What’s new in Unity AI Gateway: service policies, guardrails, observability, and cost controls for AI agents and MCPs

AI agents are moving into production fast, but AI governance isn’t keeping up. Teams are facing rising costs, unclear agent behavior, and limited control over how agents interact with tools and models.

That’s why we built Unity AI Gateway: to bring runtime governance to every model call, tool invocation, and agent interaction. As part of Unity Catalog, Unity AI Gateway is your single place to enforce governance across your entire AI estate. 

We are excited to announce that Unity AI Gateway is expanding its AI governance capabilities across four key areas now available in Beta:

• LLM guardrails: Enforce customizable safety and compliance policies on model inputs and outputs
• Cost controls: Monitor usage and set per-user alerts across multiple models and providers
• Payload logging for MCP: Capture full request and response data for complete observability
• Service policies for MCP: Control which tools agents can invoke, based on identity and request context

Apply LLM guardrails for flexible, production-ready AI safety

Unity AI Gateway introduces LLM-based guardrails, replacing rigid, pre-built filters with policies defined using a model and prompt and evaluated in real time.

This allows teams to enforce safety, PII protection, and business-specific rules that adapt to their use case—without breaking agent workflows. Guardrails can be applied to inputs, outputs, or both, ensuring model behavior stays within defined boundaries.

With centralized logging into Unity Catalog, teams gain full visibility into how guardrails are applied in production. 

“The growing integration of agentic AI and healthcare datasets is creating new opportunities to deliver richer insights for our customers, while increasing the need for strong governance, security, and compliance. We’re excited to deepen our partnership with Databricks and look forward to leveraging Unity AI Gateway to help us govern AI systems securely and at scale across models, agents, and tools.” — Erik Meijer, Vice President, Engineering, Definitive Healthcare

“Unity AI Gateway is becoming important infrastructure for our analytics and agentic initiatives. It will enable us to innovate quickly while scaling production AI with unified governance, simplified architecture, and end-to-end security from day one. That means faster delivery, higher quality, and lower risk.” — Jeff Hepburn, Senior Director of Data & AI Platforms, Ibotta 

Control AI spend with per-user alerts and budget limits

As AI usage scales across models and providers, costs can quickly become unpredictable.

Unity AI Gateway introduces cost controls (Beta), including token-level cost attribution across requests, users, and endpoints, all tracked in Unity Catalog–governed inference tables.

Teams can set per-user alerts and enforce hard budget limits, ensuring that when usage exceeds a defined threshold, controls are automatically applied. This helps prevent runaway costs and keeps AI usage aligned with business budgets.

“For us at Quartile, Databricks is the hub where our teams' work with AI coding agents turns into governed, production-ready capability: development is accelerated by these tools, and Databricks centralizes the assets, exposing data and operations as Unity Catalog Functions and MCPs that agents invoke in production. In pipelines such as listing optimization, we switch LLMs by use case, continuously tuning cost and quality.” — Wilson Jacobsen, Data Intelligence Director, Quartile

Capture every interaction with payload logging in Unity Catalog

Understanding what agents are doing is critical for debugging, monitoring, and compliance.

With payload logging, Unity AI Gateway captures every request and response across model calls and MCP interactions. By enabling inference tables, these logs are automatically stored as system tables managed by Unity Catalog, creating a centralized, queryable record of agent activity.

This turns agent systems into fully observable workflows, making it easier to debug issues, audit behavior, and meet compliance requirements. If you are interested in enabling payload logging, reach out to your Databricks account team to enroll in our gated beta. 

Control agent actions with service policies for MCPs

MCPs can now be governed in Unity Catalog (UC), and admins can define who can call which MCP. On top of that, admins can write policies to further constrain service interactions, e.g., when an agent is acting on behalf of a user. These policies are enforced by Unity AI Gateway, which intercepts each and every service call.

Policies can be defined based on agent identity, user context, and request parameters. For example, you can restrict agents from accessing highly confidential documents, limit write actions to user-owned files, or require approval before sensitive operations.

Policies are defined in SQL as UC functions and applied directly to MCPs, making them deterministic, auditable, and easy to enforce across all agent workflows. If you are interested in MCPs and service policies, reach out to your Databricks account team to enroll in our gated beta. 

Learn more and meet the team at Data + AI Summit 2026

The new capabilities described above are available in Beta. To get started, open your workspace, navigate to Unity AI Gateway, and begin governing your AI estate. 

Learn more in the documentation or our detailed walkthrough blog posts:

• LLM guardrails 
• AI spend controls
• Service policies and payload logging for MCPs

See Unity AI Gateway in action and learn how leading organizations are governing AI agents at scale at Data + AI Summit 2026. Register today!