# Supported Entities Veza discovers and catalogs AI resources across your cloud environments as three entity types: **AI Agents** (orchestration agents that invoke models and take actions), **AI Models** (foundation and custom models), and **AI Tools** (knowledge bases, action groups, and prompt templates). Use these entities to analyze access paths, track permissions, and report on access compliance. See [Entity reference by integration](#entity-reference-by-integration) for the complete list of all entity types discovered per platform. ## Entities by Type The following tables summarize all discovered AI entity types grouped by their functional role. ### AI Agents & Bots Orchestration engines that invoke models, call tools, and take autonomous actions using an assigned execution identity. | Veza Entity | Integration | | ---------------------------------------------------- | ------------ | | Bedrock Agent | AWS | | Bedrock AgentCore Runtime | AWS | | AI Foundry Agent | Azure | | Enterprise Application (with agentic tag) | Azure AD | | Vertex AI Reasoning Engine | Google Cloud | | Copilot Studio Bot | Microsoft | | Bot Definition (Agentforce Agents and Einstein Bots) | Salesforce | | ServiceNow AI Agent | ServiceNow | ### AI Models Foundation, fine-tuned, and imported models used by agents to generate responses and perform reasoning. | Veza Entity | Integration | | --------------------------- | ------------ | | Bedrock Custom Model | AWS | | Bedrock Foundation Model | AWS | | Bedrock Imported Model | AWS | | AI Foundry Model Deployment | Azure | | Vertex AI Foundation Model | Google Cloud | | Vertex AI Model | Google Cloud | | Copilot Studio AI Model | Microsoft | | ServiceNow AI Model | ServiceNow | ### AI Tools Knowledge bases, action groups, and prompt templates that agents use to interact with external systems and data sources. | Veza Entity | Integration | | ------------------------ | ------------------- | | Bedrock Action Group | AWS | | Bedrock Knowledge Base | AWS | | Bedrock Prompt | AWS | | Bedrock Prompt Router | AWS | | AI Foundry Tool | Azure | | AI Foundry Vector Store | Azure | | Vertex AI Endpoint | Google Cloud | | Public MCP Server | Public MCP Registry | | ServiceNow AI Agent Tool | ServiceNow | | ServiceNow Gen AI Skill | ServiceNow | ## AI Agents Veza discovers AI Agents across AWS Bedrock, AWS Bedrock AgentCore, Google Cloud Vertex AI, Microsoft Copilot Studio, Azure AI Foundry, Salesforce, and ServiceNow, enabling you to track which agents can access sensitive data, analyze their permission scope, and enforce governance policies. AI Agents combine language models with the ability to take actions, such as tool calling and API execution, multi-step reasoning and decision-making, access to databases, APIs, and file systems, and IAM role assumption for resource access. Veza models two distinct access patterns for AI Agents: * **Ambient permissions** — The agent acts as its own principal using an assigned IAM role, service account, or managed identity to access resources directly. These permissions exist regardless of who invokes the agent. * **Delegated permissions** — The agent acts on behalf of an invoking user, inheriting that user's permission scope for downstream resource access. What the agent can reach depends on who triggered it. Both patterns appear in the Veza graph, enabling you to answer questions like "What resources can this agent access on its own?" and "What can a user access through this agent that they couldn't access directly?" Example queries: * "show me bedrock agents with iam roles that can access rds databases" * "which ai agents can read s3 buckets with pii tags" * "find agents using claude opus without assigned owners" * "bedrock agents created in last 30 days" Veza discovers the following AI Agent types: * **AWS Bedrock**: Bedrock Agent (`BedrockAgent`) * **AWS Bedrock AgentCore**: Bedrock AgentCore Runtime (`BedrockAgentCoreRuntime`) * **Google Cloud Vertex AI**: Vertex AI Reasoning Engine (`VertexAiReasoningEngine`) * **Microsoft Copilot Studio**: Copilot Studio Bot (`MicrosoftCopilotStudioBot`) * **Azure AI Foundry**: Azure AI Foundry Agent (`AzureAiFoundryAgent`, `AzureAiFoundryBotServiceAgent`) * **Salesforce**: Agentforce Bot (`SalesforceBotDefinition`) * **ServiceNow**: ServiceNow AI Agent (`ServiceNowAIAgent`) ### AI Agent Properties All AI agent entities include standard attributes for filtering and analysis: | Property | Description | Example Values | Availability | | ------------------- | --------------------------------------------------- | ------------------------------------------------------------------------------------------- | --------------------------- | | **AI Platform** | The hosting platform where the agent runs | AWS Bedrock, Google Cloud Vertex AI, Microsoft Copilot Studio, Azure AI Foundry, Salesforce | All platforms | | **Publisher** | Organization that created the underlying technology | Amazon, Google, Microsoft, Salesforce | All platforms | | **Entity Type** | Graph category for search and filtering | AI Agent, AI Model, AI Tool | All platforms | | **Name** | Human-readable agent name | support-bot-v2, financial-analyst | All platforms | | **Status** | Current operational state | See [Agent Status Values](#agent-status-values) below | AWS Bedrock only | | **IAM Role** | Associated execution role | arn:aws:iam::123456789012:role/veza-bedrock-agent-role | AWS Bedrock only | | **Service Account** | Associated service account | `my-agent@project.iam.gserviceaccount.com` | Google Cloud Vertex AI only | #### Agent Status Values | Status | Description | When This Occurs | | -------------- | ------------------------------ | ------------------------------------------------------------ | | `PREPARED` | Agent is ready for use | Configuration complete, all dependencies available | | `NOT_PREPARED` | Agent configuration incomplete | Missing action groups, knowledge bases, or model selection | | `PREPARING` | Agent is being prepared | Transitioning to ready state after `PrepareAgent` API call | | `CREATING` | Agent is being provisioned | During initial creation | | `UPDATING` | Agent is being updated | Configuration changes being applied | | `VERSIONING` | Agent version is being created | New version deployment in progress | | `DELETING` | Agent is being removed | Deletion initiated but not yet complete | | `FAILED` | Agent encountered an error | Configuration error, permission issue, or deployment failure | ## AI Models AI Models are the underlying machine learning models that power AI Agents and applications, including foundation models, LLMs, SLMs, and custom-trained variants. AI Models in Veza include **Foundation models** (pre-trained models from major vendors), **Custom models** (fine-tuned or trained on specific data), and **Imported models** (third-party models hosted in your environment). {% hint style="info" %} OpenAI is not a native AI agent integration. GPT-4o and other OpenAI models are accessible for discovery via AWS Bedrock and Azure AI Foundry. {% endhint %} Veza organizes models using a three-level hierarchy for filtering and reporting: * **Publisher level** - Filter by organization (Anthropic, OpenAI, Google, Meta, Amazon) * **Model Family level** - Filter by model lineage (Claude, GPT, Llama, Gemini, Nova) * **Model Series level** - Filter by capability tier (Opus, Sonnet, Haiku, Pro, Lite) Veza tracks model usage and lifecycle status to enable: * Model inventory and usage reporting * Detection of deprecated or legacy models * Cost optimization by identifying over-provisioned models * Enforcement of approved model lists by team or application Example queries: * "foundation models with legacy lifecycle status" * "bedrock agents using claude opus models" * "custom models in production environment" * "show model usage by publisher" ### AI Model Properties All AI Models include detailed metadata for compliance and governance: | Property | Description | Example Values | | --------------------- | ----------------------------------- | --------------------------------------------------------------------------------------------------------------- | | **AI Platform** | Where the model is hosted | AWS Bedrock, Google Cloud Vertex AI, Azure OpenAI | | **Publisher** | Organization that created the model | Anthropic, OpenAI, Google, Meta, Amazon, Microsoft, Mistral, Cohere, Stability AI, AI21 Labs, DeepSeek, Alibaba | | **Model Family** | High-level model lineage | Claude, GPT, Llama, Gemini, Nova, Titan, Mistral, Command | | **Model Series** | Specific model variant | Claude Opus, Claude Sonnet, GPT-4o, Llama 3.3, Nova Pro | | **Lifecycle Status** | Model availability | See [Model Lifecycle Status Values](#model-lifecycle-status-values) below | | **Streaming Support** | Real-time response capability | true, false | #### Model Lifecycle Status Values | Lifecycle Status | Description | Recommended Action | | ---------------- | ---------------------------------------- | ----------------------------------------------- | | `ACTIVE` | Model is fully supported and available | Safe to use in production | | `LEGACY` | Model is deprecated but still accessible | Plan migration to newer model series | | `SUNSET` | Model scheduled for removal | Migrate immediately to avoid service disruption | Use Veza queries to identify agents using `LEGACY` or `SUNSET` models for proactive governance. ## AI Tools AI Tools are resources that AI Agents invoke to access data and execute actions, including knowledge bases, action groups, prompt templates, and function calling endpoints. AI Tools define agent capabilities and data access: * **Knowledge Bases** - RAG data sources containing indexed documents * **Action Groups** - APIs and functions agents can execute * **Prompts** - Centrally managed, versioned prompt templates for consistent model interactions * **Prompt Routers** - Route prompts to different models based on quality and cost criteria * **MCP Servers** - External integrations and system connections from public MCP registries Example queries: * "knowledge bases connected to s3 buckets with pii" * "action groups in enabled state" * "bedrock agents using shared knowledge bases" * "which agents can access customer-data knowledge base" ### AI Tool Properties | Property | Description | Example Values | | ----------------- | ---------------------------------- | ------------------------------------------- | | **AI Platform** | Platform hosting the tool | AWS Bedrock, MCP | | **Publisher** | Organization providing the tool | Amazon, Microsoft, Custom | | **Tool Subtypes** | Specific tool categories | MCP\_SERVER, ACTION\_GROUP, KNOWLEDGE\_BASE | | **State** | Operational status (Action Groups) | ENABLED, DISABLED | ## Entity Reference by Integration This section lists all entity types Veza discovers per integration, including supporting resources, policies, and guardrails beyond the primary agent, model, and tool types. {% hint style="info" %} All AI Agent entity types (agents, bots, and reasoning engines) are classified as non-human identities (NHI) by default. See [NHI Supported Entities](/4yItIzMvkpAvMVFAamTf/features/nhi/nhi-entities.md) for the complete list of entity types that Veza always classifies as non-human. {% endhint %} ### AWS Bedrock | Entity Type | Classification | Description | | -------------------------------- | -------------- | --------------------------------------------------------------------------------------------------------------------------------------- | | `BedrockAgent` | AI Agent | Primary orchestration engine; invokes models, runs Action Groups, and queries Knowledge Bases. Assumes an IAM Role for resource access. | | `BedrockAgentAlias` | Resource | Pointer to a specific agent version; used for versioned invocation. | | `BedrockAgentVersion` | Resource | A pinned version of an agent with its own model, knowledge base, and action group configuration. | | `BedrockActionGroup` | AI Tool | Defines actions the agent can perform; backed by Lambda functions or OpenAPI schemas. | | `BedrockKnowledgeBase` | AI Tool | RAG-enabled data repository providing contextual information to agents. | | `BedrockKnowledgeBaseDataSource` | Resource | Connector to external systems (S3, SharePoint, Confluence, Salesforce) that feeds a Knowledge Base. | | `BedrockFoundationModel` | AI Model | Pre-trained, on-demand models (Claude, Llama, Titan, GPT-4o, etc.) accessible via the Bedrock API. | | `BedrockCustomModel` | AI Model | Fine-tuned models trained on private data; references a base Foundation Model. | | `BedrockImportedModel` | AI Model | Externally imported models (e.g., from SageMaker). | | `BedrockPrompt` | AI Tool | Centrally managed, versioned prompt templates for consistent model interactions. | | `BedrockPromptVersion` | Resource | A specific version of a prompt template. | | `BedrockPromptRouter` | AI Tool | Routes prompts to different models based on quality and cost criteria. | | `BedrockGuardrail` | Policy | Content filtering and safety policy (topic, word, PII, and Automated Reasoning filters). | | `BedrockGuardrailVersion` | Resource | Versioned guardrail with detailed filter configurations. | **Permissions model:** Bedrock Agents assume IAM roles to access AWS services. Analyzing effective permissions requires reviewing IAM user and group policies, service role permissions, SCPs and RCPs, and resource-based policies on connected services (Lambda, S3, OpenSearch). ### AWS Bedrock AgentCore Amazon Bedrock AgentCore is a managed infrastructure platform for deploying and running AI agents at production scale. Unlike Bedrock (classic), which provides managed orchestration for short-lived API calls, AgentCore provides long-running serverless compute for agents built with any framework (Strands, LangGraph, CrewAI, OpenAI Agents SDK, etc.) and any model. Veza discovers agent runtimes and their IAM role associations. AgentCore discovery is part of the AWS integration. {% hint style="info" %} Veza currently discovers AgentCore **runtimes** (running agent instances) and their execution role associations. Gateway, Memory, and other AgentCore resource types are planned for a future release. For Bedrock agent definitions and associated models, see [AWS Bedrock](#aws-bedrock) above. {% endhint %} | Entity Type | Classification | Description | | ------------------------- | -------------- | ---------------------------------------------------------------------------------------------------------- | | `BedrockAgentCoreRuntime` | AI Agent | A running agent instance on the AgentCore platform. Classified as a non-human identity (AI Agent subtype). | | `BedrockAgentCoreService` | Service | The AgentCore service instance within an AWS account. | **Properties:** | Property | Description | | ------------- | ------------------------------------------------------------------------------------------------- | | `runtime_id` | The AgentCore runtime identifier | | `status` | Operational state of the runtime (e.g., `READY`). Runtimes with `READY` status are marked active. | | `role_arn` | The IAM role ARN assumed by the runtime for resource access | | `description` | Runtime description | | `created_at` | When the runtime was created | | `updated_at` | When the runtime was last modified | **Permissions model:** AgentCore runtimes assume IAM roles for resource access, following the same pattern as Bedrock Agents. Veza creates a `CAN_ASSUME_ROLE` edge from the runtime to its associated IAM role, then resolves effective permissions across downstream AWS services. IAM must be enabled in the same AWS integration for role linking to work. ### Azure AD (Entra ID) No new entity type is created. The existing `AzureADEnterpriseApplication` entity receives `identity_subtypes: ["AI_AGENT"]` when the platform-native field indicates an AI agent. | Entity Type | Classification condition | | ------------------------------ | ---------------------------------------------------------------------------------------------------------- | | `AzureADEnterpriseApplication` | Application tags include `AgenticInstance`, `AgenticApp`, or any tag prefixed with `power-virtual-agents-` | ### Azure AI Foundry | Entity Type | Classification | Description | | ------------------------------- | --------------- | -------------------------------------------------------------------------------------------------------------------- | | `AzureAiFoundryAgent` | AI Agent | An AI agent or assistant created in Azure AI Foundry; backed by a model deployment. | | `AzureAiFoundryBotServiceAgent` | Service Account | Service account identity for an AI Foundry agent deployed via Azure Bot Service to channels (Teams, Web Chat, etc.). | | `AzureAiFoundryService` | Service | The Azure AI Foundry service instance within a subscription. | | `AzureAiFoundryAccount` | Resource | An AI Foundry account (hub) grouping projects and resources. | | `AzureAiFoundryProject` | Resource | A project workspace within an AI Foundry account. | | `AzureAiFoundryModelDeployment` | AI Model | A deployed model endpoint (e.g., GPT-4o, Claude) used by agents. | | `AzureAiFoundryVectorStore` | Resource | Vector store for RAG-based knowledge retrieval. | | `AzureAiFoundryConnection` | Resource | External service connection (e.g., to Azure OpenAI, Cognitive Search). | | `AzureAiFoundryTool` | AI Tool | Tool definition available to agents (e.g., code interpreter, function call). | | `AzureAiFoundryIndex` | Resource | Search index backing a knowledge source. | | `AzureAiFoundryGuardRail` | Policy | Content safety and moderation policy applied to agent interactions. | **Permissions model:** Agents use Azure RBAC via Azure AD service principals and managed identities. Cross-service connections link to Azure AD entities for identity resolution. {% hint style="warning" %} **Classic portal agents are not supported.** Veza only extracts agents created in the new [Azure AI Foundry portal](https://ai.azure.com). Agents created in the Foundry (classic) portal are not discovered. Microsoft has announced that the Foundry classic portal and classic Agents will be retired on **March 31, 2027**, and that the Assistants API backend powering many classic agents will sunset on **August 26, 2026**. {% endhint %} ### Google Cloud Vertex AI | Entity Type | Classification | Description | | ------------------------- | -------------- | ------------------------------------------------------------------------------------------------------ | | `VertexAiReasoningEngine` | AI Agent | Stateful orchestration engine; executes custom code and tools. Runs as a Google Cloud service account. | | `VertexAiService` | Service | The Vertex AI service instance within a Google Cloud project. | | `VertexAiFoundationModel` | AI Model | Pre-trained foundation models available in Vertex AI (Gemini, etc.). | | `VertexAiModel` | AI Model | Custom tuned models in the Vertex AI Model Registry. | | `VertexAiEndpoint` | Resource | Deployed model endpoint serving predictions; invoked by agents as functional tools. | | `VertexAiPolicy` | Policy | IAM policies applied to Vertex AI resources. | | `VertexAiRoleBinding` | Resource | IAM role bindings granting identities access to Vertex AI resources. | **Permissions model:** Every Reasoning Engine is linked to a Google Cloud service account. Ambient permissions are on the service account. Delegated permissions are captured via non-transitive `HAS_SERVICE_ACCOUNT` edges. {% hint style="warning" %} Veza cannot link Vertex AI agents to the foundation models they use. Google Vertex AI does not expose this information via API. {% endhint %} ### Microsoft Copilot Studio Identity and authorization is handled via Azure Dynamics 365 through a Cross-Service Connection (CSC). | Entity Type | Classification | Description | | ----------------------------------------- | -------------- | --------------------------------------------------------------------------------------------------- | | `MicrosoftCopilotStudioBot` | AI Agent | AI-powered conversational agent stored in Dataverse as a bot entity. | | `MicrosoftCopilotStudioTopic` | Resource | Conversation flow or dialog within a copilot. | | `MicrosoftCopilotStudioAction` | AI Tool | External integration or Power Automate flow invocation. Security-sensitive. Can call external APIs. | | `MicrosoftCopilotStudioKnowledgeSource` | AI Tool | Connected data source providing knowledge to the bot. | | `MicrosoftCopilotStudioCustomGPT` | AI Model | AI-powered component with configurable model and capabilities. | | `MicrosoftCopilotStudioExternalAPI` | AI Tool | Third-party API connector invoked by Actions. | | `MicrosoftCopilotStudioPowerAutomateFlow` | Resource | Workflow automation triggered by the bot. | | `MicrosoftCopilotStudioAIModel` | AI Model | LLM used by Custom GPT components (e.g., GPT-4o, Claude Sonnet). | | `MicrosoftCopilotStudioCapability` | Resource | Bot capabilities (e.g., Web Browsing, File Upload). | | `MicrosoftCopilotStudioBotPermission` | Permission | Intermediate node connecting Dynamics 365 identities to bots. | Identity nodes connected via Azure Dynamics 365 CSC: `Dynamics365User`, `Dynamics365ApplicationUser`, `Dynamics365Team`, `Dynamics365SecurityRole` **Permissions model:** `BotPermission` intermediate nodes connect Dynamics 365 identities to bots via Security Role assignments (e.g., `prvReadbot`, `prvWritebot`). ### Public MCP Registry Veza discovers publicly available MCP (Model Context Protocol) servers and their tools from the public MCP registry. MCP servers connect to AI agents via Cross-Service Connections (e.g., Microsoft Copilot Studio bots can invoke public MCP servers). | Entity Type | Classification | Description | | ------------------------- | -------------- | --------------------------------------------------------------------------------------------------- | | `PublicMCPRegistryServer` | AI Tool | A publicly available MCP server from the public registry. Provides tools that AI agents can invoke. | | `PublicMCPRegistryTool` | AI Tool | An individual tool exposed by a public MCP server, with defined input/output schemas. | ### Salesforce (Agentforce) Salesforce AI Agents are extracted from the Salesforce IAM integration. Each bot is represented as a `SalesforceBotDefinition` entity. | Entity Type | Classification | Description | | ------------------------- | -------------- | -------------------------------------------------------------------------------------------------------------------------------------- | | `SalesforceBotDefinition` | AI Agent | An AI agent or bot defined in Salesforce (Agentforce / Einstein Bot). The `bot_definition_type` property distinguishes agent subtypes. | **Permissions model:** Bots participate in Salesforce's standard IAM model (Profiles, Permission Sets, etc.) and inherit access to Salesforce objects through their associated user or profile. ### ServiceNow Veza discovers AI Agents and related assets configured in ServiceNow's AI Agent Studio and Now Assist platform. ServiceNow AI Agent discovery is part of the [ServiceNow integration](/4yItIzMvkpAvMVFAamTf/integrations/integrations/servicenow.md). | Entity Type | Classification | Description | | ----------------------- | -------------- | ---------------------------------------------------------------------------------------------------- | | `ServiceNowAIAgent` | AI Agent | An AI agent defined in ServiceNow AI Agent Studio. Requires the `sn_aia` plugin. | | `ServiceNowAIAgentTool` | AI Tool | A tool or capability available to AI agents. Requires the `sn_aia` plugin. | | `ServiceNowGenAISkill` | AI Tool | A Gen AI Skill from the Now Assist Skill Kit. | | `ServiceNowAIModel` | AI Model | A generative AI model configuration. Tracks the model provider (e.g., Azure OpenAI, Amazon Bedrock). | | `ServiceNowGenAIConfig` | Resource | A platform-level generative AI configuration that binds capabilities to models. | **Properties:** ServiceNow AI Agent: | Property | Description | | ------------- | ------------------------------------------------------------------------------ | | `description` | Agent description | | `run_as_mode` | Identity mode: `ai_user` (fixed user) or `dynamic_user` (caller's permissions) | | `is_active` | Whether the agent is active | | `created_at` | When the agent was created | ServiceNow AI Agent Tool: | Property | Description | | ------------- | -------------------------- | | `description` | Tool description | | `tool_type` | The type of tool | | `is_active` | Whether the tool is active | ServiceNow AI Model: | Property | Description | | ----------------- | -------------------------------------------------- | | `model_type` | Type of model | | `max_tokens` | Maximum token limit | | `lifecycle_state` | Model lifecycle state | | `model_provider` | Provider name (e.g., Azure OpenAI, Amazon Bedrock) | | `is_active` | Whether the model is active | **Permissions model:** AI Agents can assume a ServiceNow user identity for resource access. When `run_as_mode` is `ai_user`, Veza creates an `ASSUMES_USER` edge from the agent to the configured ServiceNow user, enabling you to trace the agent's effective permissions through that user's roles and ACLs. ServiceNow ACL rules with types `gen_ai_agent` or `gen_ai_skill` are attached to the relevant AI entities. See the [ServiceNow integration guide](/4yItIzMvkpAvMVFAamTf/integrations/integrations/servicenow.md) for the full list of entity attributes and required permissions. ## Access Paths and Relationships ### How Veza Models Agent Access Veza automatically resolves relationships between AI Agents and the identities and resources they connect to. You don't need to configure these connections — Veza builds them from the integration data it collects. View access paths in the Veza Graph UI or see the [Access path analysis](/4yItIzMvkpAvMVFAamTf/features/ai-agent-security.md#access-path-analysis) section for detailed examples. Key relationships Veza constructs: * **Agent → IAM Role** — For AWS Bedrock agents, Veza links the agent to its execution IAM role (`CAN_ASSUME_ROLE`), then traces that role's effective permissions across AWS services. * **Agent → Service Account** — For Google Cloud Vertex AI Reasoning Engines, Veza links the agent to its Google Cloud service account (`HAS_SERVICE_ACCOUNT`) to surface ambient permissions. This edge is non-transitive, representing the agent's own identity rather than delegated access. * **Agent → Foundation Model** — Veza links agents to the foundation models they invoke (`HAS_FOUNDATION_MODEL`), enabling queries like "which agents use deprecated models" or "show all agents using Claude." * **Agent → Custom or Imported Model** — Same as above for non-foundation models (`HAS_MODEL`). ### Common Access Patterns Each hop in an agent's access path can be a security boundary. Veza makes these multi-hop paths visible so you can evaluate the full blast radius of a given agent, including every resource it can reach through its identity chain. | Pattern | Description | Security considerations | | ---------------------------------------- | --------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | | **Agent → IAM Role → S3** | Agent reads documents from S3 directly or as a Knowledge Base data source | Review bucket contents for PII; verify the role grants read-only access | | **Agent → IAM Role → RDS** | Agent queries a database for real-time data using its execution role | High-risk: direct database access with potential write operations; confirm least-privilege | | **Agent → Knowledge Base → Data Source** | Agent retrieves knowledge through a pre-indexed Knowledge Base rather than raw storage | Lower risk than direct S3 access. Data is curated at index time, but source permissions still apply. | | **Agent → Action Group → Lambda → API** | Agent executes business logic through a Lambda function, which may call downstream APIs or services | Review the Lambda execution role and all downstream service permissions it can reach | ## Next Steps * [**AI Agent Security Overview**](/4yItIzMvkpAvMVFAamTf/features/ai-agent-security.md) - Understand AI Agent Security and key capabilities * [**Configuration Guide**](/4yItIzMvkpAvMVFAamTf/features/ai-agent-security/configuration.md) - Set up AWS Bedrock, Google Cloud Vertex AI, or Microsoft Copilot Studio integrations * [**Query Builder**](/4yItIzMvkpAvMVFAamTf/features/search/query-builder.md) - Build custom queries to search for AI resources * [**Access Reviews**](/4yItIzMvkpAvMVFAamTf/features/access-reviews.md) - Create recurring reviews for AI Agent permissions * [**Rules and Alerts**](/4yItIzMvkpAvMVFAamTf/features/insights/rules-and-alerts.md) - Configure automated alerts for AI security events --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/features/ai-agent-security/supported-entities.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.