into your AWS account from day one. For how these pieces are used in specific solutions and agents, see the Solutions and Home pages.

Auth & Users

Simple, secure access control from the start.

  • Amazon Cognito user pools (username/password) with optional MFA.
  • Admin vs standard user roles out of the box.

Chat Front-end

A clean, responsive chat experience you can expose internally or externally.

  • Web chat UI deployed to Amazon S3 and served via CloudFront over HTTPS.
  • Configurable as public front door or locked behind IAM / SAML / SSO.

APIs & Backend

API endpoints so agents can talk to users and data securely.

  • API Gateway + Lambda for login/token validation, document upload, chat/agent requests.
  • All traffic over HTTPS, deployed into your VPC to keep boundaries under your control.

Agent Runtime

A dedicated runtime for agents, packaged and ready to extend.

  • EC2 prepared as a Docker runtime for the agent.
  • Configurable EC2 instance size at deployment so you can choose the right balance of cost, speed, and concurrency.
  • Supports vertical + horizontal scaling as usage grows.

RAG & Data

RAG and application state baked into the platform.

  • S3 for document storage (PDFs, manuals, policies).
  • Bedrock Knowledge Bases for chunking + embeddings.
  • Aurora PostgreSQL + pgvector for vectors, chat history, app/config data.

Networking & Security Baseline

An AWS-native security baseline your cloud team will recognize.

  • Deployed in your AWS account, inside your network boundary (VPC + security groups), with public or private patterns based on your requirements.
  • CloudFront fronts the web UI by default; API fronting via CloudFront is optional (API Gateway can be public or private).
  • Least-privilege IAM roles and tight security groups from day one (only the permissions and network access each component needs).

Observability

See what’s happening and act quickly if something goes wrong.

  • CloudWatch logs for Lambda and core components.
  • Basic metrics and alerts for API errors and agent failures.

For more detail on security, logging and operational best practices, see the Architecture & Security section.

Get a technical walkthrough See solutions
Extensions

On-demand extensions

Capabilities we can deliver as part of an engagement, on top of the same scaffold running in your AWS account.

Model management & evaluation

  • Choose between Bedrock models and other LLMs (UI or config).
  • Per-model usage stats (tokens, latency, approximate cost).
  • Optional A/B testing and evaluation on your own data.

Safety & guardrails

  • Central guardrail config: blocked categories, PII handling, policy rules.
  • Per-tenant / per-team safety profiles.
  • Optional logging + review workflow for flagged conversations.

Prompt & playground tools

  • Prompt testing and iteration workflow connected to production.
  • Versioned templates stored in Aurora or S3.
  • Optional promotion process from tested prompts to production configs.

Scaling & reliability

  • Horizontal scaling via ASGs, ECS, or EKS.
  • Auto-healing for instances/containers.
  • Optional multi-AZ / HA where downtime isn’t acceptable.

Advanced agent workflows

  • Tool/function orchestration to call APIs, DBs, internal systems.
  • Multi-step flows (plan, act, reflect) for complex tasks.
  • SQS / EventBridge patterns for long-running work.

Custom containers & developer extensions

  • Your developers deploy Docker containers to extend the runtime (where permitted).
  • Starter examples + conventions for tools, configs, and integrations.
  • We can build extensions as professional services if preferred.
Get a technical walkthrough How it compares
Comparison

Three ways to get an enterprise agent into production

Each path works—depending on what you can trade off: time, control, or flexibility. Here’s how they compare.

Build in-house Vendor-hosted SaaS chatbot The Agent Within AWS-native scaffold + delivered enterprise agent (in your AWS account)
Time to production Months of architecture, infra, backend and UI work before a usable agent. Fast to launch, but integrations, data grounding, and security approvals can still take weeks/months. Scaffold in under an hour — once kickoff inputs and approvals are in place. First tailored enterprise agent in 2–8 weeks (scope/integrations).
Data ownership Full control, but your team owns everything end-to-end. Data and conversations typically live in the vendor’s environment (with their backup/logging policies). All data and infra in your AWS account/VPC; you pay AWS directly.
Control over data & access You can control IAM, retention, audit logs, and governance—if you build and maintain it. Access controls and retention are constrained by the vendor platform; you can’t enforce everything the same way as “in-account.” Your IAM, your retention rules, your audit trails—because it runs inside your AWS account/VPC.
Customisation & extensibility As flexible as your budget and team can support. Limited to what the vendor exposes; deep changes are hard or impossible. Built to add new agents, tools, workflows and containers on a reusable scaffold.
Long-term maintenance You own upgrades, patches, libraries, observability, and on-call—often requiring specialists over time. Vendor maintains their platform, but you’re dependent on their roadmap and constraints. Foundation is standardised and reusable; platform updates and bug fixes are provided as part of the product, while your data stays in your account.
Team turnover risk New teams often need significant time to learn the original architecture and decisions. Less infra ownership, but switching later can mean reworking integrations and workflows. Consistent scaffold + conventions makes onboarding and handover easier than a one-off custom build.
Multi-model support Requires you to design and maintain your own abstraction layer. Often tied to one stack or a small set of models. Multi-model by design: use Bedrock and other APIs from a single runtime.

The Agent Within is for teams that want enterprise speed without handing data and control to a vendor. Deployed into your AWS account in under an hour, with a first tailored enterprise agent delivered in 2–8 weeks depending on integrations and scope.

Time to production

Build in-house

Months of platform work before a usable agent.

Generic SaaS

Fast signup, but integrations/approvals still take time.

The Agent Within

Scaffold deployed in under an hour — once kickoff inputs and approvals are in place. First tailored enterprise agent in 2–8 weeks.

Data ownership

Build in-house

Full control, full operational ownership.

Generic SaaS

Data, prompts and logs live outside your cloud.

The Agent Within

All data and infra in your AWS account/VPC; you pay AWS directly.

Customisation & extensibility

Build in-house

As flexible as your team/budget allows.

Generic SaaS

Limited; deep changes are hard or impossible.

The Agent Within

Add agents, tools, workflows, containers on a reusable scaffold.

Multi-model support

Build in-house

You build + maintain the abstraction layer.

Generic SaaS

Often tied to one stack / narrow model set.

The Agent Within

Multi-model by design: Bedrock + other APIs from one runtime.

Timeline

Deployment timeline snapshot

Every deployment is tailored to your environment, but the overall shape is consistent: Scaffold deployed in under an hour — once kickoff inputs and approvals are in place, then a first tailored enterprise agent delivered in 2–8 weeks.

  1. Deploy scaffold into your AWS account

    We set up The Agent Within in a dedicated AWS account you own (new or existing): Cognito, S3, CloudFront, API Gateway, Lambda, EC2, Aurora + pgvector, VPC, plus baseline security & observability.

    Your cloud team can review and approve every component.

  2. Connect data and configure base agents

    We connect initial data sources and stand up your first agents, typically focused on internal knowledge (policies, SOPs, documentation) and/or a priority solution use case (support copilot, pay audit, etc.).

    You get a usable agent experience on top of a solid scaffold.

  3. Deliver first custom agents

    We design and deliver custom task-oriented agents and workflows (or enable your developers to do so): agents that can call your internal systems via approved APIs to automate repeatable work, with the guardrails and approvals your environment requires.

    Clear patterns for adding more agents over time.