Safe data discovery with EDB's Data Governance Co-Pilot AI quickstart

When Red Hat revealed our AI quickstarts, EDB suggested a use case to balance the business need for data with the non-negotiable demand for governance. We often treat this as a zero-sum game, but what if the architecture itself could negotiate peace?

This Data Governance Co-Pilot AI quickstart, built on Red Hat OpenShift AI and EDB Postgres AI (PGAI) platform, treats safe data discovery as a requirement. It provides a protected workspace where any data consumer can navigate complex schemas and extract insights with less risk of tripping compliance wires.

Retrieval-augmented generation (RAG) with privacy

The real governance challenge with agentic AI isn't just what the large language model (LLM) knows, it's what it can do. Agents with direct database access can execute queries autonomously, bypass access controls, and return raw personally identifiable information (PII) to the chat interface. The architecture needs to make compliant behavior the only possible behavior.

The AI quickstart is built on pg-airman-mcp, EDB's open source Model Context Protocol (MCP) server for Postgres integrated with PGAI. It uses agentic tool calling to Postgres for an innovative safeguard—an analytics tool that merges static data governance policies with a natural language query interface. This means that policies concerning data privacy, confidentiality, and data timeliness become an active filter directly embedded within the analyst's tooling and workflow. User queries are processed through an uploaded governance policy and the LLM to generate policy-compliant SQL statements, preventing data leakage to the chat interface.

By handling masking at the SQL level, this prevents the LLM from accessing the raw data payload.

Governance policies as filters

Usually, data governance policies are static documents. This Data Governance Co-Pilot AI quickstart changes the paradigm by allowing users to upload a data governance policy directly into the workflow, turning it into an active filter.

If a trusted analyst asks for a dataset that violates a residency rule, the system understands the policy and dynamically enforces rules, such as masking geographic data. It bridges the gap between legal intent and technical execution, helping non-technical teams understand database boundaries without requiring a lecture from the security team.

An air-gapped cloud native stack

Sending database schemas and query context to external AI providers introduces real risk—latency, exposure, and dependency on infrastructure you don't control. This AI quickstart eliminates that by running the entire stack within your Red Hat OpenShift cluster—the UI, the MCP server, the database, and the backend orchestrator. No data crosses the public internet to reach a third-party model.

By keeping the reasoning engine and the data store co-located within the same cluster, you dramatically reduce your attack surface and remove any dependency on third-party AI infrastructure. This gives you sovereign data and AI, fully realized within your own infrastructure.

"Restricted Mode" by default

It's realistic to be concerned about agentic AI executing a DROP TABLE command in production. The underlying pg-airman-mcp engine addresses this integrity risk by implementing distinct access modes where DROP operations are strictly prohibited in both.

While developers can use "Unrestricted Mode," the system supports a "Restricted Mode" by default for production. The engine performs deep AST-level validation in "Restricted Mode" which limits operations to read-only transactions and imposes constraints on resource utilization, meaning a curious analyst can't accidentally lock up the database or modify the schema. Whereas in Unrestricted Mode, although this mode executes SQL directly (subject to standard DB permissions), it still maintains the global block on DROP commands.

The only exception exists in metadata maintenance where users can update object comments via a configurable ALLOW_COMMENT_IN_RESTRICTED flag, allowing for collaborative documentation without risking schema integrity. This gives users a powerful tool to explore data without giving them the keys to the kingdom.

Fast time-to-insight

New analysts often have database access, but don't know the table names or relationships. "Schema Intelligence" guides the user through the schema via context-aware SQL generation based on a deep understanding of database objects and attached metadata. This metadata provides the LLM with powerful semantic context regarding both the individual objects and the broader schema. The AI becomes a mentor, facilitating an exploratory use case for understanding database objects, empowering the user to unpack the company's data structure independently and reducing the burden on technical staff.

Final takeaway

EDB's Data Governance Co-Pilot AI quickstart provides a layer of architectural glue that sits between your users and your data, actively enforcing safety. You can try it today.