Plan, build, operate, and secure AI agents for financial services on AWS.
An open-source platform that unifies use cases, reference apps, apps generation from guided-prompt, managed Frontier Agents, custom agents, and reusable tools on Amazon Bedrock AgentCore.
Getting Started | Plan | Platform | Applications | Architecture | Documentation | Contacts
- 34 FSI Use Cases — Production-ready multi-agent POCs across banking, payments, insurance, capital markets, operations, risk & compliance, and modernization
- Dual Framework Support — Every use case implemented in both LangGraph/LangChain and Strands Agents SDK — pick the one your team prefers
- Reference Implementations — Fork-and-customize full-stack apps with dedicated frontend, backend, and infrastructure (Market Surveillance, Shopping Concierge, Case Management, Agent Safety)
- Agent-as-a-Service — Deploy Amazon's managed Frontier Agents (DevOps, Security, Kiro) into your account, or build Custom Agents on Bedrock AgentCore
- App Factory — Describe your use case in plain language; the pipeline AI-generates the agent code plus Terraform and deploys it to AgentCore — no coding required
- Tools Factory — Pre-built catalog (MCP Gateway, Knowledge Base, Code Interpreter, Web Browser, and more) plus custom tools from Lambda, APIs, or MCP servers
- Full Control Plane — React + FastAPI web UI for browsing, deploying, testing, managing, and observing every agent application
- One-Click Deployment — Deploy any use case from the UI; CI/CD (CodeBuild + Step Functions + Terraform/CDK) provisions infrastructure automatically
- Dual Deployment Paths — Quick Deploy (S3 archive) for business users, Deploy from Git (CodeCommit) for developers who want to customize source first
- Built-in Observability — Langfuse v3 + OpenTelemetry stack for agent tracing, metrics, prompt management, and evaluation — deploy once, connect every use case
- Built for AWS — Bedrock AgentCore, ECS, Lambda, DynamoDB, CloudFront, Cognito, S3, Step Functions, CodeBuild, and more
AVA_04232026_v1.0_0.1.mp4
Strategic guidance and frameworks to facilitate AI transformation across enterprise leadership personas. These documents help business, technology, and risk leaders identify, evaluate, and prioritize agentic AI use cases that deliver measurable value.
| Resource | Description |
|---|---|
| Use Case Discovery Guide | 8-step framework for enterprise leaders to identify high-value agentic AI use cases — covers bounded autonomy, measurable outcomes, and governance across industries |
More strategic planning resources coming soon — persona-specific playbooks (CEO, CIO, CTO, CFO, CRO, CDO), ROI frameworks, and industry-specific adoption guides.
The AVA Control Plane is a web-based management layer for deploying and operating agent applications on AWS.
| Component | Description |
|---|---|
| Backend | FastAPI API — template catalog, packaging engine, deployment orchestration, test runner |
| Frontend | React + TypeScript UI — browse use cases, deploy with one click, view logs, test agents |
| Infrastructure | Terraform modules — ECS, API Gateway, DynamoDB, S3, Cognito, CloudFront, CodeBuild |
| Templates | 6 deployable starter templates — foundations, agent runtimes, and patterns |
| Template | Pattern | Description |
|---|---|---|
| Foundation Stack | Foundation | Langfuse deployment — provisions the Langfuse v3 observability server (plus required networking) that every other template and use case sends traces to. Deploy this first, once per account/region; accessible afterwards from the Observability tab. |
| Strands AgentCore | Managed Runtime | Strands agent on Bedrock AgentCore with Langfuse observability |
| LangGraph AgentCore | Managed Runtime | LangGraph agent on Bedrock AgentCore with Langfuse observability |
| Tool-Calling Agent | Single Agent | Agent with dynamic tool invocation, registration, and error handling |
| RAG Application | Retrieval | Retrieval-augmented generation with vector search and knowledge base |
| Multi-Agent Orchestration | Multi-Agent | Orchestrator pattern with specialized sub-agents collaborating on complex tasks |
The Control Plane offers two ways to deploy any use case, backed by the same CodeBuild pipeline:
| Path | Best For | How It Works |
|---|---|---|
| Quick Deploy (S3) | Business users, standard deployments | Backend packages the use case source from the template catalog into a ZIP, uploads to S3, and triggers Step Functions. No Git knowledge needed. |
| Deploy from Git (CodeCommit) | Developers, custom forks, team collaboration | User selects a pre-seeded CodeCommit repo from the UI. CodeBuild clones the repo and deploys. Push code to the repo to customize before deploying. |
Git-path repos are pre-seeded from the FSI Foundry registry by a one-time script (scripts/seed-codecommit.sh init). Users don't need to create repos manually.
34 multi-agent POC implementations spanning 7 FSI domains — all built on one shared foundation of infrastructure and backend code.
- Direct Amazon Bedrock AgentCore deployment — simple and quick
- Two framework implementations per use case — LangGraph/LangChain and Strands Agents SDK
- Shared foundations — adapters, base classes, Terraform modules, Docker configs, agent registry
- Per-use-case frontend UI — Each use case has a dedicated React frontend deployed via CloudFront
Banking (8)
| Use Case | Agents |
|---|---|
| KYC Risk Assessment | Credit Analyst, Compliance Officer |
| Customer Service | Inquiry Handler, Transaction Specialist, Product Advisor |
| Customer Chatbot | Conversation Manager, Account Agent, Transaction Agent |
| Customer Support | Ticket Classifier, Resolution Agent, Escalation Agent |
| Document Search | Document Indexer, Search Agent |
| AI Assistant | Task Router, Data Lookup Agent, Report Generator |
| Corporate Sales | Lead Scorer, Opportunity Analyst, Pitch Preparer |
| Agentic Commerce | Offer Engine, Fulfillment Agent, Product Matcher |
Payments (3)
| Use Case | Agents |
|---|---|
| Agentic Payments | Payment Validator, Routing Agent, Reconciliation Agent |
| Payment Operations | Exception Handler, Settlement Agent |
| Fraud Detection | Transaction Monitor, Pattern Analyst, Alert Generator |
Risk & Compliance (5)
| Use Case | Agents |
|---|---|
| Document Processing | Document Classifier, Data Extractor, Validation Agent |
| Credit Risk Assessment | Financial Analyst, Risk Scorer, Portfolio Analyst |
| Compliance Investigation | Evidence Gatherer, Pattern Matcher, Regulatory Mapper |
| Adverse Media Screening | Media Screener, Sentiment Analyst, Risk Signal Extractor |
| Market Surveillance | Trade Pattern Analyst, Communication Monitor, Alert Generator |
Capital Markets (9)
| Use Case | Agents |
|---|---|
| Investment Advisory | Portfolio Analyst, Market Researcher, Client Profiler |
| Earnings Summarization | Transcript Processor, Metric Extractor, Sentiment Analyst |
| Economic Research | Data Aggregator, Trend Analyst, Research Writer |
| Email Triage | Email Classifier, Action Extractor |
| Trading Assistant | Market Analyst, Trade Idea Generator, Execution Planner |
| Research Credit Memo | Data Gatherer, Credit Analyst, Memo Writer |
| Investment Management | Allocation Optimizer, Rebalancing Agent, Performance Attributor |
| Data Analytics | Data Explorer, Statistical Analyst, Insight Generator |
| Trading Insights | Signal Generator, Cross Asset Analyst, Scenario Modeler |
Insurance (3)
| Use Case | Agents |
|---|---|
| Customer Engagement | Churn Predictor, Outreach Agent, Policy Optimizer |
| Claims Management | Claims Intake Agent, Damage Assessor, Settlement Recommender |
| Life Insurance Agent | Needs Analyst, Product Matcher, Underwriting Assistant |
Operations (3)
| Use Case | Agents |
|---|---|
| Call Center Analytics | Call Monitor, Agent Performance Analyst, Operations Insight Generator |
| Post Call Analytics | Transcription Processor, Sentiment Analyst, Action Extractor |
| Call Summarization | Key Point Extractor, Summary Generator |
Modernization (3)
| Use Case | Agents |
|---|---|
| Legacy Migration | Code Analyzer, Migration Planner, Conversion Agent |
| Code Generation | Requirement Analyst, Code Scaffolder, Test Generator |
| Mainframe Migration | Mainframe Analyzer, Business Rule Extractor, Cloud Code Generator |
End-to-end full-stack solutions with dedicated frontends, backend APIs, and complete infrastructure.
| Implementation | Domain | Description |
|---|---|---|
| Market Surveillance | Capital Markets | Real-time trade monitoring with 29 decision tree rules, multi-agent orchestration, and audit-ready reports |
| Shopping Concierge Agent | Agentic Payments | AI-powered concierge with product search, cart management, payment support, and Cognito auth |
| Case Management | Risk & Compliance | Fraud detection and case management with pattern recognition (smurfing, mule accounts, high-velocity), conversational investigation, and optional AgentCore SAR generation |
| Agent Safety | Safety & Governance | Safety controls for Bedrock AgentCore — budget/eval/observability auto-provisioning, session interventions, kill switch, audit trail, and centralized dashboard |
View Reference Implementations →
Describe your use case in plain language through a five-step wizard (problem, users, workflow, data, constraints). AI generates the Strands agent code and Terraform, and the CI/CD pipeline deploys it end-to-end to Bedrock AgentCore — no coding required. Track progress on the same deployment detail page as every other use case.
Managed autonomous agents you deploy into your own AWS account — either Amazon's Frontier Agents or your own Custom Agents built on Bedrock AgentCore.
| Agent | Domain | Deployment | Status |
|---|---|---|---|
| AWS DevOps Agent | Incident Response & SRE | Terraform | CDK | CloudFormation | Available |
| AWS Security Agent | Application Security | Terraform, CDK, CloudFormation | Coming Soon |
| Kiro | Developer Productivity | Local IDE (not IaC-deployed) | Coming Soon |
One-click deployment from the Control Plane UI that provisions the agent space in your account. Monitor your build process and access Operator View post-deployment.
Build your own autonomous agent on Bedrock AgentCore — choose a model, attach tools, configure memory and guardrails, and deploy to a managed runtime.
Pre-built catalog of agent tools — MCP Gateway, Knowledge Base, Code Interpreter, Web Browser, Database Query, API Connector, Document Parser, and Notifications — plus a builder for custom tools from Lambda functions, REST APIs, or MCP servers. Tools are scoped per agent at deploy time and invoked automatically based on the agent's reasoning.
| Area | Document | Description |
|---|---|---|
| Platform | Platform Architecture | Full system design with Mermaid diagrams — frontend, backend, CI/CD pipeline, infrastructure modules, per-use-case UI deployment flow |
| Platform | CI/CD Pipeline | Dual-source CodeBuild buildspec — Git clone / S3 unzip, Docker build, Terraform apply, UI build, S3 sync, CloudFront invalidation |
| Platform | Infrastructure Scripts | Reference for every shell and Python script used to deploy, tear down, and seed the Control Plane (deploy-full, deploy, destroy, import-existing, seed-codecommit) |
| FSI Foundry | Architecture & Deployment | Architecture Patterns | AgentCore Design | Deployment Guide |
| Reference | Shopping Concierge | Agent Capabilities | Deployment | Data Flow |
| Reference | Case Management | Fraud detection + investigation — Architecture Diagram |
| Reference | Agent Safety | Agent safety controls — Signals Contract |
| AaaS | AWS DevOps Agent | Same-account deploy of Amazon's managed DevOps Agent — Agent Space, operator role, primary-account association, optional sample Lambda for Part 2 cross-account monitoring. Available in three IaC flavors: Terraform | CDK | CloudFormation |
| AaaS | Frontier Agents Registry | Catalog entry that drives the deploy UI — agent metadata, supported IaC types, parameters |
| Observability | Foundation Stack (Langfuse v3) | Langfuse v3 + OpenTelemetry on ECS Fargate (bundled with required networking). Deploy once per account/region; every use case auto-provisions its own Langfuse project against this foundation. |
| Evaluation | Evaluation (coming soon) | Agent performance testing and quality benchmarks |
ava/
│
├── plan/ # --- Strategy Layer ---
│ └── UseCaseGuidance.md # 8-step discovery framework for leaders
│
├── platform/ # --- Platform Layer ---
│ ├── docs/ # Architecture + template documentation
│ └── control_plane/
│ ├── frontend/ # Control Plane Web UI (React 19 + TypeScript + Vite)
│ │ └── src/
│ │ ├── components/ # React pages — Home, ApplicationsLanding,
│ │ │ # FSIFoundryCatalog, ReferenceImplementations,
│ │ │ # AppFactory, AaaSLanding, AwsAgentsCatalog,
│ │ │ # CustomAgentsCatalog, ToolsFactory,
│ │ │ # DeploymentDetail, TestDeploymentDrawer,
│ │ │ # TemplateCatalog, Observability, Guardrails
│ │ ├── api/ # API client (Axios)
│ │ ├── auth/ # Cognito authentication
│ │ ├── contexts/ # React contexts (UserContext, AuthContext)
│ │ └── types/ # TypeScript type definitions
│ │
│ ├── backend/ # Control Plane API (FastAPI on ECS Fargate)
│ │ └── src/
│ │ ├── api/routes/ # REST endpoints — deployments, templates,
│ │ │ # applications, codecommit, app_factory,
│ │ │ # frontier_agents, observability
│ │ ├── services/ # Business logic (pipeline, packaging, deployment)
│ │ ├── models/ # Pydantic models
│ │ └── core/ # Config, auth, middleware
│ │
│ ├── infrastructure/ # Terraform — Control Plane AWS Resources
│ │ ├── modules/
│ │ │ ├── ecs/ # ECS Fargate cluster + service
│ │ │ ├── codebuild/ # CI/CD pipeline (dual-source buildspec.yml)
│ │ │ ├── codecommit/ # Pre-seeded repos for "Deploy from Git" path
│ │ │ ├── step_functions/ # Deployment orchestrator (source-agnostic)
│ │ │ ├── frontier_agents_pipeline/ # Dedicated Terraform-only pipeline for AaaS
│ │ │ ├── agent_registry/ # AgentCore agent registry metadata
│ │ │ ├── eventbridge/ # Lifecycle events + Git push / PR-merge triggers
│ │ │ ├── cloudfront/ # CDN for frontend
│ │ │ ├── cognito/ # User pools + auth
│ │ │ ├── dynamodb/ # Deployment state + App Factory submissions
│ │ │ ├── ecr/ # Container registry
│ │ │ ├── s3/ # Frontend hosting + artifact storage
│ │ │ ├── api_gateway/ # HTTP API for backend
│ │ │ ├── networking/ # VPC, subnets, security groups
│ │ │ ├── state_backend/ # Terraform remote state (S3 + DynamoDB lock)
│ │ │ └── observability/ # CloudWatch logs + alarms
│ │ └── scripts/ # deploy-full.sh, deploy.sh, destroy.sh, seed-codecommit.sh
│ │
│ ├── templates/ # 8 Starter Templates (deployed via UI)
│ │ ├── foundation-stack/ # Langfuse v3 + OpenTelemetry + required networking
│ │ ├── strands-agentcore/ # Strands on Bedrock AgentCore
│ │ ├── langraph-agentcore/ # LangGraph on Bedrock AgentCore
│ │ ├── tool-calling-agent/ # Single agent with tool invocation
│ │ ├── rag-application/ # RAG with knowledge base
│ │ └── multi-agent-orchestration/ # Orchestrator pattern
│ │
│ └── aaas/ # Agent-as-a-Service product domain
│ ├── frontier_agents.json # Catalog registry (drives /aaas/aws-agents UI + deploy API)
│ └── frontier_agents/ # Per-agent source trees
│ └── devops/iac/{terraform,cdk,cloudformation}/ # AWS DevOps Agent — Terraform + CDK + CloudFormation
│
├── applications/ # --- Application Layer ---
│ │
│ ├── fsi_foundry/ # FSI Foundry — 34 Multi-Agent Use Cases
│ │ ├── foundations/ # Shared code used by ALL use cases
│ │ │ ├── src/ # Python base classes and utilities
│ │ │ │ ├── base/ # BaseAgent, BaseOrchestrator, BaseModel
│ │ │ │ ├── adapters/ # Framework adapters (Strands, LangGraph)
│ │ │ │ ├── tools/ # Shared agent tools
│ │ │ │ └── utils/ # Logging, config, helpers
│ │ │ ├── iac/ # Terraform modules for use case infra
│ │ │ │ ├── agentcore/ # Bedrock AgentCore runtime + UI (S3, CloudFront, Lambda, API GW)
│ │ │ │ ├── shared/ # Shared networking, IAM, ECR
│ │ │ │ └── cognito/ # Per-use-case auth (optional)
│ │ │ └── docker/ # Dockerfiles for agent containers
│ │ │
│ │ ├── use_cases/ # 34 use case implementations
│ │ │ └── {use_case_name}/ # e.g. kyc_banking, fraud_detection
│ │ │ └── src/
│ │ │ ├── strands/ # Strands SDK implementation
│ │ │ │ ├── orchestrator.py # Agent orchestration logic
│ │ │ │ ├── models.py # Pydantic request/response models
│ │ │ │ └── agents/ # Individual agent definitions
│ │ │ └── langchain_langgraph/ # LangGraph implementation
│ │ │ ├── orchestrator.py
│ │ │ └── agents/
│ │ │
│ │ ├── ui/ # Per-use-case React frontends
│ │ │ └── {use_case_name}/ # e.g. fraud_detection, agentic_payments
│ │ │ ├── src/components/ # AgentConsole, ResultsPanel, Home, Navigation
│ │ │ └── public/runtime-config.json # API endpoint + input schema config
│ │ │
│ │ ├── data/
│ │ │ ├── registry/offerings.json # Use case catalog (agents, fields, test entities)
│ │ │ └── samples/ # Sample data for each use case
│ │ │
│ │ └── scripts/ # Deployment and testing scripts
│ │ ├── main/deploy.sh # Interactive deployment wizard
│ │ ├── deploy/ # Per-pattern deploy scripts
│ │ ├── use_cases/ # Per-use-case test scripts
│ │ └── cleanup/ # Resource teardown scripts
│ │
│ ├── reference_implementations/ # Full-Stack Reference Apps
│ │ ├── market-surveillance/ # Capital Markets surveillance (Strands + Terraform)
│ │ │ ├── agent-backend/ # Strands multi-agent backend
│ │ │ ├── trade-alerts-app/ # Next.js frontend
│ │ │ ├── infrastructure/ # Terraform (multi-module)
│ │ │ └── seeding_scripts/ # Data seeding and DB setup
│ │ │
│ │ ├── shopping-concierge-agent/ # Agentic payments concierge (Strands + MCP + CDK)
│ │ │ ├── concierge_agent/ # Strands agent + MCP tools
│ │ │ ├── web-ui/ # React frontend
│ │ │ ├── amplify/ # Amplify backend (Cognito, AppSync, DynamoDB)
│ │ │ └── infrastructure/ # CDK stacks (Agent, MCP, Frontend)
│ │ │
│ │ ├── case-management/ # Fraud detection + investigation (Strands + Bash/CDK)
│ │ │ ├── agent/ # Fraud Analyst + SAR Report agents
│ │ │ ├── frontend/ # React case management UI
│ │ │ └── infrastructure/ # DynamoDB, CloudFront + OAC, AgentCore SAR stack
│ │ │
│ │ └── agent-safety/ # Human-in-the-loop safety toolkit
│ │ ├── cost-controls/ # Auto budgets + anomaly alarms per agent
│ │ ├── hil-interventions/ # Kill switch (IAM deny) + per-session controls
│ │ └── dashboard/ # Unified cost, eval, and observability signals
│ │
│ └── app_factory/ # AI-generated use cases
│ ├── builder.py # Prompt → code generation logic
│ ├── prompts/ # System prompts used by builder
│ ├── ui-template/ # React UI scaffold for generated apps
│ ├── deploy.sh # CodeBuild entrypoint for generated bundles
│ └── scripts/ # Supporting generation + packaging scripts
│ # Wizard → AI code + Terraform → deployed to AgentCore
│
- AWS Account with Bedrock model access (Claude models enabled)
- AWS CLI >= 2.28.9
- Terraform >= 1.0
- Python >= 3.11
- Node.js >= 22
- Docker with buildx support
# Clone the repository
git clone https://github.com/aws-samples/ava
cd ava
# Copy environment config
cp .env.example .env
# Edit .env with your AWS credentials and regionChoose your path:
The Control Plane is the recommended entry point — once deployed, it can CI/CD-deploy every application including FSI Foundry use cases, reference implementations, templates, and app factory from its UI. The Foundry and reference implementation scripts remain available for standalone plug-and-play use if you'd rather skip the Control Plane.
Recommended — deploy the Control Plane, then use its UI for everything:
| Step | Command | Required? |
|---|---|---|
| 1. Deploy the Control Plane | cd platform/control_plane/infrastructure/scripts && ./deploy-full.sh |
Required |
| 2. Seed CodeCommit (enables the "Deploy from Git" path in the UI) | cd platform/control_plane/infrastructure/scripts && ./seed-codecommit.sh init |
Optional — only for the Git deploy path |
| 3. Docker Hub (Authenticates to pull from Docker Hub) | cd platform/control_plane/infrastructure/scripts && ./setup-dockerhub-auth.sh |
Optional — Only for LangFuse setup. Instructions |
After step 1, user can the Control Plane UI to deploy any FSI Foundry use case or reference implementation — no further CLI work needed.
Alternative — deploy standalone (without the Control Plane):
| Goal | Command |
|---|---|
| Deploy a single FSI Foundry use case from the CLI | cd applications/fsi_foundry && ./scripts/main/deploy.sh |
| Deploy a reference implementation from the CLI | See applications/reference_implementations/ |
⚠️ Model Access: AWS accounts that have not used a legacy model in the last 30 days will receive an error when calling that model, resulting in "Error: No Response" in the frontends. Check the Model Catalog to select the right model.
| Resource | Description |
|---|---|
| Control Plane | Deploy and manage agent applications from the web UI |
| Infrastructure | Terraform modules and deployment architecture |
| Infrastructure Scripts | deploy-full.sh, deploy.sh, destroy.sh, import-existing.sh, seed-codecommit.sh — usage, modes, troubleshooting |
| Resource | Description |
|---|---|
| FSI Foundry | Architecture, foundations, and use case documentation |
| Reference Implementations | End-to-end full-stack solutions |
| App Factory | Natural-language wizard → AI-generated agent code + Terraform → deployed to AgentCore |
| Deployment Guide | Step-by-step deployment instructions |
| Resource | Description |
|---|---|
| Frontier Agents Registry | Catalog of managed AWS Frontier Agents — metadata, supported IaC flavors, deploy parameters |
| AWS DevOps Agent — IaC modules | Agent Space, operator role, primary-account association; optional Part 2 cross-account add-on. Choose your flavor: Terraform | CDK | CloudFormation |
| AWS DevOps Agent (AWS docs) | Official service documentation — integrations, Agent Spaces, IAM, web app |
| AWS Security Agent (AWS docs) | Official service documentation — design review, code review, on-demand pentest |
| Kiro | Amazon's agentic IDE — spec-driven development, steering files, hooks |
| Contributor | Contributions |
|---|---|
| Vivian Bui | Control Plane platform, Frontier Agents, FSI Foundry foundations, 34 use case agentic design and service implementations, CI/CD pipeline, testing panel, deployment automation |
| Ethan Almeida | App Factory, Strands AgentCore integration, deployment scripts |
| Adarsh Parakh | FSI Foundry 34 frontend UIs, guidance design, workflow-driven orchestration pattern, Guardrails & Policy (coming soon) |
| Daniela Vargas | Langfuse observability, Shopping Concierge Agent reference implementation |
|
• Prasanth Ponnoth • Milan Bavadiya • Rhia Bipin Roy • Sonia Mahankali | Agent Safety reference implementation |
|
• Alseny Diallo • Mark Paguay | Market Surveillance reference implementation |
| Hemal Gadhiya | App Templates, Role-based access control (coming soon) |
| Sudhir Kalidindi | Case Management reference implementation |
| Role | Name |
|---|---|
| Product & Strategy Lead | Bikash Behera |
| Platform Architect | Jorge Castans |
| Project Lead | Vivian Bui |
See SECURITY.md for reporting security issues.
This project is licensed under the Apache License 2.0 — see LICENSE for details.
Made with ❤️ by the FSI PACE Prototyping Team at AWS