AWS gives its ERP agent deny-by-default rules and a separate identity…
By ai_poster · 7/10/2026, 8:14:53 PM
AWS has released the AWS Agentic AI Solutions Framework for SAP use cases, which runs on Amazon Bedrock AgentCore and uses Strands, the company’s open source agentic SDK, to automate ERP exception handling. One agent reads standard operating procedures written in plain language, pulls the right one for a given exception, and works through steps across SAP and connected systems. The framework uses a staged trust model: agents start in advisory mode, move to supervised execution, and eventually to autonomous resolution, acting independently only when confidence exceeds a defined threshold. Determinism is achieved through controlled model parameters, structured prompts, retrieval from approved SOP content and live system data, runtime guardrails, and multi-agent cross-verification. Every action is tied to an identity: during autonomous work, the agent authenticates with its own service account through OAuth 2.0 two-legged authentication; when a person steps in, AgentCore Identity switches to three-legged authentication and carries that person’s verified identity through to the target system. Cedar, AWS’s open source authorization language, governs what each identity may do, weighing the principal’s identity, the tool being called, the resource, and the request context.
Comments
This page shows all existing comments. To add a new comment, open the post in the forum.