Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.ayliea.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Ayliea discovers AI platform usage across your organization through multiple methods:
MethodSourceWhat It Detects
Network CollectorDNS queries + TLS SNI on your networkAll AI platforms (57+ providers, 177+ domains)
AWS CloudTrailCloudTrail LookupEvents APIAmazon Bedrock (Claude, Titan, Llama, etc.)
GCP Cloud LoggingCloud Logging entries.list APIVertex AI (Gemini, PaLM, etc.)
The Network Collector provides the broadest coverage — it detects any AI platform accessed from your network, regardless of cloud provider. Cloud integrations provide deeper detail (specific model IDs, caller identities) for services running in your cloud accounts.

How It Works

Connection

  1. You create a read-only service account in your cloud provider
  2. Enter the credentials in Ayliea’s Organization settings
  3. Ayliea validates the credentials and saves them encrypted

Daily Polling

Ayliea polls your cloud provider once per day at 7:00 AM UTC:
  1. Reads API audit logs since the last successful poll
  2. Extracts model identifiers from each API call
  3. Maps model IDs to Ayliea’s AI tool catalog
  4. Creates a discovery scan record with the results
  5. Generates alerts for newly discovered platforms
  6. Checks results against your AI usage policies

Model Mapping

Cloud providers use internal model identifiers (e.g., anthropic.claude-3-sonnet-20240229-v1:0). Ayliea normalizes these identifiers and maps them to entries in the AI tool catalog, which provides:
  • Human-readable names
  • Vendor information
  • Risk classifications
  • Category assignments
Unmapped models appear with their raw cloud identifier and a default risk level.

Integration with Policy Engine

Discovered AI models are automatically checked against your organization’s AI usage policies. If a newly discovered model violates a policy rule:
  • A policy violation record is created
  • Webhook notifications are dispatched (if configured)
  • The violation appears on your Policy Compliance dashboard

Privacy

Cloud Discovery reads API call metadata only:
  • Model identifiers
  • Caller identities (IAM users, service accounts)
  • Timestamps and regions
  • API method names
Ayliea never accesses:
  • Prompt content or model inputs
  • Model responses or outputs
  • Request/response payloads
  • Any other cloud resources (storage, compute, databases)

Getting Started

Network Collector

Deploy an agent to discover all AI platform usage on your network.

AWS CloudTrail

Connect your AWS account to discover Bedrock usage.

GCP Cloud Logging

Connect your GCP project to discover Vertex AI usage.