You’re reading an issue of "The AI Economy," my newsletter exploring the forces shaping the AI era—tracking how AI is rewriting business, work, technology, and culture. Subscribe to get expert insights and curated updates delivered straight to your inbox.
Every major enterprise software vendor—Amazon Web Services, Microsoft, Salesforce, ServiceNow, SAP—is racing to plant a flag in what they’ve variously dubbed the “frontier firm” or the “agentic enterprise.” The pitch is the same regardless of the branding: the future of work runs on digital labor. But as agent deployments multiply, so does the risk. Knowing what’s running, who owns it, and what it can access isn’t just an operational concern—it’s a security imperative.
AWS wants to bring order to the chaos of agentic sprawl. As enterprises scale to hundreds or even thousands of AI agents, tracking what exists, who owns it, and whether it’s approved for use has become an operational crisis in itself. AWS’s answer is the Agent Registry, a centralized system that gives organizations visibility into every agent running across the enterprise, control over what gets published, and the ability to see what already exists before building something new.
Part of AWS Bedrock Agentcore, Agent Registry stores metadata for all the agents, tools, MCP servers, agent skills, and custom resources as structured records. It will also document the record’s author(s), the implemented protocols, what it exposes, and how to invoke it. And in order to ensure Agent Registry serves as a complete and authoritative record of an organization’s agentic landscape, MCP, A2A, and other interoperability standards are natively baked in.
Subscribe to The AI Economy
Discoverability is one of Agent Registry’s core capabilities. It provides developers with visibility into what has been built, who owns it, and if it has a formal approval workflow with defined stages. The idea is to save teams time and resources by avoiding the need to parse through third-party tools or risk duplicative work. The system utilizes a search feature that combines keyword and semantic matching, meaning a query for “payment processing” could surface results tagged as “billing” or “invoicing,” even if they’re named differently.
The goal is simple: search before you build. If a vetted agent or tool already exists, developers will use it. If it doesn’t, they build it, register it, and make it available to everyone else. Providing organizations with a clear view of what already exists can save enormous engineering resources from being spent on redundant work. And having everything registered ensures that they’re properly managed.
And speaking of governance, here’s what Agent Registry does on that front: Using IAM policies, administrators can delineate roles among team members, dictating who can register an agent, tool, and/or agent skill, and who can discover them. Each record follows an approval workflow, with agents starting as drafts, pending approval, and then becoming discoverable once approved. Versioning is implemented to help track changes over time. And the system doesn’t take a snapshot of the agents—it monitors its activity throughout the entire lifecycle from deployment to retirement.
There are various ways developers can access the Agent Registry: through the AgentCore Console, via APIs, or as an MCP server. If a company uses a custom identity provider, OAuth-based access enables teams to craft their own discovery interfaces without needing IAM credentials.
In the future, AWS plans to expand the Agent Registry to anywhere an agent might live. Any agent or tool built in AgentCore, Amazon Quick Suite, or Kiro will be indexed. And over time, this system will become automated, relieving administrators and developers of the need to manually register agents.
AWS isn’t alone in tackling the agent sprawl problem. Microsoft overlaps with Agent 365, which acts as the control plane for the enterprise agent fleet, and with Entra Agent ID, which treats agents as managed identities alongside human users. Google paired its Cloud API Registry with Vertex AI Agent Builder to give administrators a curated catalog of approved tools. ServiceNow’s AI Control Tower approaches the problem from a compliance and business strategy angle, while Okta for AI Agents tackles it from the identity and security layer. Kong’s MCP Registry extends existing API governance to cover agents, and Collibra brings data governance principles to the problem.
The crowded field says something important: agent governance isn’t a solved problem, and no single vendor owns it. Each of these solutions targets a different layer—identity, compliance, API infrastructure, developer workflows—so enterprises won’t be choosing among them so much as assembling several simultaneously.
For now, AWS’s Agent Registry remains a preview through AgentCore. It’s accessible today in these regions: US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), and Europe (Ireland).
Featured Image: A neon AWS sign on display at the company's re:Invent conference in Las Vegas, Nevada, taken on Dec. 1, 2025. Credit: Ken Yeung
Subscribe to “The AI Economy”
Exploring AI’s impact on business, work, society, and technology.
Leave a Reply
You must be logged in to post a comment.