I Deployed a Bedrock AI Agent Through My IDP in 4 Minutes

I wanted to play with AI agents and AWS AgentCore. But I didn't want to spend a day wrestling with IAM trust policies, ECR repositories, CloudWatch log groups, and managed policies. So I used my own platform. The problem Deploying an AI agent on AWS AgentCore requires at least 8 resources: an IAM role with a specific trust policy for bedrock-agentcore.amazonaws.com , a managed policy with Bedrock and ECR permissions, an ECR repository, a CloudWatch log group, the AgentCore Runtime itself, an endpoint, and optionally memory and a code interpreter. Getting the trust policy right took three failed deployments. First, bedrock.amazonaws.com wasn't enough — AgentCore has its own service principal. Then the ECR permissions were missing from the policy. Then the container image was built for amd64 but AgentCore runs on arm64 (Graviton). Each failure meant a full rollback and retry. This is exactly the kind of infrastructure maze that makes developers avoid cloud services and wait for Jira tick