Customize AI Agent Browsing with Amazon Bedrock AgentCore Browser Proxies, Profiles, and Extensions

AI agents that browse the web need more than basic page navigation. Our customers say they want an agent that maintains session state throughout the interaction, routes traffic through the company’s proxy infrastructure, and runs with a custom browser configuration. AgentCore Browser provides a secure, isolated browser environment for agents to interact with web applications. Previously, the Agent Core Browser started each browser session with a blank slate with default settings and direct internet access, limiting what agents could accomplish in a real-world corporate environment.

Today, we’re announcing three new features that address these requirements: Proxy Configuration, Browser Profiles, and Browser Extensions. Together, these features give you fine-grained control over how your AI agents interact with the web.

These three features allow you to control how AgentCore browser sessions connect to the Internet, the state they maintain, and their behavior. Proxy configuration allows you to route browser traffic through your own proxy server, providing IP stability and integration with your corporate network infrastructure. Browser profiles persist cookies and local storage between sessions, allowing agents to resume authenticated workflows without repeating the login flow. Browser extensions load Chrome extensions into your session to customize browser behavior for your use case. This post explains each feature with configuration examples and real-world usage examples to help you get started.

How persistent browser profiles keep AI agents running smoothly

Customers building agents for e-commerce testing, authenticated workflows, and multi-step user journeys require browser sessions that remember state. Without persistent profiles, agents must re-authenticate and rebuild context at the start of each session, adding delays and vulnerabilities to automated workflows. Browser profiles solve this problem by saving and restoring cookies and local storage between sessions. So an agent who logged into the portal yesterday can pick up where they left off today.

IP stability is also a common requirement. Healthcare and financial portals validate sessions based on source IP address, but when AWS IP addresses are rotated, re-authentication cycles occur frequently, disrupting long-running workflows. Proxy support allows traffic to be routed through a server with a stable egress IP, thus maintaining session continuity and meeting IP whitelisting requirements. Organizations that route traffic through corporate proxies should extend this practice to AI agents for browser sessions. Proxy configuration allows access to internal web pages and resources that require proxy-based connections.

Browser extensions enable custom configurations such as ad blocking, authentication helpers, and other browser-level customizations. These features, combined with proxy logging, can help provide evidence for access control and auditing. May compliance program FedRAMP, HITRUST, PCI, etc..

Feature 1: Proxy configuration

browser Now supports routing browser traffic through your own external proxy server. When you create a browser session using a proxy configuration, AgentCore configures your browser to route HTTP and HTTPS traffic through the specified proxy server.

structure

you call StartBrowserSession and proxyConfiguration Specify a proxy server. When using authentication, AgentCore obtains proxy credentials from AWS Secrets Manager. Your browser session begins with your proxy settings applied, and your browser traffic is routed through the proxy server based on your domain routing rules.

Start using a proxy

Please meet these prerequisites before proceeding.

import boto3 
import json 
client = boto3.client('secretsmanager') 
client.create_secret( 
    Name="my-proxy-credentials", 
    SecretString=json.dumps({ 
        'username': '', 
        'password': '' 
    }) 
)

Step 2: Create a browser session using proxy configuration

session_client = boto3.client('bedrock-agentcore', region_name="") 
 
response = session_client.start_browser_session( 
    browserIdentifier="aws.browser.v1", 
    name="my-proxy-session", 
    proxyConfiguration={ 
        "proxies": [{ 
            "externalProxy": { 
                "server": "", 
                "port": 8080, 
                "credentials": { 
                    "basicAuth": { 
                        "secretArn": "arn:aws:secretsmanager:::secret:" 
                    } 
                } 
            } 
        }] 
    } 
) 
print(f"Session ID: {response['sessionId']}")

Credentials fields are optional for unauthenticated proxies.

domain-based routing

use domainPatterns route a specific domain through a specified proxy, and bypass.domainPatterns For domains that require a direct connection:

proxyConfiguration={ 
    "proxies": [ 
        { 
            "externalProxy": { 
                "server": "corp-proxy.example.com", 
                "port": 8080, 
                "domainPatterns": [".company.com", ".internal.corp"] 
            } 
        }, 
        { 
            "externalProxy": { 
                "server": "general-proxy.example.com", 
                "port": 8080 
            } 
        } 
    ], 
    "bypass": { 
        "domainPatterns": [".amazonaws.com"] 
    } 
}

This configuration makes the following requests: and internal.corp Route via company proxy, request to amazonaws.com Bypass all proxieseverything else is routed through the generic proxy. These field teeth This is just one example. bypass domain can match bypass.domainPatterns Connect directly to external proxy can become valid agent’s domainPatterns Route through that proxy (first match takes precedence based on array order).

Routing priority

When the AgentCore Browser processes outbound requests, it follows three layers of routing rules to determine where to send the traffic. First check the bypass list. If the destination domain matches, bypass.domainPatterns After adding the entry, requests will connect directly to the internet without using a proxy. If the domain does not match the bypass rules, AgentCore will domainPatterns Route the request through the first proxy that matches the pattern, in order. If neither proxy pattern matches, the request is forwarded to the default proxy. The default proxy is domainPatterns Defined.

Use this code example to test the new proxy functionality.

Feature 2: Browser profile

Browser profiles allow you to persist and reuse session data such as cookies and local storage across multiple browser sessions. Agents who authenticate with the web portal in one session can restore that state in a later session without having to log in again. This is useful for authenticated workflows where re-logins increase latency, e-commerce tests where shopping cart and form data must persist between sessions, and multi-step user journeys that span multiple browser calls.

There are four stages in the profile lifecycle. Start by calling create_browser_profile() Create a named profile. At the end of the session, save_browser_session_profile() Captures current cookies and local storage to that profile. When starting a new session, enter your profile identifier. profileConfiguration parameters of start_browser_session()the saved state will be restored to the new browser. If you no longer need the profile, delete_browser_profile() To clean it up.

The following example shows an agent adding items to a shopping cart in one session and ensuring that they persist in subsequent sessions.

Please meet these prerequisites before proceeding.

import boto3 

control_client = boto3.client('bedrock-agentcore-control', region_name="") # replace by your region 

session_client = boto3.client('bedrock-agentcore', region_name="") # replace by your region  
 
# Create a browser profile 
profile = control_client.create_browser_profile(name="ecommerce_profile") 
profile_id = profile['profileId'] 
 
# Session 1: Add items to cart 
session1 = session_client.start_browser_session( 
    browserIdentifier=”aws.browser.v1”, 
    name="shopping-session-1" 
) 
# ... agent navigates and adds items to cart ... 
 
# Save session state to profile 
session_client.save_browser_session_profile( 
    sessionId=session1['sessionId'], 
    browserIdentifier=”aws.browser.v1”, 
    profileIdentifier=profile_id 
) 
session_client.stop_browser_session(sessionId=session1['sessionId'], browserIdentifier="aws.browser.v1") 
 
# Session 2: Resume with saved profile 
session2 = session_client.start_browser_session( 
    browserIdentifier=”aws.browser.v1”, 
    name="shopping-session-2", 
    profileConfiguration={"profileIdentifier": profile_id} 
) 
# Cart items from Session 1 are now available

Use this code example to test the new profiling feature.

Feature 3: Browser extension

Browser extensions allow you to load Chrome extensions into your AgentCore browser session to customize browser behavior. Package your extension as a ZIP file and upload it to: Amazon Simple Storage Service (Amazon S3), refer to them when you start a browser session. This provides access to features available through the Chrome Extension API, from proxy routing and ad blocking to authentication helpers and content modification. For example, you can inject authentication tokens for internal applications, remove ads, track scripts that interfere with agent navigation, and modify page content to improve how agents interact with your site.

Extensions must follow the standard Chromium extension format and follow the Chromium extension guidelines.

Please meet these prerequisites before proceeding.

Upload your extension to Amazon S3.

# Upload extension to S3 

import boto3 
s3 = boto3.client('s3') 
s3.upload_file( 
    'my-extension.zip', 
    'amzn-s3-demo-bucket-extensions', 
    'extensions/my-extension.zip' 
)

Next, use the extension to start a session by specifying the Amazon S3 bucket where you uploaded the zip file.

import boto3 
region = "" # replace by your region 
client = boto3.client('bedrock-agentcore', region_name=region) 

response = client.start_browser_session( 
    browserIdentifier="aws.browser.v1", 
    name="my-session-with-extensions", 
    sessionTimeoutSeconds=1800, 
    viewPort={ 
        'height': 1080, 
        'width': 1920 
    }, 
    extensions=[ 
        { 
            "location": { 
                "s3": { 
                    "bucket": "amzn-s3-demo-bucket-extensions", 
                    "prefix": "extensions/my-extension.zip" 
                } 
            } 
        }, 
        { 
            "location": { 
                "s3": { 
                    "bucket": "amzn-s3-demo-bucket-extensions", 
                    "prefix": "extensions/another-extension.zip", 
                    "versionId": "abc123"  # Optional - for versioned S3 buckets 
                } 
            } 
        } 
    ] 
) 
 
print(f"Session ID: {response['sessionId']}") 
print(f"Status: {response['status']}") 
print(f"Automation Stream: {response['streams']['automationStream']['streamEndpoint']}")

Use this code example to test your new extension.

conclusion

Proxy configurations, browser profiles, and browser extensions provide AgentCore Browser with the proxy routing, session persistence, and scalability controls that customers need to deploy web-browsing AI agents in production environments. While keeping your credentials safe with AWS Secrets Manager, you can route traffic through your company’s proxy infrastructure, maintain session continuity across interactions, and customize browser behavior using extensions. Customers can convey e-commerce context and information between sessions, create their own extensions and test them in a secure environment before release, and connect their browsers to the network through a proxy.

See the following tutorials to get started: Amazon Bedrock Agent Core Sample Repositories and Amazon Bedrock AgentCore Browser document. For pricing details, please visit: Amazon Bedrock Agent Core Pricing.