The Problem:
AI catalog conflates "what the agent is" (identity) with "where it lives" (instance). This is fine in the open internet but doesn't scale that well for assets living inside the enterprise:
- The SAME logical agent runs in dev, staging, and prod
- The SAME logical agent has replicas in us-east, eu-west, ap-southeast (this may be hidden behind a load balancer, but not always)
- These are NOT different agents - they're different instances of the same agent
The geolocation comes with additional concerns like compliance requirements and data residency restrictions. The point could be made
that this is no different from auth and should be delegated to each assets card or modeled through metadata. However:
- None of the standard cards have these concepts
- Metadata without standardization is suboptimal
- It hinders the agent's ability to safely install new capabilities at runtime
Proposal: Structured deployment metadata
- Keep the
url attribute as the default entry point for the resource
- Enrich the entry with an optional
instances array which lists all valid URLs alongside deployment information such as:
- environment
- region
- data residency
- compliance
{
"identifier": "urn:ai:acme.com:finance:invoice-processor",
"displayName": "Invoice Processor",
"url": "https://api.acme.com/agents/invoice",
"type": "application/a2a-agent-card+json",
"instances": [
{
"instanceId": "invoice-prod-us",
"environment": "production",
"url": "https://api.acme.com/agents/invoice",
"region": "us-east-1"
},
{
"instanceId": "invoice-prod-eu",
"environment": "production",
"url": "https://eu-api.acme.com/agents/invoice",
"region": "eu-west-1",
"dataResidency": ["EU"],
"compliance": "GDPR"
}
]
}
This makes it possible to create deterministic guardrails to make sure agents only select assets that conform to their own compliance rules.
Discovery Value:
- Test discovery in staging without prod impact
- Discover geo-appropriate instances (EU clients → EU instances for data residency)
- Support canary discovery (discover beta instance for testing/shadowing)
- Maintain single logical identity across deployment pipeline
Alternatives Considered:
- Simply use different catalogs: If my agent can only use GDPR compliant assets, then just point it to a previously curated/filtered catalog
- While a valid solution, it's less flexible: What if GDPR is only required for some operations and only for clients associated to a specific geography? This approach overly complicates management and can lead to inconsistencies
The Problem:
AI catalog conflates "what the agent is" (identity) with "where it lives" (instance). This is fine in the open internet but doesn't scale that well for assets living inside the enterprise:
The geolocation comes with additional concerns like compliance requirements and data residency restrictions. The point could be made
that this is no different from auth and should be delegated to each assets card or modeled through metadata. However:
Proposal: Structured deployment metadata
urlattribute as the default entry point for the resourceinstancesarray which lists all valid URLs alongside deployment information such as:{ "identifier": "urn:ai:acme.com:finance:invoice-processor", "displayName": "Invoice Processor", "url": "https://api.acme.com/agents/invoice", "type": "application/a2a-agent-card+json", "instances": [ { "instanceId": "invoice-prod-us", "environment": "production", "url": "https://api.acme.com/agents/invoice", "region": "us-east-1" }, { "instanceId": "invoice-prod-eu", "environment": "production", "url": "https://eu-api.acme.com/agents/invoice", "region": "eu-west-1", "dataResidency": ["EU"], "compliance": "GDPR" } ] }This makes it possible to create deterministic guardrails to make sure agents only select assets that conform to their own compliance rules.
Discovery Value:
Alternatives Considered: