Integration
Managed agent runtimes are integration partners, not Maestro
AWS Bedrock AgentCore and Azure AI Foundry Agent Service are excellent for bounded sub-tasks. They are not Maestro's orchestrator — and being explicit about why keeps the architecture honest.
Why neither is the orchestrator
Maestro's continuations sleep for weeks, wake on arXiv RSS or sibling-publish events, fork and merge, and span both clouds. Neither vendor runtime is built for that shape of work.
| Concern | AgentCore | Foundry Agent Service |
|---|---|---|
| Hard session ceiling | 8 hours | 30 days for Hosted agents; runs are request/response |
| Idle timeout | 15 minutes | 15 minutes for Hosted agents |
| Pause / branch / resume | No first-class primitive | No first-class primitive on runs; Hosted-agent sessions resume but not branch |
| Wake on external signal | Out-of-band; needs external orchestrator | Same — needs Logic Apps / Durable Functions / external scheduler |
| Fork / merge with lineage | Not modeled | Not modeled |
| Multi-cloud | Single-cloud by design | Single-cloud by design |
Putting Maestro continuations on AgentCore or Foundry would forfeit the central architectural bet — continuations as the unit of work, the policy kernel as the control plane.
Where Maestro delegates to them
The vendor runtimes are excellent for the shape they handle: a bounded sub-task within a session, with managed memory, sandboxed tool execution, and an OTEL trace. The policy kernel may choose to delegate a tick when the sub-task is:
- a managed browser crawl (AgentCore Browser / Foundry Browser Automation),
- a code-interpreter session (both have one),
- a tool-heavy session reachable through the vendor's MCP gateway (AgentCore Gateway / Foundry Toolboxes), or
- any sub-task that fits cleanly inside the vendor's session limits.
When the kernel delegates, the worker calls Substrate.AgentRuntime.spawn_session(...), streams session events back into the continuation's event log (preserving the audit trail), and on completion collects the terminal state and resumes the continuation on the Maestro worker pool. The vendor session is one event in the continuation's history, not a new orchestrator.
The delegation rule
A continuation tick is eligible for vendor delegation when all of:
- the kernel's
routeis a tier the vendor can serve, and - expected wall-clock for the sub-task is
< vendor.session_ceiling − safety_margin, and - the sub-task does not need to fork, merge, or sleep on a multi-day external signal, and
- the tenant's policy class allows external-runtime execution.
Otherwise the tick stays on the Maestro worker pool. The default is stay on Maestro — delegation is opt-in per tick, recorded in the model_call event as runtime: maestro | agentcore | foundry.
Side by side
| Dimension | AWS Bedrock AgentCore | Azure AI Foundry Agent Service |
|---|---|---|
| GA date | 2025-10-13 | 2026-03-16 |
| Wire protocol | Native AgentCore Runtime API; Strands open-source SDK is canonical author surface | OpenAI Responses API (conversations, responses) |
| Agent flavors | One runtime primitive; user brings any framework (Strands, LangGraph, CrewAI, LlamaIndex, OpenAI Agents SDK, Google ADK) | Prompt (GA), Workflow (preview, YAML/visual), Hosted (preview, customer containers) |
| Session lifetime | Up to 8 hours, 15-min idle timeout | Run = req/resp with polling; Responses background:true for async; Hosted agents: 30-day session with persistent $HOME and scale-to-zero resume |
| Pause / branch | Not modeled — session-bounded; needs Step Functions or Temporal for multi-day work | Not modeled on runs; Hosted-agent sessions resume on demand but do not branch |
| Memory | AgentCore Memory — short-term (Events per session) + long-term (extracted MemoryRecords); episodic memory added Dec 2025 | Threads / messages; BYO Cosmos DB option; 100k msgs/thread, 1.5 MB/msg, 128 tools/agent |
| MCP | AgentCore Gateway is MCP-native egress; OpenAPI / Smithy / Lambda / MCP-passthrough targets; semantic tool-search across thousands of tools | First-class MCP client (MCPTool); Foundry also publishes as MCP server (https://mcp.ai.azure.com, preview); Toolboxes publish curated bundles as MCP endpoints |
| Other tools | AgentCore Browser (sandboxed Playwright), Code Interpreter, custom tools via Gateway | AI Search · File Search · Fabric · Bing Grounding · Logic Apps · Azure Functions · OpenAPI · Deep Research · Browser Automation · Computer Use |
| Identity | AgentCore Identity layers over IAM; agent workload identity + vault for refresh tokens; per-user via JWT header (X-Amzn-Bedrock-AgentCore-Runtime-User-Id); Inbound IAM SigV4 or JWT (Cognito/Okta/Entra/Auth0) | Each agent gets a dedicated Entra agent identity; OAuth on-behalf-of (OBO) passthrough; project-scoped RBAC |
| Networking | VPC mode with ENIs; PrivateLink; tenant isolation = one microVM per session | BYO VNet; Hosted agents run in VNet-injected sandboxes; MCP / Search private paths |
| Multi-agent | Composes with any framework's A2A; classic Bedrock Agents has multi-agent collaboration | Connected Agents (primary→task); Workflow agents; A2A protocol (preview) |
| Authoring SDK | Strands Agents open source; runs on AgentCore unchanged, or on Lambda / Fargate / EKS | azure-ai-projects; Microsoft Agent Framework 1.0 (GA Apr 2026) is SK + AutoGen merger |
| Observability | OTEL-native → CloudWatch GenAI Observability; Datadog / Honeycomb via OTEL | OTEL-native with GenAI semantic conventions; prompt-agent traces GA; App Insights "Agents" view (preview) |
| Policy / eval | AgentCore Policy Cedar-based (GA 2026-03-03); Evaluations GA 2026-03-31 | Project content filters; continuous evaluation GA |
| Regional spread | 9 regions (us-east-1/2, us-west-2, eu-central-1, eu-west-1, ap-south-1, ap-southeast-1/2, ap-northeast-1) | Tied to Responses API availability; gaps in Italy North, Brazil South for file search |
| Pricing intuition | Runtime / Browser / CI: $0.0895/vCPU-hr + $0.00945/GB-hr, per-second, I/O wait free; Gateway: $0.005/1k tool invokes; Memory: $0.25/1k events, $0.75/1k LT records/mo | Folds into model + storage + Foundry consumption; partner models billed via Marketplace, MACC-eligible |
What this changes in the Substrate
A seventh method group on Substrate — AgentRuntime — added in the architecture document's §4.3. The interface is small on purpose:
AgentRuntime {
spawn_session(spec) -> session_id
stream_events(session_id) -> Iterator
signal(session_id, payload)
terminate(session_id)
collect_terminal_state(session_id) -> dict
}The concrete impls are AgentCoreRuntime (Runtime + Gateway + Memory) on AWS and FoundryAgentRuntime (Hosted agents + Connected agents + Toolboxes) on Azure. Both stream events back through the substrate's EventLog so the warm store remains the single source of truth.