|
| 1 | += Read the Governance Overview |
| 2 | +:description: See your AI deployment's spending, fleet, and activity in one place; drill into the transcript behind any number to investigate further. |
| 3 | +:page-topic-type: how-to |
| 4 | +:personas: evaluator, platform_admin, app_developer |
| 5 | +// TODO: confirm persona vocabulary. The Governance V0 PRD names HoT (Head of Trust), CIO/CFO, CISO, and FDE; this page uses canonical docs-team-standards personas (`evaluator`, `platform_admin`, `app_developer`) and surfaces the PRD names only in the "Reading the dashboard for your role" section headings. Confirm with docs-team-standards owner whether to add `executive` and `security_admin` (or equivalents) so the persona metadata matches the PRD audience exactly. |
| 6 | +:learning-objective-1: Identify the widgets on the governance overview and what each one shows |
| 7 | +:learning-objective-2: Choose where to focus first based on your role |
| 8 | +:learning-objective-3: Investigate a metric, agent, or event by opening its underlying transcript |
| 9 | + |
| 10 | +include::ROOT:partial$adp-la.adoc[] |
| 11 | + |
| 12 | +The governance overview shows your AI deployment's spending, fleet, and activity on a single page. Every number, agent, and event links to the transcript that produced it, so you can investigate without leaving the dashboard. |
| 13 | + |
| 14 | +After reading this page, you will be able to: |
| 15 | + |
| 16 | +* [ ] {learning-objective-1} |
| 17 | +* [ ] {learning-objective-2} |
| 18 | +* [ ] {learning-objective-3} |
| 19 | +
|
| 20 | +== Prerequisites |
| 21 | + |
| 22 | +* Access to the Agentic Data Plane. |
| 23 | ++ |
| 24 | +// TODO: confirm sign-in URL and IAM/role requirement once the standalone ADP UI ships. |
| 25 | +* At least one agent or MCP server with recent activity, or an empty deployment if you want to see the empty-state guidance below. |
| 26 | +* Read access to the Spending, Agent registry, and MCP server APIs (`dataplane_adp_spending_get`, `dataplane_adp_agent_get`, `dataplane_adp_mcpserver_get`). |
| 27 | ++ |
| 28 | +// TODO: confirm role-to-permission mapping once the standalone ADP UI ships. |
| 29 | + |
| 30 | +== Open the governance overview |
| 31 | + |
| 32 | +Sign in to the ADP UI and select *Governance* from the sidebar. The overview is the default view. |
| 33 | + |
| 34 | +// TODO: annotated screenshot of the V0 governance overview, with callouts for the five widgets (summary cards, token spend by provider, events timeline, agents table, MCP servers table). V0 prototype lands on `adp-production` 2026-05-08 per the PRD milestone. |
| 35 | + |
| 36 | +The overview shows five widgets, top to bottom: |
| 37 | + |
| 38 | +. *Summary cards* — total spend, agent count, request count, trend versus the previous period. |
| 39 | +. *Token spend by LLM provider* — provider-by-provider cost and request breakdown. |
| 40 | +. *Events over time* — time series of activity, filterable by event type. |
| 41 | +. *Agents* — every agent in your deployment, with status, error count, and tool invocation count. |
| 42 | +. *MCP servers* — every MCP server, with type and connection status. |
| 43 | + |
| 44 | +== Reading each widget |
| 45 | + |
| 46 | +=== Summary cards |
| 47 | + |
| 48 | +The summary cards answer "how much are we using right now?" at a glance. |
| 49 | + |
| 50 | +[cols="1,3"] |
| 51 | +|=== |
| 52 | +|Card |What it shows |
| 53 | + |
| 54 | +|*Total spend* |
| 55 | +|Sum of all LLM provider costs in the current period. Reported in microcents (1 cent = 100 microcents, $1 = 10,000 microcents). Divide by 10,000 to get dollars. |
| 56 | + |
| 57 | +|*Agent count* |
| 58 | +|Number of agents (managed plus BYOA) registered in your deployment. |
| 59 | + |
| 60 | +|*Request count* |
| 61 | +|Total LLM requests routed through AI Gateway in the current period. |
| 62 | + |
| 63 | +|*Trend* |
| 64 | +|Each card carries a "vs last period" delta. The delta uses the same window length as the current period: a 30-day current view compares against the prior 30 days. Calculation: `(current - previous) / previous`. |
| 65 | +|=== |
| 66 | + |
| 67 | +The current period defaults to the last 30 days. Change the time-range selector at the top of the page to inspect a shorter or longer window. |
| 68 | + |
| 69 | +// TODO: confirm time-range selector defaults and allowable windows once the V0 prototype lands. |
| 70 | + |
| 71 | +=== Token spend by LLM provider |
| 72 | + |
| 73 | +Each row shows a single LLM provider (`openai`, `anthropic`, `bedrock`, …) with cost, request count, and token totals for the current period. Click a provider row to filter the events timeline and agents table to that provider. |
| 74 | + |
| 75 | +The breakdown is also available by model, by user, and by provider type. Use the dimension toggle above the chart to switch. |
| 76 | + |
| 77 | +// TODO: confirm dimension-toggle UX once the V0 prototype lands. |
| 78 | + |
| 79 | +=== Events over time |
| 80 | + |
| 81 | +A time-series chart of activity across your deployment. |
| 82 | + |
| 83 | +* For ranges shorter than 7 days, the chart uses *hourly* buckets. |
| 84 | +* For ranges of 7 days or more, the chart uses *daily* buckets. |
| 85 | + |
| 86 | +Use the event-type filter to focus on a specific kind of activity (request, error, violation, agent state change). Each bar links to a filtered transcript view for the time bucket. |
| 87 | + |
| 88 | +// TODO: confirm event-type filter values once the V0 prototype lands. |
| 89 | + |
| 90 | +=== Agents |
| 91 | + |
| 92 | +Every agent in your deployment, managed or BYOA. The table lists: |
| 93 | + |
| 94 | +* *Name* — the agent's resource name. |
| 95 | +* *Type* — managed or BYOA. |
| 96 | +* *Status* — current runtime state. The state badge maps to the agent's runtime state: |
| 97 | ++ |
| 98 | +[cols="1,2"] |
| 99 | +|=== |
| 100 | +|State |Display |
| 101 | + |
| 102 | +|`AGENT_STATE_RUNNING` |
| 103 | +|*Running* |
| 104 | + |
| 105 | +|`AGENT_STATE_STOPPED` |
| 106 | +|*Stopped* |
| 107 | + |
| 108 | +|`AGENT_STATE_STARTING` / `AGENT_STATE_CREATING` |
| 109 | +|*Starting* (transient; refresh for the latest state) |
| 110 | + |
| 111 | +|`AGENT_STATE_STOPPING` / `AGENT_STATE_DELETING` |
| 112 | +|*Stopping* (transient; refresh for the latest state) |
| 113 | + |
| 114 | +|`AGENT_STATE_DEGRADED` |
| 115 | +|*Degraded* (the row shows `state_reason`) |
| 116 | + |
| 117 | +|`AGENT_STATE_FAILED` |
| 118 | +|*Failed* (the row shows `state_reason`) |
| 119 | +|=== |
| 120 | + |
| 121 | +* *Error count* — number of errored executions in the current period. |
| 122 | ++ |
| 123 | +// TODO: confirm error-count source (transcripts vs separate metric) once the V0 prototype lands. |
| 124 | +* *Tool invocations* — number of tool calls the agent has made in the current period. |
| 125 | ++ |
| 126 | +// TODO: confirm tool-invocation source (transcripts vs separate metric). |
| 127 | +* *Last active* — most recent execution timestamp. |
| 128 | + |
| 129 | +Click any agent row to drill into its transcript history. |
| 130 | + |
| 131 | +=== MCP servers |
| 132 | + |
| 133 | +Every MCP server registered in your deployment. The table lists: |
| 134 | + |
| 135 | +* *Name* — the server's resource name. |
| 136 | +* *Type* — managed or self-managed. |
| 137 | +* *Status* — connection state. |
| 138 | + |
| 139 | +For deeper MCP server reading, see xref:mcp:index.adoc[MCP Servers]. |
| 140 | + |
| 141 | +== Reading the dashboard for your role |
| 142 | + |
| 143 | +The dashboard is designed for non-technical leadership. Different roles read it differently. |
| 144 | + |
| 145 | +=== If you're a CIO or CFO |
| 146 | + |
| 147 | +Start with the *summary cards*. The total spend and trend tell you at a glance whether AI cost is moving in the expected direction. |
| 148 | + |
| 149 | +Next, scan *Token spend by LLM provider* to see which provider is the largest line item. If one provider dominates your spend, click into it to see which agents drive that cost. |
| 150 | + |
| 151 | +You should be able to answer "how much are we spending?" within 30 seconds of opening the page. |
| 152 | + |
| 153 | +=== If you're a CISO |
| 154 | + |
| 155 | +Start with the *Agents* and *MCP servers* tables. They give you full visibility into what's running in the deployment, including BYOA agents that operate outside your direct control. |
| 156 | + |
| 157 | +Scan for unfamiliar agents, agents in `Failed` or `Degraded` states, or MCP servers in disconnected states. Click any anomaly to drill into the transcript. |
| 158 | + |
| 159 | +=== If you're a Head of Trust |
| 160 | + |
| 161 | +Start with the *Agents* table sorted by error count or tool-invocation count. Outlier rows are usually where investigation begins. |
| 162 | + |
| 163 | +Use the *Events over time* chart to spot bursts of activity that don't match your expectations. Drill into a bar to see exactly what happened in that time bucket. |
| 164 | + |
| 165 | +=== If you're demoing to a prospect |
| 166 | + |
| 167 | +Walk top to bottom: summary cards, then provider breakdown, then events timeline, then agent fleet, then MCP servers. The page is designed to tell the full story of an AI deployment in under two minutes, with no setup or pre-staged data. |
| 168 | + |
| 169 | +== Investigate any number, agent, or activity |
| 170 | + |
| 171 | +Every value on this page is a link. |
| 172 | + |
| 173 | +* Click a *summary card* to filter the page to its underlying period. |
| 174 | +* Click a *provider row* to scope every other widget to that provider. |
| 175 | +* Click an *agent row* to open the agent's transcript history. |
| 176 | +* Click an *event bucket* to open transcripts for that time range. |
| 177 | +* Click an *MCP server row* to see invocations against that server. |
| 178 | + |
| 179 | +For the data model behind transcripts, see xref:observability:transcripts.adoc[Read a transcript]. |
| 180 | + |
| 181 | +== Empty states |
| 182 | + |
| 183 | +The dashboard handles three common empty states: |
| 184 | + |
| 185 | +[cols="1,3"] |
| 186 | +|=== |
| 187 | +|State |What you see |
| 188 | + |
| 189 | +|*No telemetry yet* |
| 190 | +|For a BYOA agent that has not yet streamed any transcripts. The agent row shows a *Connect telemetry* call to action that links to xref:observability:byoa-telemetry.adoc[BYOA telemetry]. |
| 191 | + |
| 192 | +|*No spend recorded* |
| 193 | +|For fresh deployments before the first agent run. The summary cards show zeroes and a hint that data will populate after the first request. |
| 194 | + |
| 195 | +|*No agents* |
| 196 | +|For deployments before the first agent is created. The page links to xref:agents:create-agent.adoc[Create a declarative agent]. |
| 197 | +|=== |
| 198 | + |
| 199 | +// TODO: confirm exact CTA text and behavior once the V0 prototype lands. |
| 200 | + |
| 201 | +== What's coming at GA |
| 202 | + |
| 203 | +The current beta release ships the V0 overview described above. Later in the GA window, the dashboard adds: |
| 204 | + |
| 205 | +* *Cost over time* and *cost drill-down by agent within a provider* on the same page. |
| 206 | +* *Token-to-dollar conversion* on every cost figure. |
| 207 | +* *Agent Network* — an interactive topology graph that traces every agent through its LLM providers and MCP servers. See xref:dashboard/agent-network.adoc[Agent Network] (shipping at GA). |
| 208 | +* *Authorization denials and violations* — an aggregated feed of policy events. See xref:dashboard/violations.adoc[Authorization denials and violations] (shipping at GA). |
| 209 | +* *Kill switch* — pause an agent without removing it. |
| 210 | + |
| 211 | +// TODO: refresh this list against the V1 design when those design docs land. Per the Governance V0 PRD, V1 also adds a top-spenders table and agent-owner metadata; confirm the final V1 surface before GA. |
| 212 | + |
| 213 | +== Next steps |
| 214 | + |
| 215 | +* Investigate an anomaly: xref:observability:transcripts.adoc[Read a transcript]. |
| 216 | +* Wire up missing telemetry: xref:observability:byoa-telemetry.adoc[BYOA telemetry]. |
| 217 | +* Add agents to your deployment: xref:agents:create-agent.adoc[Create a declarative agent]. |
0 commit comments