Agent Frameworks
Planning, tool use, memory, multi-agent coordination, evaluation hooks, and orchestration state.
Enterprise architecture reference
This reference turns a cloud-specific agent stack into a vendor-neutral enterprise model, then maps the model across Azure, AWS, and Google Cloud. The key finding is direct: cloud providers supply strong execution, model, workflow, identity, and monitoring primitives, but none of them fully solve cross-cloud agent identity, authority, runtime permissioning, evidence, revocation, and lifecycle governance as one operating layer.
The enterprise stack should be described by capabilities first. Provider services can implement parts of the stack, but governance authority should remain portable across clouds, models, tools, and business systems.
Planning, tool use, memory, multi-agent coordination, evaluation hooks, and orchestration state.
Hosted models, embeddings, model catalog access, model routing, versioning, and provider review.
Queues, event routing, streaming, workflow automation, retries, idempotency, and handoff state.
Containers, Kubernetes, serverless functions, job runners, network controls, and sandboxed execution.
Human identity, service identity, workload identity, scoped credentials, secrets, and least privilege.
Logs, traces, metrics, failure telemetry, prompt/tool traces, incident signals, and cost signals.
Policy, content safety, model risk review, human approval, evidence, auditability, and lifecycle state.
Source control, CI/CD, infrastructure as code, release gates, environment promotion, and rollback.
Low-code agent builders, productivity assistants, enterprise workflows, and business-domain copilots.
| Layer | Azure | AWS | Google Cloud |
|---|---|---|---|
| Agent Frameworks | Azure AI Foundry Agent Service, Microsoft Agent Framework, Semantic Kernel, AutoGen | Amazon Bedrock Agents, Strands Agents, AgentCore Runtime and Gateway for framework-hosted agents | Vertex AI Agent Builder, Google Agent Development Kit, Gemini Enterprise Agent Platform components |
| Models | Azure OpenAI Service, Azure AI Foundry model catalog | Amazon Bedrock foundation models, SageMaker for custom model lifecycle | Vertex AI Model Garden, Gemini models, partner and open model hosting |
| Workflow/Eventing | Logic Apps, Event Grid, Service Bus, Event Hubs | Step Functions, EventBridge, SQS, SNS, MSK, Kinesis | Workflows, Eventarc, Pub/Sub, Cloud Tasks, Dataflow |
| Runtime | Container Apps, AKS, Functions | ECS, EKS, Lambda, Bedrock AgentCore Runtime | Cloud Run, GKE, Cloud Functions, Vertex AI custom jobs |
| Identity | Microsoft Entra ID, managed identities, Key Vault | IAM, IAM Identity Center, STS, Secrets Manager, AgentCore Identity | Cloud IAM, Workforce Identity Federation, Workload Identity Federation, Secret Manager |
| Observability | Azure Monitor, Application Insights, Log Analytics | CloudWatch, X-Ray, CloudTrail, Bedrock AgentCore Observability | Cloud Logging, Cloud Monitoring, Cloud Trace, Vertex AI observability features |
| Governance | Azure Policy, Purview, AI Content Safety, Entra controls, Azure AI evaluation features | IAM policy, Organizations/SCPs, GuardDuty/Security Hub, Bedrock Guardrails, AgentCore Policy | Organization Policy, Security Command Center, Sensitive Data Protection, Model Armor, Agent Platform governance controls |
| CI/CD | GitHub Actions, Azure DevOps, Bicep, ARM, Terraform | CodePipeline, CodeBuild, CodeDeploy, CloudFormation, CDK, Terraform | Cloud Build, Cloud Deploy, Artifact Registry, Deployment Manager alternatives, Terraform |
| Business AI Layer | Microsoft Copilot Studio, Power Automate, Microsoft 365 Copilot, Dynamics 365 Copilot | Amazon Q Business, Amazon Q Developer, Bedrock-backed enterprise assistants | Gemini Enterprise, Gemini for Workspace, Agentspace and Workspace-connected assistants |
A governed enterprise should place a cloud-agnostic operating layer above provider runtimes. In Scaled Agents terms, this is where Passport, Toll Gates, Runtime Permits, Stamps, Human Review, Action Broker mediation, and lifecycle analytics fit.
Every AI worker needs a durable identity record with owner, purpose, risk tier, data boundary, tool boundary, authority limits, lifecycle state, and renewal date.
Agents should receive short-lived scoped credentials only after a current Passport, approved role, active review state, and valid runtime context are confirmed.
Runtime authority should be granted per action, data class, tool, destination, model, workflow, risk tier, and business purpose, then expire or require renewal.
Pre-run checks validate identity and scope, mid-run checks constrain tools and delegation, and post-run checks record outcome, evidence, exceptions, and residual risk.
Evidence should reconstruct who owned the agent, what authority applied, what data and tools were used, what policy decided, and what human review occurred.
Draft, reviewed, approved, active, paused, suspended, revoked, and retired states must remain distinct across every cloud and business-system connector.
Kill switches should disable credentials, tool access, workflow triggers, agent-to-agent delegation, scheduled jobs, and external communications without relying on one cloud console.
Agent-to-agent communication should require sender and receiver passports, approved delegation purpose, inherited authority limits, transcript/evidence capture, and deny-by-default behavior.
Executives need population, risk, cost, value, incident, exception, renewal, and orphan-agent views that cut across provider-specific logs and runtime services.
| Operating Area | Recommendation |
|---|---|
| Ownership | Assign a business owner, technical owner, risk reviewer, data reviewer, and operator for each AI worker. The agent may recommend or execute bounded tasks, but a human remains accountable for scope, review, and retirement decisions. |
| Governance Structure | Use a federated model: a central AI governance platform defines policy, records, evidence, and release gates; domain teams propose agents and own business outcomes inside those guardrails. |
| Deployment Pattern | Deploy agents in the cloud or runtime that fits workload needs, but require every runtime to call the same Passport, Toll Gate, Runtime Permit, evidence, and revocation controls before consequential actions. |
| Policy Consistency | Translate enterprise policy into portable controls that can be evaluated before tool calls, data access, workflow handoffs, model changes, external communication, and agent-to-agent delegation. |
| Auditability | Keep provider logs, model traces, workflow events, human review records, and evidence stamps correlated by agent ID, Passport ID, action ID, policy version, and lifecycle state. |
Review boundary: provider service names and feature boundaries are time-sensitive. This page is a public architecture reference for planning and review. It is not procurement advice, legal advice, a formal compliance determination, audit opinion, security sign-off, or a claim that any cloud service provides complete cross-cloud agent governance.