Open Data Infrastructure
Foundation for AI Access Path Inventory
Why AI programs need an inventory of every agent access path across catalogs, APIs, files, policies, indexes, and observability.
Most AI governance diagrams miss the part where the agent actually reaches the data.
Access paths multiply fast
An AI system can reach data through a SQL endpoint, REST API, vector index, file search system, catalog, notebook, feature store, internal tool, or MCP server. Each path may have different authentication, policy checks, logging, freshness, and owner review.
A foundation for AI needs an access path inventory because unknown paths become unknown risk. The inventory should name the path, source assets, policy decision point, identity model, owner, logs, freshness signal, and evaluation coverage.
Inventory is a control mechanism
The Model Context Protocol is useful because it makes tools and resources explicit. That does not remove the need for governance. It makes the inventory more urgent because tools become a first-class way for models to act on external systems.
Open Policy Agent, catalogs, lineage systems, and evaluation frameworks can all contribute evidence. The inventory is where the team sees whether those systems cover the actual paths an agent uses.
Core idea: AI access governance starts by naming every door into the data.
The ODI pattern makes access paths portable and reviewable
Open Data Infrastructure is the architectural layer that keeps data access, metadata, policy, and observability from disappearing inside one product. An access path inventory should be portable enough to survive tool changes.
For related articles, read ODI as the foundation for AI, AI-ready access logs, and MCP and ODI. The inventory is where strategy becomes operable.
What breaks first
The risk is not that teams have no controls. The risk is that controls cover the wrong path.
- SQL access is governed, but vector index refresh bypasses policy.
- Tool calls are logged, but file retrieval is not.
- A catalog shows ownership, but the agent reaches data through an API that has no owner field.
- Evaluations cover final answers but not the access path that produced them.
Questions for the inventory
Ask where the agent can read, write, search, retrieve, call, cache, and observe data. Ask which path grants authority and which path only transports context. Ask what happens when the path changes.
AI infrastructure becomes governable when the access map is complete enough to be boring.
Sources to start with
These primary sources anchor the technical claims in this guide.
- Model Context Protocol tools specification
- Model Context Protocol resources specification
- Open Policy Agent documentation
- NIST AI Risk Management Framework
You cannot govern an AI access path you have not named.