Intellova

AWS Shows How to Build Governed AI Agents on a Modern Data Mesh

AWS Shows How to Build Governed AI Agents on a Modern Data Mesh
Data Integration

AWS Shows How to Build Governed AI Agents on a Modern Data Mesh

Intellova· Engineering Team
4 min read

What Happened

On 25 June 2026, AWS published a detailed technical guide on its Machine Learning blog showing how to build agentic AI applications using a data mesh strategy. The post, authored by three Senior Specialist Solutions Architects at AWS—Venkata Sistla, Aamna Najmi, and Prachi Gupta—is marked as advanced technical guidance for organisations wanting to deploy AI agents that can query and analyse business data securely.

The guide walks through a complete architecture combining several AWS services released or significantly upgraded over the past six months. It's positioned as a follow-up to an earlier post on serverless data lakes, reflecting AWS's broader push to help enterprises build AI systems on top of governed, accessible data foundations.

The Technology Stack

At the heart of the approach are several key AWS services working together. Amazon S3 Vectors, which reached general availability in December 2025, allows teams to store vector embeddings directly in object storage at massive scale—up to 2 billion vectors per index—while cutting costs by up to 90% compared to specialised vector databases.

Amazon S3 Tables brings Apache Iceberg table format directly to object storage, delivering up to 10 times higher transaction rates than self-managed Iceberg setups. This matters because AI agents often need to query structured data rapidly.

Amazon Bedrock AgentCore is AWS's framework for building AI agents that can take actions on your behalf. The architecture adds AgentCore Gateway, which can intercept agent requests and enforce security rules using Lambda functions, JWT tokens, and OAuth before letting the agent access data or make decisions.

The demo includes four Lambda-backed tools the agent can call: tools to fetch available tables, retrieve schema information, run queries, and search a knowledge base. Each call passes through security gatekeeping before execution.

Five Layers of Governance

What distinguishes this approach from simpler AI demos is the governance model. The architecture layered five separate control points to prevent agents from acting outside their permissions.

First, AWS Athena enforces byte-scan limits—controlling how much data an agent can read in a single query. Second, IAM policies block dangerous operations like dropping tables or deleting data. Third, AWS Lake Formation applies fine-grained access control at the row, column, and even cell level, so agents see only the data they're permitted to access. Fourth, the AgentCore Gateway interceptors validate every request before it reaches the data. Fifth, Bedrock Guardrails via AgentCore Policy add a final safety layer that can block responses if they violate defined policies.

This multi-layer approach means organisations don't have to choose between letting AI agents be useful and keeping them under control.

Why It Matters for Organisations

For Australian mid-market businesses looking to deploy AI, the blueprint addresses a real tension. Teams want AI systems that can explore and act on company data autonomously—running queries, pulling insights, triggering workflows. But without proper governance, that autonomy becomes a liability. A misconfigured agent could expose sensitive client information, run expensive queries, or make decisions on bad data.

The AWS approach shows that governance doesn't have to slow down AI deployment. By building security into the data mesh itself—through service mesh gateways, fine-grained access controls, and policy engines—organisations can let agents work faster while keeping risk low. The cost benefits matter too: the 90% saving on vector storage means teams can embed larger documents and knowledge bases without budget blowout.

The post includes a working code sample in the awslabs/agentcore-samples GitHub repository, so teams can study the patterns and adapt them to their own systems.

Why Data Readiness Is the Real Blocker

The technical guide assumes one thing: that your data is already unified and accessible. If your business data lives scattered across a CRM, accounting software, legacy databases, and spreadsheets—with no single source of truth about what's where—then even the best agentic AI framework won't help. The agent won't know what to query, won't be trusted to query it, and the results will be incomplete or wrong.

Before you can confidently hand control to an AI agent, your data needs a foundation: one unified database where all your business information lives, where access rights are clear, and where you know the data quality. Only then can you layer on sophisticated governance and let agents work safely at scale.

Companies that have unified their data first—bringing CRM records, financial transactions, operational metrics, and customer history into one governed repository—find that AI agents become powerful business tools. Without that foundation, agentic AI is just another experiment that delivers inconsistent results.

Found this article helpful? Share it with others.

Is your data working this hard for you?

Intellova unifies your CRM, accounting and business tools into one source of truth — ready for analytics, AI and automation.

Keep reading