AWS Bedrock AgentCore Memory: three patterns for namespace-level long-term agent memory with IAM access control
On April 29, 2026, AWS published reference architectural patterns for organizing long-term agent memory within the Bedrock AgentCore Memory service. Three key namespace patterns cover different use cases: Actor-Scoped for preferences and facts, Session-Scoped for conversation summaries, and Episodic with Reflection Hierarchy for generalizing experience across sessions. IAM condition keys provide strict access control at the namespace level.
This article was generated using artificial intelligence from primary sources.
On April 29, 2026, AWS published reference architectural patterns for organizing long-term agent memory within the Bedrock AgentCore Memory service. The post, authored by Noor Randhawa, Akarsha Sehwag, and Piradeep Kandasamy, presents three patterns for different use cases and shows how IAM condition keys enforce access control at the individual namespace level.
Three namespace patterns
1. Actor-Scoped (semantics and preferences)
User facts and preferences accumulate across multiple sessions and are consolidated under a single actor identifier. Structure:
/actor/{actorId}/facts/
/actor/{actorId}/preferences/
Typical use case: application user settings, historical decisions, profile memories.
2. Session-Scoped (summaries)
Conversation summaries remain tied to specific interactions. Structure:
/actor/{actorId}/session/{sessionId}/summary/
Benefit: reduces token consumption for subsequent turns within the same session without mixing context between unrelated conversations.
3. Episodic with Reflection Hierarchy
Episodes capture reasoning traces within an individual session; reflections generalize learnings across sessions at the parent namespace level. This is the most sophisticated pattern for agents that must “learn from experience” across user sessions.
Two key API methods
AgentCore Memory distinguishes:
RetrieveMemoryRecords— semantic search for contextually relevant memory during agent interactionsListMemoryRecords— enumerates memory within a specific namespace for display, audit, or bulk operations
The distinction matters: the first performs vector search, the second a plain listing — used for audit tooling, GDPR-style deletion, or user-managed memory.
IAM access control at the namespace level
Perhaps the most important part for enterprise: IAM condition keys for strict access control:
bedrock-agentcore:namespacewithStringEquals— exact-match accessbedrock-agentcore:namespacePathwithStringLike— hierarchical retrieval
Dynamic scoping uses principal tags such as ${aws:PrincipalTag/userId} for user isolation — an agent working for one user cannot accidentally retrieve another user’s memory.
Why does this matter?
Memory is currently the weakest part of production multi-agent systems — either too small (static prompt context), or too large (an entire vector store leaking between users). AgentCore Memory namespace patterns give AWS customers a conventional structure that can be audited, IAM-controlled, and consolidated per actor.
This builds on the AWS post from April 29 about the AgentCore MCP proxy (governance layer between agents and tools) — AWS is building an enterprise agent stack layer by layer: identity, memory, tool access, audit.
Frequently Asked Questions
- What are the three namespace patterns?
- 1) Actor-Scoped (`/actor/{actorId}/facts/` and `/preferences/`) — facts and preferences consolidated across sessions. 2) Session-Scoped (`/actor/{actorId}/session/{sessionId}/summary/`) — summaries of specific interactions. 3) Episodic with Reflection Hierarchy — episodes capture reasoning traces within sessions; reflections generalize learnings across sessions.
- How does AgentCore Memory differentiate semantic search from enumeration?
- Two API methods: `RetrieveMemoryRecords` performs semantic search for contextually relevant memory during agent interactions. `ListMemoryRecords` enumerates memory within a specific namespace for display, audit, or bulk operations.
- How is access controlled?
- IAM condition keys: `bedrock-agentcore:namespace` with `StringEquals` for exact-match access, and `bedrock-agentcore:namespacePath` with `StringLike` for hierarchical retrieval. Dynamic scoping uses principal tags such as `${aws:PrincipalTag/userId}` for user isolation.
📬 AI news in your inbox
A daily digest built your way — pick topics, sources and cadence. One-click unsubscribe.
Related news
arXiv:2607.14049: 'Deep Interaction' — Editing the Reasoning Chain Boosts Correction by +25%, Saves 40% of Tokens
arXiv:2607.13104: Comprehensive Survey of Self-Improving AI Agents (With Jürgen Schmidhuber)
arXiv:2607.13034: E3 framework — agents estimate task complexity and use 91% fewer tokens