In roughly a three-week span, Google, Cloudflare, Salesforce, Databricks, Snowflake, and Microsoft each shipped some version of an agent governance platform. Every one of them used a phrase like "centralized control plane." None of them were describing the same layer of the stack.

The companion grid breaks down who announced what. The more interesting question: why all six moved in the same window, and what the collective result looks like for the enterprises they're courting.

Same bet, different layers

Wherever governance decisions get enforced, the enterprise relationship concentrates. And the margin. So each vendor is staking the claim from the layer they already own. Google's Gemini Enterprise Agent Platform governs from the cloud ML layer, issuing every agent a cryptographic ID. Databricks positions Unity AI Gateway at the data warehouse, enforcing per-user permissions on MCP calls. Cloudflare governs at the network edge, inspecting traffic and flagging Shadow MCP the way it flags Shadow IT. Three different layers. Three different definitions of what "governed" means. Snowflake, Salesforce, and Microsoft are making structurally identical moves from the data foundation, the CRM, and the productivity suite, respectively.

Each vendor would lose strategic position if governance settled at someone else's layer. That logic is straightforward. Where it leads collectively is anything but.

The workflow problem

A single agent action: it calls an LLM, pulls records from a CRM via MCP, checks a shipping API, and calls the model again. The cloud platform claims to govern the model call. The data warehouse claims the MCP hop. The CRM claims the record access. The network layer claims the traffic between all of them.

Four governance surfaces, one workflow.

Anyone who lived through the API gateway era will recognize the shape. Platform teams were supposed to consolidate governance onto a single gateway. In practice, different teams spun up their own, and the single control plane became three or four. The resolution, to the extent there was one, came from enterprises building centralized teams with enough organizational authority to enforce coherence, often adopting open standards like OpenTelemetry beneath the vendor layer. Painful, slow, and expensive. The vendors who promised consolidation are still competing.

The role that doesn't exist yet

MCP itself drew a scope boundary at its April Dev Summit: connectivity is the protocol's job; identity, observability, and governance belong to other layers. Which other layers? The ones currently being claimed by six vendors simultaneously. The AAIF flagged the risk plainly: whether the vendor ecosystem respects that boundary or treats MCP as a surface to colonize.

A tension runs through all of this. These same companies have the most to gain from agent adoption expanding. The governance tooling they're shipping is genuine, and so is the incentive to make governance feel solved at each vendor's layer without it being coherent across layers. As one enterprise CISO guide put it:

An independent hands-on review of one major platform's governance offering found it "functions more like a directory than a true agent management layer," with actual policy enforcement scattered across other products.

This publication has explored the missing principal problem before. Security has a CISO. Financial controls have a CFO. Agent governance across a multi-vendor stack has no organizational equivalent. Six vendor dashboards don't create that role. They give the absence six places to be invisible.

Governance tooling is arriving fast. The organizational muscle to enforce coherent policy across multiple layers is lagging well behind. The API era suggests the connective tissue ends up being built by the enterprise itself, slowly. And that work comes down to deciding who is actually accountable when an agent acts on governed data through an ungoverned path.

Six vendors just made the same bet. The enterprises they're selling to still have a harder one to make.