New capabilities embed policy enforcement, monitoring, and access controls directly into AI agents operating on Google Cloud.
Google announced new “baked-in” governance features for its agentic AI models at the Google Cloud Next ’26 event, embedding policy enforcement and monitoring directly into the way AI agents operate in its cloud environment.
The controls manage risks associated with agentic systems that can take actions, access enterprise data, and interact across systems with limited human oversight.
The controls apply to agents running on Google Cloud. Google did not say whether they work for agents outside its platform or across other cloud providers.
These real-time guardrails define what actions agents can take and which data they can access. They are applied during execution, automatically limiting the actions an agent can take. Different agents can have different levels of access. Organizations can assign agents specific roles and permissions. This includes restricting agents to approved systems, datasets, and functions in accordance with organizational rules.
The system tracks agent activity to support audit and compliance requirements. However, Google did not say how they will keep long logs, whether they can be altered, or which regulatory standards they meet.
The platform also includes pre-deployment evaluation tools that simulate agent behavior to identify potential risks, such as unintended actions or policy violations, before they go live. The company did not reveal any particular standardized testing benchmarks or thresholds required for deployment approval.
While the governance layer is infrastructure-based, it is not limited to Google-developed models. The platform can support third-party models operating within Google Cloud, with governance controls applied at the execution layer.

