{"id":839,"date":"2026-04-16T08:47:38","date_gmt":"2026-04-16T08:47:38","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-generative-ai-agents-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-analytics-and-ai\/"},"modified":"2026-04-16T08:47:38","modified_gmt":"2026-04-16T08:47:38","slug":"oracle-cloud-generative-ai-agents-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-analytics-and-ai","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-generative-ai-agents-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-analytics-and-ai\/","title":{"rendered":"Oracle Cloud Generative AI Agents Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Analytics and AI"},"content":{"rendered":"\n

Category<\/h2>\n\n\n\n

Analytics and AI<\/p>\n\n\n\n

1. Introduction<\/h2>\n\n\n\n

What this service is<\/h3>\n\n\n\n

Generative AI Agents<\/strong> in Oracle Cloud<\/strong> is a managed way to build and run \u201cagentic\u201d generative AI experiences\u2014applications that do more than answer a prompt. An agent can follow instructions, use curated knowledge, and (depending on your configuration and what Oracle supports in your region) call tools or services to complete multi-step tasks.<\/p>\n\n\n\n

One-paragraph simple explanation<\/h3>\n\n\n\n

If you want a chat-style assistant for your company (HR policy helper, IT support assistant, finance Q&A, product documentation bot) that answers using your<\/em> documents and behaves consistently, Generative AI Agents<\/strong> provides a structured service to configure that assistant and operate it in Oracle Cloud instead of stitching everything together from scratch.<\/p>\n\n\n\n

One-paragraph technical explanation<\/h3>\n\n\n\n

At a technical level, Generative AI Agents<\/strong> sits in the Oracle Cloud (OCI) Analytics and AI<\/strong> portfolio and is designed to orchestrate LLM inference together with common agent building blocks (instructions, conversation context, and knowledge retrieval). In most architectures, your enterprise content lands in an OCI data source (often Object Storage and\/or a database), is retrieved at query time (RAG-style patterns), and is then provided as grounded context to an LLM. The service aims to reduce the amount of custom glue code required to manage these agent workflows and deployments. Verify the exact feature set and UI\/API terms in the official docs for your region<\/strong>, because agent capabilities evolve quickly.<\/p>\n\n\n\n

What problem it solves<\/h3>\n\n\n\n

Teams typically struggle with:\n– Building a secure, repeatable, governed pattern for internal \u201centerprise chat\u201d assistants\n– Grounding answers in authoritative documents (reducing hallucinations)\n– Managing identity, access, logging, and operational visibility in production\n– Controlling cost drivers (tokens, retrieval, storage, throughput) at scale<\/p>\n\n\n\n

Generative AI Agents<\/strong> is intended to address those problems by providing a managed service approach aligned with OCI security and operations.<\/p>\n\n\n\n

\n\n\n\n

2. What is Generative AI Agents?<\/h2>\n\n\n\n

Official purpose<\/h3>\n\n\n\n

Generative AI Agents<\/strong> in Oracle Cloud<\/strong> is intended to help you create, configure, and operate generative AI \u201cagents\u201d<\/strong> that can respond to user prompts in a controlled way\u2014often by combining:\n– LLM inference\n– Optional knowledge retrieval from your data (RAG)\n– Optional tool\/action execution (where supported)<\/p>\n\n\n\n

Because Oracle\u2019s naming and packaging can change, you may see Generative AI Agents<\/strong> represented as a standalone service entry or as a capability within OCI\u2019s broader Generative AI<\/strong> offerings. Verify the current product page and documentation for the exact scope in your tenancy and region.<\/strong><\/p>\n\n\n\n

Core capabilities (conceptual, confirm specifics in docs)<\/h3>\n\n\n\n

Common agent capabilities typically include:\n– Agent instructions \/ persona<\/strong>: define behavior and tone for consistent responses\n– Knowledge grounding<\/strong>: use enterprise documents as context for answers\n– Conversation handling<\/strong>: multi-turn chat context and session-like interactions\n– Safety controls<\/strong>: content filtering \/ refusal behavior (capabilities vary\u2014verify)\n– Deployment and operations<\/strong>: environments, access control, logging\/metrics (verify)<\/p>\n\n\n\n

Major components (conceptual mapping)<\/h3>\n\n\n\n

Depending on the OCI implementation you have access to, you can expect some combination of:<\/p>\n\n\n\n

\n\n\n\n\n\n\n\n\n
Component<\/th>\nWhat it represents<\/th>\nWhy it exists<\/th>\n<\/tr>\n<\/thead>\n
Agent configuration<\/td>\nThe \u201cdefinition\u201d of your agent (instructions, model choice, knowledge settings)<\/td>\nMakes behavior reproducible and governable<\/td>\n<\/tr>\n
Knowledge source(s)<\/td>\nDocuments\/data used for grounding<\/td>\nImproves accuracy and reduces hallucination risk<\/td>\n<\/tr>\n
Runtime \/ endpoint<\/td>\nWhere requests are processed<\/td>\nEnables integration with apps and channels<\/td>\n<\/tr>\n
Identity & access<\/td>\nIAM policies, compartments, groups<\/td>\nControls who can create\/use agents<\/td>\n<\/tr>\n
Observability<\/td>\nLogs, metrics, audit events<\/td>\nRequired for production operations<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n

Verify the exact component names (for example, whether OCI uses terms like \u201cknowledge base\u201d, \u201cdata source\u201d, \u201cagent deployment\u201d, or \u201cendpoint\u201d) in official docs.<\/strong><\/p>\n\n\n\n

Service type<\/h3>\n\n\n\n

Generative AI Agents is a managed cloud service<\/strong> (PaaS-style) within Oracle Cloud<\/strong> in the Analytics and AI<\/strong> category. You configure agents; Oracle runs the underlying infrastructure for agent execution.<\/p>\n\n\n\n

Scope: regional\/global\/zonal and tenancy scoping<\/h3>\n\n\n\n

OCI AI services are typically:\n– Tenancy-scoped<\/strong> for billing and governance\n– Compartment-scoped<\/strong> for resource organization and IAM boundaries\n– Regional<\/strong> in where the service endpoint and data processing occur<\/p>\n\n\n\n

However, availability and exact scoping can vary. Confirm regional availability and data residency behavior in official docs for Generative AI Agents.<\/strong><\/p>\n\n\n\n

How it fits into the Oracle Cloud ecosystem<\/h3>\n\n\n\n

Generative AI Agents is most often used alongside:\n– OCI Generative AI \/ foundation model access<\/strong> (for LLM inference)\n– OCI Object Storage<\/strong> (for document storage and ingestion pipelines)\n– OCI Logging \/ Monitoring \/ Audit<\/strong> (operations and governance)\n– OCI API Gateway + Functions<\/strong> (secure app integration patterns)\n– Oracle Autonomous Database \/ Oracle Database<\/strong> (enterprise data sources)\n– Oracle Integration Cloud<\/strong> (workflow automation and connectors)\n– Oracle Analytics Cloud<\/strong> (analytics experiences powered by governed data)<\/p>\n\n\n\n

\n\n\n\n

3. Why use Generative AI Agents?<\/h2>\n\n\n\n

Business reasons<\/h3>\n\n\n\n
    \n
  • Faster time-to-value<\/strong>: standard patterns for deploying internal assistants<\/li>\n
  • Consistency<\/strong>: centrally managed instructions and behavior reduce \u201crandom\u201d assistant output<\/li>\n
  • Knowledge enablement<\/strong>: employees get answers faster from trusted docs<\/li>\n
  • Support deflection<\/strong>: reduce load on IT\/helpdesk and shared services teams<\/li>\n<\/ul>\n\n\n\n

    Technical reasons<\/h3>\n\n\n\n
      \n
    • Managed orchestration<\/strong>: less custom code for prompt routing, retrieval, context assembly, and session handling (verify exact orchestration capabilities)<\/li>\n
    • OCI-native governance<\/strong>: compartments, IAM policies, tagging, and auditability<\/li>\n
    • Integration-friendly<\/strong>: works well with common OCI building blocks (API Gateway, Functions, OKE, Object Storage)<\/li>\n<\/ul>\n\n\n\n

      Operational reasons<\/h3>\n\n\n\n
        \n
      • Production posture<\/strong>: logging, monitoring, and access controls can be aligned with established OCI ops processes<\/li>\n
      • Standardization<\/strong>: reusable agent patterns across teams reduce duplicated effort<\/li>\n
      • Change management<\/strong>: agent configuration updates can be controlled and reviewed<\/li>\n<\/ul>\n\n\n\n

        Security\/compliance reasons<\/h3>\n\n\n\n
          \n
        • IAM-based access control<\/strong>: aligns with OCI identity governance<\/li>\n
        • Audit trails<\/strong>: OCI Audit can record API actions (verify event coverage for agent actions)<\/li>\n
        • Data residency<\/strong>: regional deployment helps meet locality requirements (verify actual processing locations and subprocessor details)<\/li>\n<\/ul>\n\n\n\n

          Scalability\/performance reasons<\/h3>\n\n\n\n
            \n
          • Service-managed scaling<\/strong>: you avoid running your own GPU fleet for typical agent workloads<\/li>\n
          • Elasticity<\/strong>: scale usage with demand; align cost with actual consumption<\/li>\n<\/ul>\n\n\n\n

            When teams should choose it<\/h3>\n\n\n\n

            Choose Generative AI Agents<\/strong> when:\n– You need a chat\/assistant-style interface<\/strong> grounded in enterprise knowledge\n– You want an OCI-governed approach (IAM\/compartments\/logging\/audit)\n– You prefer managed operations over building an agent framework from scratch\n– You can accept the service\u2019s model availability, quotas, and regional constraints<\/p>\n\n\n\n

            When they should not choose it<\/h3>\n\n\n\n

            Consider alternatives when:\n– You must run fully offline \/ on-prem only<\/strong> with no cloud processing\n– You need full control over the entire agent runtime<\/strong> (custom tool routing, custom vector DB logic, specialized model hosting) and OCI\u2019s managed approach is too constrained\n– Your workload requires deterministic pipelines<\/strong> where LLM variability is unacceptable\n– You have strict requirements that demand features not currently available (for example, private endpoints, specific compliance attestations, or specific model families)\u2014verify in official docs<\/strong><\/p>\n\n\n\n

            \n\n\n\n

            4. Where is Generative AI Agents used?<\/h2>\n\n\n\n

            Industries<\/h3>\n\n\n\n
              \n
            • Financial services (policy Q&A, internal procedure assistants)<\/li>\n
            • Healthcare (knowledge assistants for internal SOPs; ensure PHI controls)<\/li>\n
            • Retail\/e-commerce (product and operations documentation assistants)<\/li>\n
            • Manufacturing (maintenance and safety manual Q&A)<\/li>\n
            • Public sector (citizen service scripts, internal policy assistants)<\/li>\n
            • Education (course content Q&A, student support assistants)<\/li>\n<\/ul>\n\n\n\n

              Team types<\/h3>\n\n\n\n
                \n
              • Platform engineering teams building an \u201cAI platform\u201d on OCI<\/li>\n
              • Data\/analytics teams enabling natural-language access to curated data<\/li>\n
              • Application teams embedding assistants into internal portals<\/li>\n
              • Security and compliance teams implementing governance patterns<\/li>\n
              • Support\/helpdesk teams improving ticket triage and resolution<\/li>\n<\/ul>\n\n\n\n

                Workloads<\/h3>\n\n\n\n
                  \n
                • Document Q&A and enterprise search augmentation<\/li>\n
                • Internal policy assistants and onboarding bots<\/li>\n
                • IT runbook assistants (SRE knowledge helper)<\/li>\n
                • Customer support draft responses (human-in-the-loop)<\/li>\n<\/ul>\n\n\n\n

                  Architectures<\/h3>\n\n\n\n
                    \n
                  • \u201cChat UI \u2192 API \u2192 Agent \u2192 LLM + Knowledge \u2192 Response\u201d<\/li>\n
                  • \u201cTicketing system \u2192 Agent \u2192 suggested resolution \u2192 human approval\u201d<\/li>\n
                  • \u201cPortal application \u2192 Agent endpoint \u2192 audit + logs \u2192 dashboards\u201d<\/li>\n<\/ul>\n\n\n\n

                    Real-world deployment contexts<\/h3>\n\n\n\n
                      \n
                    • Intranet<\/strong> assistants for employees<\/li>\n
                    • Secure SaaS<\/strong> products embedding a tenant-isolated assistant<\/li>\n
                    • Contact center<\/strong> workflows (with strict guardrails and approvals)<\/li>\n<\/ul>\n\n\n\n

                      Production vs dev\/test usage<\/h3>\n\n\n\n
                        \n
                      • Dev\/test<\/strong>: small document sets, strict spending limits, test tenants\/compartments, rapid iteration<\/li>\n
                      • Production<\/strong>: curated knowledge pipelines, change control, monitoring\/SLOs, cost guardrails, IAM least privilege, incident response processes<\/li>\n<\/ul>\n\n\n\n
                        \n\n\n\n

                        5. Top Use Cases and Scenarios<\/h2>\n\n\n\n

                        Below are realistic scenarios for Oracle Cloud Generative AI Agents<\/strong>. For each, treat the exact<\/em> supported connectors\/actions as \u201cverify in official docs,\u201d because integrations evolve.<\/p>\n\n\n\n

                        1) HR Policy Assistant<\/h3>\n\n\n\n
                          \n
                        • Problem<\/strong>: Employees ask repetitive HR questions; answers must match policy documents.<\/li>\n
                        • Why this service fits<\/strong>: An agent can be grounded in HR policy docs and consistently cite the correct policy sections (if citations are supported\u2014verify).<\/li>\n
                        • Example<\/strong>: \u201cHow many carryover vacation days do I have?\u201d \u2192 agent responds based on the current HR handbook and links to the authoritative PDF.<\/li>\n<\/ul>\n\n\n\n

                          2) IT Helpdesk Triage Assistant<\/h3>\n\n\n\n
                            \n
                          • Problem<\/strong>: Tickets come in with incomplete details; triage takes time.<\/li>\n
                          • Why this service fits<\/strong>: The agent can ask clarifying questions and suggest runbook steps grounded in internal SOPs.<\/li>\n
                          • Example<\/strong>: New ticket \u201cVPN not working\u201d \u2192 agent asks OS type, error code, last successful login, and suggests troubleshooting steps.<\/li>\n<\/ul>\n\n\n\n

                            3) SRE Runbook Assistant<\/h3>\n\n\n\n
                              \n
                            • Problem<\/strong>: On-call engineers need quick access to runbooks during incidents.<\/li>\n
                            • Why this service fits<\/strong>: Grounding in runbooks reduces time-to-mitigation.<\/li>\n
                            • Example<\/strong>: \u201cHigh 5xx on API service\u201d \u2192 agent suggests the correct runbook, checks and remediation steps, and escalation paths.<\/li>\n<\/ul>\n\n\n\n

                              4) Finance Close Process Helper<\/h3>\n\n\n\n
                                \n
                              • Problem<\/strong>: Monthly close has many steps and dependencies; new hires struggle.<\/li>\n
                              • Why this service fits<\/strong>: The agent can guide step-by-step processes grounded in finance SOP docs.<\/li>\n
                              • Example<\/strong>: \u201cWhat\u2019s the deadline for AR reconciliation?\u201d \u2192 agent answers from the current close calendar.<\/li>\n<\/ul>\n\n\n\n

                                5) Engineering Documentation Chat<\/h3>\n\n\n\n
                                  \n
                                • Problem<\/strong>: Developers can\u2019t find the right internal docs quickly.<\/li>\n
                                • Why this service fits<\/strong>: RAG-based assistants improve discovery without migrating docs into a new system.<\/li>\n
                                • Example<\/strong>: \u201cHow do I request a new OCI compartment?\u201d \u2192 agent points to the internal procedure and required approvals.<\/li>\n<\/ul>\n\n\n\n

                                  6) Security Policy and Exception Request Assistant<\/h3>\n\n\n\n
                                    \n
                                  • Problem<\/strong>: Security teams receive repetitive questions; responses must be precise.<\/li>\n
                                  • Why this service fits<\/strong>: Agent can be grounded in security standards and exception workflows.<\/li>\n
                                  • Example<\/strong>: \u201cCan we open port 22 to the internet?\u201d \u2192 agent explains the policy and the exception process.<\/li>\n<\/ul>\n\n\n\n

                                    7) Customer Support Draft Response Assistant (Human-in-the-loop)<\/h3>\n\n\n\n
                                      \n
                                    • Problem<\/strong>: Agents need fast, consistent draft responses.<\/li>\n
                                    • Why this service fits<\/strong>: The assistant drafts responses grounded in KB articles; humans approve before sending.<\/li>\n
                                    • Example<\/strong>: Customer asks about billing refunds \u2192 assistant drafts a response referencing the correct policy article.<\/li>\n<\/ul>\n\n\n\n

                                      8) Product Specification Assistant for Sales Engineers<\/h3>\n\n\n\n
                                        \n
                                      • Problem<\/strong>: Sales engineers need accurate technical specs quickly.<\/li>\n
                                      • Why this service fits<\/strong>: Ground the agent in current product spec sheets and release notes.<\/li>\n
                                      • Example<\/strong>: \u201cDoes version X support feature Y?\u201d \u2192 agent references the latest release note entry.<\/li>\n<\/ul>\n\n\n\n

                                        9) Internal Training \/ Onboarding Assistant<\/h3>\n\n\n\n
                                          \n
                                        • Problem<\/strong>: New hires ask repetitive onboarding questions.<\/li>\n
                                        • Why this service fits<\/strong>: Grounded answers reduce inconsistent guidance.<\/li>\n
                                        • Example<\/strong>: \u201cHow do I set up MFA and request VPN?\u201d \u2192 agent lists steps from onboarding docs.<\/li>\n<\/ul>\n\n\n\n

                                          10) Procurement and Vendor Policy Assistant<\/h3>\n\n\n\n
                                            \n
                                          • Problem<\/strong>: Employees don\u2019t know procurement thresholds and required approvals.<\/li>\n
                                          • Why this service fits<\/strong>: Ground in procurement policy and approval matrices.<\/li>\n
                                          • Example<\/strong>: \u201cDo I need 3 quotes for a $15k purchase?\u201d \u2192 agent answers based on policy.<\/li>\n<\/ul>\n\n\n\n

                                            11) Compliance Evidence Assistant<\/h3>\n\n\n\n
                                              \n
                                            • Problem<\/strong>: Audit requests require collecting evidence from many documents.<\/li>\n
                                            • Why this service fits<\/strong>: Agent can guide where evidence typically lives and what is acceptable (do not let it fabricate evidence).<\/li>\n
                                            • Example<\/strong>: \u201cShow password policy evidence\u201d \u2192 assistant lists the system settings export and policy doc locations.<\/li>\n<\/ul>\n\n\n\n

                                              12) Multi-lingual Internal Knowledge Assistant (If supported)<\/h3>\n\n\n\n
                                                \n
                                              • Problem<\/strong>: Global workforce needs consistent answers in multiple languages.<\/li>\n
                                              • Why this service fits<\/strong>: If the underlying models support multilingual output, an agent can respond in requested language while grounding in canonical docs.<\/li>\n
                                              • Example<\/strong>: Employee asks in Spanish; agent answers in Spanish but cites English policy section.<\/li>\n<\/ul>\n\n\n\n
                                                \n\n\n\n

                                                6. Core Features<\/h2>\n\n\n\n

                                                Because Generative AI Agents<\/strong> evolves rapidly, the feature descriptions below focus on commonly expected agent-service behaviors<\/strong> and OCI operational patterns. Confirm each feature\u2019s availability and exact configuration steps in the official Oracle Cloud documentation for Generative AI Agents in your region.<\/strong><\/p>\n\n\n\n

                                                1) Managed agent configuration<\/h3>\n\n\n\n
                                                  \n
                                                • What it does<\/strong>: Lets you define the agent\u2019s behavior and settings as a managed cloud resource.<\/li>\n
                                                • Why it matters<\/strong>: You can standardize assistants across teams and environments.<\/li>\n
                                                • Practical benefit<\/strong>: Repeatable deployments; simpler governance vs. ad-hoc scripts.<\/li>\n
                                                • Limitations\/caveats<\/strong>: Configuration options vary (model selection, max tokens, retrieval settings, etc.). Verify what\u2019s exposed.<\/li>\n<\/ul>\n\n\n\n

                                                  2) System instructions \/ persona controls<\/h3>\n\n\n\n
                                                    \n
                                                  • What it does<\/strong>: Sets the assistant\u2019s role, allowed behavior, tone, and boundaries.<\/li>\n
                                                  • Why it matters<\/strong>: Reduces risky outputs and improves consistency.<\/li>\n
                                                  • Practical benefit<\/strong>: \u201cAnswer only from approved knowledge; if not found, say you don\u2019t know.\u201d<\/li>\n
                                                  • Caveats<\/strong>: Instructions are not absolute guarantees; you still need guardrails and evaluation.<\/li>\n<\/ul>\n\n\n\n

                                                    3) Knowledge grounding (RAG-style retrieval)<\/h3>\n\n\n\n
                                                      \n
                                                    • What it does<\/strong>: Retrieves relevant snippets from approved sources and uses them as context for the LLM.<\/li>\n
                                                    • Why it matters<\/strong>: Reduces hallucination and keeps answers aligned with your policies.<\/li>\n
                                                    • Practical benefit<\/strong>: Higher accuracy for enterprise Q&A.<\/li>\n
                                                    • Caveats<\/strong>: Retrieval quality depends on document quality, chunking\/indexing, and query formulation. Also, grounding does not eliminate all hallucinations.<\/li>\n<\/ul>\n\n\n\n

                                                      4) Conversation context handling<\/h3>\n\n\n\n
                                                        \n
                                                      • What it does<\/strong>: Supports multi-turn interactions where previous turns influence responses.<\/li>\n
                                                      • Why it matters<\/strong>: Most assistants are conversational, not single-shot.<\/li>\n
                                                      • Practical benefit<\/strong>: \u201cContinue from last step\u201d workflows.<\/li>\n
                                                      • Caveats<\/strong>: Context windows are limited; long chats can cause truncation or increased token costs.<\/li>\n<\/ul>\n\n\n\n

                                                        5) Model selection and configuration (dependent on OCI offering)<\/h3>\n\n\n\n
                                                          \n
                                                        • What it does<\/strong>: Uses OCI-supported foundation models for inference.<\/li>\n
                                                        • Why it matters<\/strong>: Different models optimize for cost, latency, reasoning, or context size.<\/li>\n
                                                        • Practical benefit<\/strong>: Choose cheaper models for simple Q&A stronger models for complex tasks.<\/li>\n
                                                        • Caveats<\/strong>: Model availability is region-dependent; some models may have usage restrictions.<\/li>\n<\/ul>\n\n\n\n

                                                          6) Integration patterns with OCI services<\/h3>\n\n\n\n
                                                            \n
                                                          • What it does<\/strong>: Enables common integration architectures using OCI API Gateway, Functions, OKE, Object Storage, and IAM.<\/li>\n
                                                          • Why it matters<\/strong>: Enterprise apps need secure access paths and controlled egress.<\/li>\n
                                                          • Practical benefit<\/strong>: Put an API layer in front of the agent; enforce auth, throttling, and logging.<\/li>\n
                                                          • Caveats<\/strong>: Some AI services are accessed via public endpoints; private networking options vary\u2014verify.<\/li>\n<\/ul>\n\n\n\n

                                                            7) IAM, compartments, tagging<\/h3>\n\n\n\n
                                                              \n
                                                            • What it does<\/strong>: Uses OCI IAM and compartment scoping for admin\/user separation; resource tags for cost allocation.<\/li>\n
                                                            • Why it matters<\/strong>: Production AI requires governance.<\/li>\n
                                                            • Practical benefit<\/strong>: Separate dev\/test\/prod compartments; apply tags for chargeback.<\/li>\n
                                                            • Caveats<\/strong>: Least-privilege policy design requires careful testing; start from Oracle\u2019s published policy examples.<\/li>\n<\/ul>\n\n\n\n

                                                              8) Observability hooks (logs\/metrics\/audit)<\/h3>\n\n\n\n
                                                                \n
                                                              • What it does<\/strong>: Leverages OCI\u2019s logging\/monitoring\/audit ecosystem to support operations.<\/li>\n
                                                              • Why it matters<\/strong>: You need to troubleshoot latency, failures, and unexpected costs.<\/li>\n
                                                              • Practical benefit<\/strong>: Create dashboards and alerts for error rates and usage spikes.<\/li>\n
                                                              • Caveats<\/strong>: The exact metrics\/log fields depend on the service\u2014verify what is emitted and whether prompt\/response content is logged (and how to control that).<\/li>\n<\/ul>\n\n\n\n
                                                                \n\n\n\n

                                                                7. Architecture and How It Works<\/h2>\n\n\n\n

                                                                High-level architecture<\/h3>\n\n\n\n

                                                                A typical Oracle Cloud Generative AI Agents<\/strong> architecture includes:\n1. A client<\/strong> (web app, internal portal, mobile app, or CLI tool)\n2. An API layer<\/strong> (optional but recommended for production) to enforce auth, quotas, and request validation\n3. The Generative AI Agents<\/strong> service to orchestrate agent behavior\n4. Knowledge sources<\/strong> (documents\/data) for grounding\n5. Observability and governance<\/strong> (Logging, Monitoring, Audit, tags)<\/p>\n\n\n\n

                                                                Request\/data\/control flow (typical)<\/h3>\n\n\n\n
                                                                  \n
                                                                1. User sends a prompt to your app.<\/li>\n
                                                                2. Your app calls an API (API Gateway \/ backend service).<\/li>\n
                                                                3. Backend authenticates user and applies rate limits and policy checks.<\/li>\n
                                                                4. Backend calls Generative AI Agents<\/strong> in a specific OCI region.<\/li>\n
                                                                5. Agent runtime may retrieve relevant context from configured knowledge sources (RAG pattern).<\/li>\n
                                                                6. LLM generates a response using agent instructions and retrieved context.<\/li>\n
                                                                7. Response returns to the user; logs\/metrics\/audit are recorded per OCI settings.<\/li>\n<\/ol>\n\n\n\n

                                                                  Integrations with related OCI services<\/h3>\n\n\n\n

                                                                  Common building blocks:\n– OCI Object Storage<\/strong>: store documents, policies, manuals, KB exports\n– Oracle Autonomous Database<\/strong>: curated Q&A tables, metadata, entitlements\n– OCI Functions<\/strong>: post-processing, workflow triggers, tool-like actions (if you implement them)\n– OCI API Gateway<\/strong>: authentication, throttling, WAF-like patterns, routing\n– OCI Vault<\/strong>: secrets for downstream systems\n– OCI Logging\/Monitoring\/Audit<\/strong>: operational insights and governance\n– OCI Identity and Access Management (IAM)<\/strong>: least privilege access<\/p>\n\n\n\n

                                                                  Dependency services<\/h3>\n\n\n\n

                                                                  At minimum, agent solutions often depend on:\n– An OCI region where Generative AI Agents<\/strong> is available\n– OCI IAM and compartments\n– A knowledge repository (Object Storage and\/or database)\n– Client\/app hosting (Compute, OKE, Functions, or external)<\/p>\n\n\n\n

                                                                  Security\/authentication model<\/h3>\n\n\n\n

                                                                  OCI services typically support:\n– User-based auth<\/strong> via OCI Console for administrators\n– API auth<\/strong> via OCI request signing (SDK\/CLI) for applications\n– Instance principals<\/strong> or resource principals<\/strong> for workloads running on OCI<\/p>\n\n\n\n

                                                                  The recommended production approach is:\n– Run your backend on OCI and use instance principals<\/strong> \/ resource principals<\/strong>\n– Avoid embedding long-lived keys in code\n– Put API Gateway in front of your backend for external clients<\/p>\n\n\n\n

                                                                  Networking model<\/h3>\n\n\n\n

                                                                  Many OCI AI services are accessed via regional public endpoints<\/strong>. Some OCI services support private endpoints or VCN integration; verify whether Generative AI Agents supports private endpoints<\/strong> in your region. If it\u2019s public:\n– Use outbound controls (NAT, egress allowlists where possible)\n– Restrict which services can call the agent (IAM + API Gateway)\n– Avoid direct browser-to-agent calls from untrusted networks<\/p>\n\n\n\n

                                                                  Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n
                                                                    \n
                                                                  • Decide what to log (requests, metadata, latency, errors) while minimizing sensitive content.<\/li>\n
                                                                  • Use Audit<\/strong> for administrative actions and changes.<\/li>\n
                                                                  • Tag resources for cost allocation: CostCenter<\/code>, Environment<\/code>, Owner<\/code>, DataSensitivity<\/code>.<\/li>\n<\/ul>\n\n\n\n
                                                                    \n\n\n\n

                                                                    Simple architecture diagram (Mermaid)<\/h3>\n\n\n\n
                                                                    flowchart LR\n  U[User] --> A[App \/ Portal]\n  A --> B[Backend API]\n  B --> G[Generative AI Agents (OCI Region)]\n  G --> K[Knowledge Source (Object Storage \/ DB)]\n  G --> R[LLM Inference (OCI Generative AI)]\n  B --> L[OCI Logging\/Monitoring]\n<\/code><\/pre>\n\n\n\n
                                                                    Production-style architecture diagram (Mermaid)<\/h3>\n\n\n\n
                                                                    flowchart TB\n  subgraph Client\n    W[Web UI \/ Internal Portal]\n    C[CLI \/ Integrations]\n  end\n\n  subgraph Edge[\"OCI Edge (Recommended)\"]\n    APIG[OCI API Gateway]\n    WAF[Optional: Edge protections \/ policies]\n  end\n\n  subgraph AppTier[\"App Tier (VCN)\"]\n    SVC[Agent Orchestrator Service\\n(OKE\/Compute\/Functions)]\n    VAULT[OCI Vault]\n  end\n\n  subgraph AI[\"Analytics and AI (OCI Region)\"]\n    AG[Generative AI Agents]\n    LLM[LLM \/ Generative AI Inference]\n  end\n\n  subgraph Data[\"Data Sources\"]\n    OS[OCI Object Storage\\nDocuments]\n    ADB[Autonomous Database\\nMetadata\/Entitlements]\n  end\n\n  subgraph Ops[\"Operations & Governance\"]\n    LOG[OCI Logging]\n    MON[OCI Monitoring\/Alarms]\n    AUD[OCI Audit]\n  end\n\n  W --> APIG\n  C --> APIG\n  APIG --> SVC\n  SVC --> AG\n  AG --> LLM\n  AG --> OS\n  AG --> ADB\n\n  SVC --> VAULT\n  APIG --> LOG\n  SVC --> LOG\n  AG --> LOG\n  LOG --> MON\n  AG --> AUD\n  APIG --> AUD\n  SVC --> AUD\n<\/code><\/pre>\n\n\n\n
                                                                    \n\n\n\n
                                                                    8. Prerequisites<\/h2>\n\n\n\n
                                                                    Tenancy\/account requirements<\/h3>\n\n\n\n
                                                                      \n
                                                                    • An active Oracle Cloud<\/strong> tenancy with billing enabled (or an approved internal account).<\/li>\n
                                                                    • Access to an OCI region where Generative AI Agents<\/strong> is available. Availability varies by region\u2014verify in official docs<\/strong>.<\/li>\n<\/ul>\n\n\n\n
                                                                      Permissions \/ IAM roles<\/h3>\n\n\n\n
                                                                      For the hands-on lab, the simplest approach is:\n– Use a user that is a tenancy administrator<\/strong>, or\n– Use a user with broad management permissions<\/strong> in a dedicated lab compartment<\/p>\n\n\n\n
                                                                      For production, you should implement least privilege:\n– Separate \u201cagent admins\u201d (create\/update agents, manage knowledge)\n– From \u201cagent users\u201d (invoke agent runtime endpoints)\n– And from \u201cops\/security\u201d (view logs\/audit, manage alerts)<\/p>\n\n\n\n
                                                                      Important<\/strong>: OCI IAM policy syntax and resource families are service-specific. Use the official Generative AI Agents IAM policy examples<\/strong> from Oracle docs to avoid trial-and-error.<\/p>\n\n\n\n
                                                                      Billing requirements<\/h3>\n\n\n\n
                                                                        \n
                                                                      • Expect usage-based charges for LLM inference and any retrieval\/indexing components (details in the next section).<\/li>\n
                                                                      • Ensure budgets and alerts are configured before production rollouts.<\/li>\n<\/ul>\n\n\n\n
                                                                        CLI\/SDK\/tools needed (recommended)<\/h3>\n\n\n\n
                                                                          \n
                                                                        • OCI Console access<\/li>\n
                                                                        • OCI CLI<\/strong> (optional but useful): https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/SDKDocs\/cliinstall.htm<\/li>\n
                                                                        • A workstation with:<\/li>\n
                                                                        • Python 3.x (optional, for integration testing)<\/li>\n
                                                                        • curl<\/code> (optional)<\/li>\n<\/ul>\n\n\n\n
                                                                          Region availability<\/h3>\n\n\n\n
                                                                            \n
                                                                          • Confirm that your selected OCI region supports Generative AI Agents<\/strong> and the models you plan to use.<\/li>\n
                                                                          • Plan for data residency: store knowledge sources in the same region when required.<\/li>\n<\/ul>\n\n\n\n
                                                                            Quotas\/limits<\/h3>\n\n\n\n
                                                                            Expect service limits such as:\n– Requests per minute\n– Concurrent sessions\n– Max prompt\/context length\n– Knowledge base size \/ number of documents\n– Max document size<\/p>\n\n\n\n
                                                                            These limits vary\u2014verify in official docs and your tenancy service limits<\/strong>.<\/p>\n\n\n\n
                                                                            Prerequisite services<\/h3>\n\n\n\n
                                                                            For the lab in this tutorial, you\u2019ll use:\n– OCI Object Storage<\/strong> (to store the documents used for grounding)\n– OCI Logging\/Audit<\/strong> (for basic governance)\n– Generative AI Agents<\/strong> (the main service)<\/p>\n\n\n\n
                                                                            \n\n\n\n
                                                                            9. Pricing \/ Cost<\/h2>\n\n\n\n
                                                                            Do not treat this section as a quote.<\/strong> OCI pricing is region-dependent and can change. Some organizations also have negotiated rates. Always validate using the official Oracle pricing pages and the OCI cost estimator\/calculator.<\/p>\n\n\n\n
                                                                            Current pricing model (how it\u2019s typically structured)<\/h3>\n\n\n\n
                                                                            For Generative AI Agents<\/strong>, costs usually come from a combination of:<\/p>\n\n\n\n
                                                                              \n
                                                                            1. \n
                                                                              Model inference usage<\/strong>\n   – Typically priced by tokens<\/strong> (input tokens + output tokens) or similar consumption metrics.\n   – Different models have different rates.<\/p>\n<\/li>\n
                                                                            2. \n
                                                                              Knowledge grounding \/ retrieval costs<\/strong> (if applicable)\n   – If the service builds or uses embeddings\/vector indexes, you may pay for:<\/p>\n
                                                                                \n
                                                                              • Embedding generation (token-based or unit-based)<\/li>\n
                                                                              • Index storage<\/li>\n
                                                                              • Retrieval operations<\/li>\n<\/ul>\n<\/li>\n
                                                                              • \n
                                                                                Data storage<\/strong>\n   – Object Storage<\/strong> for source documents (GB-month)\n   – Possible additional storage for indexes\/derived artifacts (service-dependent)<\/p>\n<\/li>\n
                                                                              • \n
                                                                                Networking<\/strong>\n   – Ingress is often free; egress<\/strong> can be charged, especially to the public internet or other regions.\n   – Inter-service traffic patterns matter in distributed deployments.<\/p>\n<\/li>\n
                                                                              • \n
                                                                                Operational services<\/strong>\n   – Logging ingestion and retention costs (depending on volume and retention settings)\n   – Monitoring metrics (usually low cost but can add up at scale)\n   – API Gateway requests (if used)<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                Free tier<\/h3>\n\n\n\n
                                                                                Oracle has a Free Tier program for some OCI services, but Generative AI Agents and\/or the underlying model inference may not be included<\/strong> or may have limited promotions. Verify eligibility and limits<\/strong>:\n– https:\/\/www.oracle.com\/cloud\/free\/<\/p>\n\n\n\n
                                                                                Cost drivers (what makes bills grow)<\/h3>\n\n\n\n
                                                                                  \n
                                                                                • High chat volume (requests\/day)<\/li>\n
                                                                                • Long prompts and long answers (token growth)<\/li>\n
                                                                                • Large context windows and multi-turn conversations<\/li>\n
                                                                                • Retrieval that includes many chunks\/snippets per answer<\/li>\n
                                                                                • Frequent re-indexing or ingestion of documents<\/li>\n
                                                                                • Logging too much content (prompt\/response bodies) at high volume<\/li>\n
                                                                                • Cross-region architectures causing egress charges<\/li>\n<\/ul>\n\n\n\n
                                                                                  Hidden or indirect costs<\/h3>\n\n\n\n
                                                                                    \n
                                                                                  • Document pipelines<\/strong>: OCR, parsing, chunking, cleanup (compute + storage)<\/li>\n
                                                                                  • Evaluation environments<\/strong>: test traffic can double usage if unmanaged<\/li>\n
                                                                                  • Security layers<\/strong>: API Gateway, WAF patterns, additional logging retention<\/li>\n
                                                                                  • Human review<\/strong>: operational overhead for safety and correctness<\/li>\n<\/ul>\n\n\n\n
                                                                                    Network\/data transfer implications<\/h3>\n\n\n\n
                                                                                      \n
                                                                                    • Keep the app tier and agent service in the same region<\/strong> when possible.<\/li>\n
                                                                                    • Avoid sending large documents inline; store in Object Storage and reference them.<\/li>\n
                                                                                    • If users are global, consider caching and routing strategies.<\/li>\n<\/ul>\n\n\n\n
                                                                                      How to optimize cost<\/h3>\n\n\n\n
                                                                                        \n
                                                                                      • Use the smallest model that meets quality requirements.<\/li>\n
                                                                                      • Constrain response length (where supported).<\/li>\n
                                                                                      • Apply retrieval limits: fewer chunks, stricter similarity thresholds (where supported).<\/li>\n
                                                                                      • Use summaries for long documents rather than passing full text repeatedly.<\/li>\n
                                                                                      • Implement rate limits and quotas by user\/team.<\/li>\n
                                                                                      • Avoid logging full prompts\/responses unless required; log metadata instead.<\/li>\n<\/ul>\n\n\n\n
                                                                                        Example low-cost starter estimate (non-numeric, model-based)<\/h3>\n\n\n\n
                                                                                        A realistic \u201cstarter\u201d environment typically includes:\n– A small Object Storage bucket (tens to hundreds of MB of documents)\n– A single agent used by a small team\n– Limited daily request volume\n– Conservative max output length\n– Logging configured for metadata, with short retention<\/p>\n\n\n\n
                                                                                        Your cost will mainly be driven by inference tokens<\/strong> and any embedding\/indexing<\/strong>. Use Oracle\u2019s pricing pages to plug in token volumes and expected traffic.<\/p>\n\n\n\n
                                                                                        Example production cost considerations<\/h3>\n\n\n\n
                                                                                        For production, plan for:\n– Separate dev\/test\/prod environments (each with usage)\n– Higher concurrency and peak-hour scaling\n– More documents and frequent updates\n– Stronger models for complex workflows\n– Monitoring, alerting, longer log retention, and audit review processes<\/p>\n\n\n\n
                                                                                        Official pricing resources (start here)<\/h3>\n\n\n\n
                                                                                          \n
                                                                                        • Oracle Cloud pricing overview: https:\/\/www.oracle.com\/cloud\/pricing\/<\/li>\n
                                                                                        • OCI cost estimator: https:\/\/www.oracle.com\/cloud\/costestimator.html<\/li>\n
                                                                                        • Oracle Cloud Free Tier: https:\/\/www.oracle.com\/cloud\/free\/<\/li>\n
                                                                                        • OCI documentation landing page (use this to navigate to Generative AI Agents pricing references): https:\/\/docs.oracle.com\/en-us\/iaas\/<\/li>\n<\/ul>\n\n\n\n
                                                                                          Tip<\/strong>: In practice, Oracle\u2019s AI pricing is often listed under AI\/ML or Generative AI sections on the price list. Use the pricing pages to locate the exact SKUs for your model\/provider and region.<\/p>\n\n\n\n
                                                                                          \n\n\n\n
                                                                                          10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n
                                                                                          This lab focuses on a low-risk, beginner-friendly deployment pattern: create a small knowledge set in Object Storage and configure a Generative AI Agents assistant to answer questions grounded in those documents<\/strong>.<\/p>\n\n\n\n
                                                                                          Because OCI consoles and AI features can change, follow the official Generative AI Agents \u201cGetting Started\u201d guide in parallel<\/strong> and adjust any menu names accordingly.<\/p>\n\n\n\n
                                                                                          Objective<\/h3>\n\n\n\n
                                                                                          Create a Generative AI Agents<\/strong> assistant in Oracle Cloud<\/strong> that answers questions about a small set of internal policy documents stored in OCI Object Storage<\/strong>, and validate that the agent refuses or defers when the answer is not present in the documents.<\/p>\n\n\n\n
                                                                                          Lab Overview<\/h3>\n\n\n\n
                                                                                          You will:\n1. Create a dedicated OCI compartment for the lab.\n2. Create an Object Storage bucket and upload a couple of small text\/markdown documents.\n3. Configure Generative AI Agents to use those documents as a knowledge source (grounding).\n4. Test the agent in the console (or the official testing tool provided by Oracle).\n5. Validate grounding behavior with positive and negative queries.\n6. Clean up all created resources.<\/p>\n\n\n\n
                                                                                          Step 1: Create a dedicated compartment (recommended)<\/h3>\n\n\n\n
                                                                                          Goal<\/strong>: isolate resources for easy cleanup and clearer IAM boundaries.<\/p>\n\n\n\n
                                                                                            \n
                                                                                          1. In the OCI Console, open the navigation menu.<\/li>\n
                                                                                          2. Go to Identity & Security \u2192 Compartments<\/strong>.<\/li>\n
                                                                                          3. Click Create Compartment<\/strong>.<\/li>\n
                                                                                          4. Use:\n   – Name: genai-agents-lab<\/code>\n   – Description: Lab resources for Generative AI Agents tutorial<\/code><\/li>\n
                                                                                          5. Click Create Compartment<\/strong>.<\/li>\n<\/ol>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– A new compartment genai-agents-lab<\/code> exists and is selectable throughout the console.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– Select the compartment in the top-left compartment selector and confirm it appears.<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 2: Ensure you have permissions<\/h3>\n\n\n\n
                                                                                            Goal<\/strong>: ensure your user can create Object Storage resources and Generative AI Agents resources.<\/p>\n\n\n\n
                                                                                            For a beginner lab:\n– Use a tenancy admin account, or\n– Use an account that already has \u201cmanage all resources\u201d permissions in the genai-agents-lab<\/code> compartment.<\/p>\n\n\n\n
                                                                                            Expected outcome<\/strong>\n– You can create buckets and access Generative AI Agents pages without authorization errors.<\/p>\n\n\n\n
                                                                                            Verification<\/strong>\n– Try navigating to Object Storage (next step). If you see authorization errors, stop and fix IAM.<\/p>\n\n\n\n
                                                                                            Notes for production<\/strong>\n– Do not use broad admin permissions in production.\n– Use Oracle\u2019s official IAM policy examples for Generative AI Agents to implement least privilege.<\/p>\n\n\n\n
                                                                                            \n\n\n\n
                                                                                            Step 3: Create an Object Storage bucket<\/h3>\n\n\n\n
                                                                                            Goal<\/strong>: store the documents your agent will use for grounding.<\/p>\n\n\n\n
                                                                                              \n
                                                                                            1. Go to Storage \u2192 Object Storage & Archive Storage \u2192 Buckets<\/strong>.<\/li>\n
                                                                                            2. Select compartment: genai-agents-lab<\/code>.<\/li>\n
                                                                                            3. Click Create Bucket<\/strong>.<\/li>\n
                                                                                            4. Configure:\n   – Bucket name: genai-agents-knowledge<\/code>\n   – Default storage tier: Standard\n   – Encryption: Oracle-managed keys (default) unless you require customer-managed keys<\/li>\n
                                                                                            5. Click Create<\/strong>.<\/li>\n<\/ol>\n\n\n\n
                                                                                              Expected outcome<\/strong>\n– Bucket genai-agents-knowledge<\/code> is created.<\/p>\n\n\n\n
                                                                                              Verification<\/strong>\n– Open the bucket and confirm it shows an empty object list.<\/p>\n\n\n\n
                                                                                              \n\n\n\n
                                                                                              Step 4: Create sample documents and upload them<\/h3>\n\n\n\n
                                                                                              Goal<\/strong>: provide a small but realistic knowledge set.<\/p>\n\n\n\n
                                                                                              Create two local files on your workstation:<\/p>\n\n\n\n
                                                                                              leave-policy.md<\/code><\/p>\n\n\n\n
                                                                                              # Leave Policy (Sample)\n\nEmployees receive 20 days of paid time off (PTO) per calendar year.\nUp to 5 unused PTO days may be carried over into the next year.\nSick leave is separate from PTO and provides 10 days per year.\n\nFor HR questions, contact hr@example.com.\n<\/code><\/pre>\n\n\n\n
                                                                                              vpn-troubleshooting.md<\/code><\/p>\n\n\n\n
                                                                                              # VPN Troubleshooting (Sample)\n\nIf VPN login fails:\n1. Confirm your MFA is enabled.\n2. Verify your password was changed within the last 90 days.\n3. If you see \"certificate expired\", reinstall the VPN client and re-download the profile.\n4. If the error persists, open an IT ticket with the full error text and timestamp.\n\nEscalation: On-call network engineer after 30 minutes of outage impact.\n<\/code><\/pre>\n\n\n\n
                                                                                              Upload via console:\n1. Open your bucket genai-agents-knowledge<\/code>.\n2. Click Upload<\/strong>.\n3. Upload both leave-policy.md<\/code> and vpn-troubleshooting.md<\/code>.<\/p>\n\n\n\n
                                                                                              Expected outcome<\/strong>\n– Two objects appear in the bucket.<\/p>\n\n\n\n
                                                                                              Verification<\/strong>\n– Click each object and confirm size and content preview (if available).<\/p>\n\n\n\n
                                                                                              Optional: upload via OCI CLI<\/strong>\nIf you prefer CLI (and you have OCI CLI configured), use:<\/p>\n\n\n\n
                                                                                              # Verify your CLI is configured\noci os ns get\n\n# Create the bucket (if you didn't do it in console)\noci os bucket create --name genai-agents-knowledge --compartment-id <your_compartment_ocid>\n\n# Upload files\noci os object put --bucket-name genai-agents-knowledge --file leave-policy.md\noci os object put --bucket-name genai-agents-knowledge --file vpn-troubleshooting.md\n<\/code><\/pre>\n\n\n\n
                                                                                              If you use CLI, you must supply your compartment OCID; get it from the compartment details page.<\/p>\n\n\n\n
                                                                                              \n\n\n\n
                                                                                              Step 5: Create\/configure a Generative AI Agents assistant<\/h3>\n\n\n\n
                                                                                              Goal<\/strong>: create an agent that is instructed to answer only from the uploaded docs.<\/p>\n\n\n\n
                                                                                                \n
                                                                                              1. Navigate to Analytics and AI \u2192 Generative AI Agents<\/strong> (exact menu path may vary\u2014verify in your console).<\/li>\n
                                                                                              2. Select compartment: genai-agents-lab<\/code>.<\/li>\n
                                                                                              3. Click Create<\/strong> (agent).<\/li>\n
                                                                                              4. Configure the agent with:\n   – Name: policy-helper-agent<\/code>\n   – Instructions (system prompt style):
                                                                                                  \n
                                                                                                • \u201cYou are an internal assistant. Answer questions using only the provided knowledge sources. If the answer is not in the documents, say you don\u2019t know and suggest who to contact.\u201d<\/li>\n<\/ul>\n<\/li>\n
                                                                                                • Configure the knowledge source:\n   – Choose Object Storage bucket genai-agents-knowledge<\/code>\n   – Select the objects (or the bucket\/prefix) containing the documents<\/li>\n
                                                                                                • \n
                                                                                                  Choose a model (if prompted):\n   – Select an OCI-supported model available in your region.\n   – Prefer a smaller\/cheaper model for the lab if quality is acceptable.<\/p>\n<\/li>\n
                                                                                                • \n
                                                                                                  Create the agent.<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                  Expected outcome<\/strong>\n– The agent policy-helper-agent<\/code> exists and shows as \u201cActive\/Ready\u201d (terminology varies).<\/p>\n\n\n\n
                                                                                                  Verification<\/strong>\n– Open the agent details page and confirm:\n  – Instructions are saved\n  – Knowledge source references your bucket\/documents\n  – Status indicates it can be tested<\/p>\n\n\n\n
                                                                                                  Important note<\/strong>\n– Some services require an indexing\/ingestion step before the knowledge is searchable. If you see an \u201cingestion\u201d or \u201csync\u201d workflow, run it and wait for completion.<\/p>\n\n\n\n
                                                                                                  \n\n\n\n
                                                                                                  Step 6: Test the agent in the console<\/h3>\n\n\n\n
                                                                                                  Goal<\/strong>: verify grounded answers and \u201cdon\u2019t know\u201d behavior.<\/p>\n\n\n\n
                                                                                                  Use the built-in test\/chat interface for the agent (naming varies: \u201cPlayground\u201d, \u201cChat\u201d, \u201cTest\u201d, etc.).<\/p>\n\n\n\n
                                                                                                  Run these prompts:<\/p>\n\n\n\n
                                                                                                    \n
                                                                                                  1. \n
                                                                                                    Grounded question (should answer from doc):\n   – Prompt: How many PTO days do employees get per year?<\/code>\n   – Expected: 20 days<\/code> (or equivalent wording)<\/p>\n<\/li>\n
                                                                                                  2. \n
                                                                                                    Carryover question:\n   – Prompt: How many PTO days can I carry over?<\/code>\n   – Expected: Up to 5 days<\/code><\/p>\n<\/li>\n
                                                                                                  3. \n
                                                                                                    VPN runbook question:\n   – Prompt: What should I do if VPN login fails with a certificate expired error?<\/code>\n   – Expected: reinstall VPN client and re-download profile (from doc)<\/p>\n<\/li>\n
                                                                                                  4. \n
                                                                                                    Negative test (not in docs):\n   – Prompt: What is the company\u2019s parental leave policy?<\/code>\n   – Expected: agent should say it does not know based on provided documents and suggest contacting HR (as instructed)<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                    Expected outcome<\/strong>\n– The agent answers correctly for the first three prompts.\n– For the fourth, it refuses to invent a policy and follows the \u201conly from docs\u201d instruction.<\/p>\n\n\n\n
                                                                                                    \n\n\n\n
                                                                                                    Step 7: Add an operational wrapper (recommended pattern)<\/h3>\n\n\n\n
                                                                                                    Goal<\/strong>: avoid direct end-user access to the agent service and implement governance.<\/p>\n\n\n\n
                                                                                                    Even if you don\u2019t build it fully in this lab, understand the recommended production approach:\n– Put a backend service in front of the agent\n– Authenticate users (SSO\/OIDC)\n– Enforce rate limits and record audits\n– Optionally implement per-user entitlements (who can ask what)<\/p>\n\n\n\n
                                                                                                    Expected outcome<\/strong>\n– Clear next step for production hardening.<\/p>\n\n\n\n
                                                                                                    Verification<\/strong>\n– Document your chosen access pattern (API Gateway + Function\/OKE service) for later implementation.<\/p>\n\n\n\n
                                                                                                    \n\n\n\n
                                                                                                    Validation<\/h3>\n\n\n\n
                                                                                                    Use this checklist:<\/p>\n\n\n\n
                                                                                                    \n\n\n\n\n\n\n\n\n
                                                                                                    Check<\/th>\nHow to validate<\/th>\nPass criteria<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                    Agent exists<\/td>\nAgent details page<\/td>\nStatus indicates ready<\/td>\n<\/tr>\n
                                                                                                    Knowledge connected<\/td>\nAgent knowledge settings<\/td>\nShows Object Storage source and docs<\/td>\n<\/tr>\n
                                                                                                    Grounded Q&A works<\/td>\nAsk PTO\/VPN questions<\/td>\nAnswers match docs<\/td>\n<\/tr>\n
                                                                                                    Hallucination resistance<\/td>\nAsk unknown policy<\/td>\nAgent says it doesn\u2019t know<\/td>\n<\/tr>\n
                                                                                                    Cost awareness<\/td>\nReview usage\/metrics (if exposed)<\/td>\nNo unexpected high usage<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                    \n\n\n\n
                                                                                                    Troubleshooting<\/h3>\n\n\n\n
                                                                                                    Problem: \u201cNot authorized\u201d when creating agent or bucket<\/strong>\n– Cause: IAM policy missing or wrong compartment selected.\n– Fix: use a tenancy admin for the lab, or apply correct policies per official docs.<\/p>\n\n\n\n
                                                                                                    Problem: Agent can\u2019t find answers that are in the docs<\/strong>\n– Causes:\n  – Ingestion\/indexing not complete\n  – Document format not supported\n  – Very small docs sometimes chunk oddly; try adding more context\n– Fixes:\n  – Re-run ingestion\/sync\n  – Convert to a supported format (txt\/markdown is typically simplest)\n  – Expand the doc and use clearer headings<\/p>\n\n\n\n
                                                                                                    Problem: Agent answers beyond the docs<\/strong>\n– Causes:\n  – Instructions not strict enough\n  – Service may not support strict \u201cknowledge-only\u201d enforcement in all modes\n– Fixes:\n  – Strengthen system instructions: \u201cIf not explicitly present, say \u2018I don\u2019t know\u2019.\u201d\n  – Add evaluation tests and human review for production\n  – Check whether there are \u201cgrounding required\u201d options (verify in docs)<\/p>\n\n\n\n
                                                                                                    Problem: High latency<\/strong>\n– Causes:\n  – Large context retrieval\n  – Larger model\n  – Regional load\n– Fixes:\n  – Use a smaller model\n  – Reduce retrieved snippets\/chunks (if configurable)\n  – Keep your app and documents in the same region<\/p>\n\n\n\n
                                                                                                    \n\n\n\n
                                                                                                    Cleanup<\/h3>\n\n\n\n
                                                                                                    To avoid ongoing charges, delete resources:<\/p>\n\n\n\n
                                                                                                      \n
                                                                                                    1. Delete the Generative AI Agents<\/strong> agent policy-helper-agent<\/code>.<\/li>\n
                                                                                                    2. Delete the Object Storage objects in genai-agents-knowledge<\/code>.<\/li>\n
                                                                                                    3. Delete the bucket genai-agents-knowledge<\/code>.<\/li>\n
                                                                                                    4. (Optional) Delete the compartment genai-agents-lab<\/code> (only if it contains nothing else).<\/li>\n<\/ol>\n\n\n\n
                                                                                                      Verification<\/strong>\n– Confirm the bucket no longer exists.\n– Confirm the agent is deleted.\n– Review billing\/usage dashboards after some time to ensure no ongoing usage.<\/p>\n\n\n\n
                                                                                                      \n\n\n\n
                                                                                                      11. Best Practices<\/h2>\n\n\n\n
                                                                                                      Architecture best practices<\/h3>\n\n\n\n
                                                                                                        \n
                                                                                                      • Use API Gateway + backend<\/strong> in front of Generative AI Agents for production.<\/li>\n
                                                                                                      • Keep data sources and agent endpoints in the same OCI region<\/strong> when possible.<\/li>\n
                                                                                                      • Implement RAG<\/strong> with curated documents rather than letting the LLM answer from general knowledge for policy-critical use cases.<\/li>\n
                                                                                                      • Maintain a documented lifecycle: dev \u2192 test \u2192 prod, with gated promotion.<\/li>\n<\/ul>\n\n\n\n
                                                                                                        IAM\/security best practices<\/h3>\n\n\n\n
                                                                                                          \n
                                                                                                        • Use compartments<\/strong> to separate environments and teams.<\/li>\n
                                                                                                        • Implement least privilege:<\/li>\n
                                                                                                        • Admins can create\/update agents and knowledge sources<\/li>\n
                                                                                                        • Applications can invoke runtime endpoints<\/li>\n
                                                                                                        • Users only interact through your app, not directly to service APIs<\/li>\n
                                                                                                        • Prefer instance principals<\/strong> \/ resource principals<\/strong> over user API keys.<\/li>\n<\/ul>\n\n\n\n
                                                                                                          Cost best practices<\/h3>\n\n\n\n
                                                                                                            \n
                                                                                                          • Start with smaller models for basic Q&A upgrade only when quality requires it.<\/li>\n
                                                                                                          • Set response limits and retrieval constraints (where supported).<\/li>\n
                                                                                                          • Avoid logging full prompt\/response bodies unless necessary.<\/li>\n
                                                                                                          • Tag every resource with Environment<\/code>, Owner<\/code>, CostCenter<\/code>, Project<\/code>.<\/li>\n<\/ul>\n\n\n\n
                                                                                                            Performance best practices<\/h3>\n\n\n\n
                                                                                                              \n
                                                                                                            • Keep documents clean and well-structured (headings, short sections).<\/li>\n
                                                                                                            • Avoid huge \u201cmega documents\u201d; split into topic-based files.<\/li>\n
                                                                                                            • Cache frequent questions and responses in your app layer where allowed.<\/li>\n<\/ul>\n\n\n\n
                                                                                                              Reliability best practices<\/h3>\n\n\n\n
                                                                                                                \n
                                                                                                              • Implement retries with backoff for transient errors (in your backend).<\/li>\n
                                                                                                              • Use circuit breakers to protect upstream systems.<\/li>\n
                                                                                                              • Provide fallback behaviors: show \u201cI can\u2019t answer right now\u201d with escalation links.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                Operations best practices<\/h3>\n\n\n\n
                                                                                                                  \n
                                                                                                                • Define SLOs (latency, error rate) and set alarms.<\/li>\n
                                                                                                                • Capture request IDs and correlate logs across API Gateway \u2192 backend \u2192 agent calls.<\/li>\n
                                                                                                                • Review changes to agent instructions\/knowledge as a controlled change process.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                  Governance\/tagging\/naming best practices<\/h3>\n\n\n\n
                                                                                                                    \n
                                                                                                                  • Use consistent naming:<\/li>\n
                                                                                                                  • genai-agents-<env>-<purpose><\/code><\/li>\n
                                                                                                                  • Apply tag defaults at compartment level (where your governance model supports it).<\/li>\n
                                                                                                                  • Maintain an inventory of agents, owners, and allowed data sources.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                    \n\n\n\n
                                                                                                                    12. Security Considerations<\/h2>\n\n\n\n
                                                                                                                    Identity and access model<\/h3>\n\n\n\n
                                                                                                                      \n
                                                                                                                    • OCI IAM governs who can:<\/li>\n
                                                                                                                    • Create\/update\/delete agents<\/li>\n
                                                                                                                    • Manage knowledge sources<\/li>\n
                                                                                                                    • Invoke agent runtime APIs (if exposed)<\/li>\n
                                                                                                                    • Production recommendation:<\/li>\n
                                                                                                                    • Users authenticate to your app via SSO<\/li>\n
                                                                                                                    • Only your backend calls the agent service using workload identity<\/li>\n<\/ul>\n\n\n\n
                                                                                                                      Encryption<\/h3>\n\n\n\n
                                                                                                                        \n
                                                                                                                      • Use OCI default encryption at rest for Object Storage.<\/li>\n
                                                                                                                      • If required, use customer-managed keys<\/strong> via OCI Vault (verify support for every resource type you use).<\/li>\n
                                                                                                                      • Ensure TLS is used in transit (standard for OCI service endpoints).<\/li>\n<\/ul>\n\n\n\n
                                                                                                                        Network exposure<\/h3>\n\n\n\n
                                                                                                                          \n
                                                                                                                        • Avoid direct public client access to agent endpoints.<\/li>\n
                                                                                                                        • Use API Gateway and private app tiers.<\/li>\n
                                                                                                                        • Restrict egress paths for workloads making service calls.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                          Secrets handling<\/h3>\n\n\n\n
                                                                                                                            \n
                                                                                                                          • Store secrets in OCI Vault<\/strong>, not in code or environment variables in plaintext.<\/li>\n
                                                                                                                          • Rotate secrets and keys.<\/li>\n
                                                                                                                          • Prefer identity-based auth (principals) instead of static secrets.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                            Audit\/logging<\/h3>\n\n\n\n
                                                                                                                              \n
                                                                                                                            • Enable and review OCI Audit<\/strong> for administrative actions.<\/li>\n
                                                                                                                            • Configure Logging retention to meet policy but avoid retaining sensitive content longer than necessary.<\/li>\n
                                                                                                                            • Decide whether prompt\/response bodies are logged. If you must log them, apply redaction\/tokenization upstream.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                              Compliance considerations<\/h3>\n\n\n\n
                                                                                                                                \n
                                                                                                                              • Data privacy: do not upload sensitive regulated data unless you have validated Oracle\u2019s service terms, region processing, and your compliance obligations.<\/li>\n
                                                                                                                              • Data residency: keep documents and processing in compliant regions.<\/li>\n
                                                                                                                              • Model risk management: establish testing, monitoring, and human oversight for high-impact decisions.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                Common security mistakes<\/h3>\n\n\n\n
                                                                                                                                  \n
                                                                                                                                • Letting end users call agent APIs directly with broad credentials<\/li>\n
                                                                                                                                • Overly permissive IAM policies in production<\/li>\n
                                                                                                                                • Uploading secrets (passwords, API keys) into knowledge documents<\/li>\n
                                                                                                                                • Logging raw prompts\/responses containing sensitive data<\/li>\n
                                                                                                                                • Treating LLM outputs as authoritative without verification<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                  Secure deployment recommendations<\/h3>\n\n\n\n
                                                                                                                                    \n
                                                                                                                                  • \u201cTrust-but-verify\u201d outputs: require citations or references for policy-critical answers (if supported).<\/li>\n
                                                                                                                                  • Human-in-the-loop for external communications or high-risk workflows.<\/li>\n
                                                                                                                                  • Continuous evaluation: regression tests for new documents and instruction changes.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                    \n\n\n\n
                                                                                                                                    13. Limitations and Gotchas<\/h2>\n\n\n\n
                                                                                                                                    Because this service evolves, verify current limits in Oracle\u2019s official docs<\/strong>. Common limitations to plan for:<\/p>\n\n\n\n
                                                                                                                                    Known limitations (typical)<\/h3>\n\n\n\n
                                                                                                                                      \n
                                                                                                                                    • Region availability<\/strong>: not all regions support the service or all models.<\/li>\n
                                                                                                                                    • Model availability<\/strong>: model families vary by region and may change.<\/li>\n
                                                                                                                                    • Context window limits<\/strong>: long conversations can exceed context size.<\/li>\n
                                                                                                                                    • Document format constraints<\/strong>: some file types may not parse well.<\/li>\n
                                                                                                                                    • Strict grounding is hard<\/strong>: instruction-only controls can fail; you must test.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                      Quotas<\/h3>\n\n\n\n
                                                                                                                                        \n
                                                                                                                                      • Requests per minute \/ concurrency<\/li>\n
                                                                                                                                      • Maximum knowledge items or total size<\/li>\n
                                                                                                                                      • Maximum response length<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                        Regional constraints<\/h3>\n\n\n\n
                                                                                                                                          \n
                                                                                                                                        • Data residency requirements may force single-region deployment.<\/li>\n
                                                                                                                                        • Cross-region calls can introduce latency and egress cost.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                          Pricing surprises<\/h3>\n\n\n\n
                                                                                                                                            \n
                                                                                                                                          • Token usage grows quickly with long prompts, large retrieved contexts, and verbose answers.<\/li>\n
                                                                                                                                          • Re-indexing\/ingestion can be a cost spike (if billed separately).<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                            Compatibility issues<\/h3>\n\n\n\n
                                                                                                                                              \n
                                                                                                                                            • Some enterprise documents require OCR or preprocessing.<\/li>\n
                                                                                                                                            • Tables and scanned PDFs can degrade retrieval quality.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                              Operational gotchas<\/h3>\n\n\n\n
                                                                                                                                                \n
                                                                                                                                              • Without an API wrapper, you may struggle to implement:<\/li>\n
                                                                                                                                              • per-user rate limits<\/li>\n
                                                                                                                                              • entitlements<\/li>\n
                                                                                                                                              • consistent logging and redaction<\/li>\n
                                                                                                                                              • Teams often forget to clean up test agents and indexing artifacts.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                Migration challenges<\/h3>\n\n\n\n
                                                                                                                                                  \n
                                                                                                                                                • If you move from a self-managed agent framework to Generative AI Agents:<\/li>\n
                                                                                                                                                • prompt\/instruction tuning will differ<\/li>\n
                                                                                                                                                • retrieval chunking and ranking may differ<\/li>\n
                                                                                                                                                • evaluations must be redone<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                  Vendor-specific nuances<\/h3>\n\n\n\n
                                                                                                                                                    \n
                                                                                                                                                  • OCI IAM and compartment design matters a lot for governance.<\/li>\n
                                                                                                                                                  • Observability depends on OCI Logging\/Audit configuration and service emission specifics.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                    \n\n\n\n
                                                                                                                                                    14. Comparison with Alternatives<\/h2>\n\n\n\n
                                                                                                                                                    Within Oracle Cloud (nearest options)<\/h3>\n\n\n\n
                                                                                                                                                      \n
                                                                                                                                                    • OCI Generative AI (foundation model inference)<\/strong>: Use directly if you want to build your own agent orchestration in code.<\/li>\n
                                                                                                                                                    • OCI Data Science<\/strong>: Better for custom ML training, notebooks, pipelines, and model ops (not specifically \u201cagent configuration\u201d).<\/li>\n
                                                                                                                                                    • Oracle Digital Assistant<\/strong>: A separate product area for conversational experiences; suitability depends on your needs and Oracle\u2019s current feature set (verify current positioning).<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                      In other clouds (nearest equivalents)<\/h3>\n\n\n\n
                                                                                                                                                        \n
                                                                                                                                                      • AWS: Amazon Bedrock Agents<\/li>\n
                                                                                                                                                      • Azure: Azure AI Agent Service \/ Azure OpenAI (agent patterns)<\/li>\n
                                                                                                                                                      • Google Cloud: Vertex AI Agent Builder \/ Vertex AI Extensions<\/li>\n
                                                                                                                                                      • OpenAI: Assistants API (platform-specific)<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                        Open-source \/ self-managed alternatives<\/h3>\n\n\n\n
                                                                                                                                                          \n
                                                                                                                                                        • LangChain \/ LlamaIndex + a vector DB (OpenSearch, pgvector, Milvus, etc.)<\/li>\n
                                                                                                                                                        • Self-hosted model serving (requires GPUs, MLOps, security hardening)<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                          Comparison table<\/h3>\n\n\n\n
                                                                                                                                                          \n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                                          Option<\/th>\nBest For<\/th>\nStrengths<\/th>\nWeaknesses<\/th>\nWhen to Choose<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                          Oracle Cloud Generative AI Agents<\/td>\nOCI-native managed agents with governance<\/td>\nManaged pattern, IAM\/compartments, integrates with OCI services<\/td>\nFeature set and connectors vary by region; less runtime control than DIY<\/td>\nYou want managed agents in OCI with strong governance and simpler ops<\/td>\n<\/tr>\n
                                                                                                                                                          OCI Generative AI (direct model API)<\/td>\nCustom agent frameworks<\/td>\nMaximum flexibility in orchestration<\/td>\nYou build\/operate orchestration, retrieval, evals<\/td>\nYou need bespoke workflows or tool routing beyond managed agents<\/td>\n<\/tr>\n
                                                                                                                                                          OCI Data Science<\/td>\nML engineering lifecycle<\/td>\nNotebooks, pipelines, model ops<\/td>\nMore work to build \u201cagent product\u201d experiences<\/td>\nYou need custom ML + operations rather than managed assistants<\/td>\n<\/tr>\n
                                                                                                                                                          AWS Bedrock Agents<\/td>\nAWS-native agent solutions<\/td>\nTight AWS integration<\/td>\nNot OCI; different IAM\/networking<\/td>\nYour platform is AWS-first<\/td>\n<\/tr>\n
                                                                                                                                                          Azure AI agent offerings<\/td>\nMicrosoft ecosystem<\/td>\nIntegration with Microsoft stack<\/td>\nNot OCI; costs and governance differ<\/td>\nYou\u2019re standardized on Azure\/Microsoft tooling<\/td>\n<\/tr>\n
                                                                                                                                                          Google Vertex AI Agent Builder<\/td>\nGoogle-native agent solutions<\/td>\nIntegration with GCP<\/td>\nNot OCI<\/td>\nGCP-first organizations<\/td>\n<\/tr>\n
                                                                                                                                                          Self-managed (LangChain + vector DB)<\/td>\nMaximum control, portability<\/td>\nFull customization, vendor portability<\/td>\nHigher ops burden, security risks if done poorly<\/td>\nYou need portability or features not offered by managed services<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                          \n\n\n\n
                                                                                                                                                          15. Real-World Example<\/h2>\n\n\n\n
                                                                                                                                                          Enterprise example: Global manufacturing internal SOP assistant<\/h3>\n\n\n\n
                                                                                                                                                            \n
                                                                                                                                                          • Problem<\/strong><\/li>\n
                                                                                                                                                          • Thousands of pages of maintenance SOPs and safety procedures.<\/li>\n
                                                                                                                                                          • Engineers waste time searching and sometimes follow outdated steps.<\/li>\n
                                                                                                                                                          • Proposed architecture<\/strong><\/li>\n
                                                                                                                                                          • Documents stored in OCI Object Storage<\/strong> with versioning.<\/li>\n
                                                                                                                                                          • A controlled ingestion process that updates the agent\u2019s knowledge source.<\/li>\n
                                                                                                                                                          • API Gateway<\/strong> + an internal web portal for authenticated access.<\/li>\n
                                                                                                                                                          • Generative AI Agents<\/strong> configured to answer only from approved SOP docs.<\/li>\n
                                                                                                                                                          • OCI Logging\/Audit<\/strong> enabled; dashboards for usage and error rate.<\/li>\n
                                                                                                                                                          • Why this service was chosen<\/strong><\/li>\n
                                                                                                                                                          • OCI governance and compartment isolation fits enterprise controls.<\/li>\n
                                                                                                                                                          • Managed agent approach reduces custom platform work.<\/li>\n
                                                                                                                                                          • Expected outcomes<\/strong><\/li>\n
                                                                                                                                                          • Reduced mean time to find procedures.<\/li>\n
                                                                                                                                                          • Fewer errors from outdated runbooks.<\/li>\n
                                                                                                                                                          • Better auditability of access and configuration changes.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                            Startup\/small-team example: SaaS product documentation assistant<\/h3>\n\n\n\n
                                                                                                                                                              \n
                                                                                                                                                            • Problem<\/strong><\/li>\n
                                                                                                                                                            • Small team gets repetitive technical questions about product setup.<\/li>\n
                                                                                                                                                            • Proposed architecture<\/strong><\/li>\n
                                                                                                                                                            • Product docs and changelogs stored in Object Storage.<\/li>\n
                                                                                                                                                            • A small backend service on OCI Compute\/Functions.<\/li>\n
                                                                                                                                                            • Backend calls Generative AI Agents<\/strong> for responses and applies rate limits.<\/li>\n
                                                                                                                                                            • Why this service was chosen<\/strong><\/li>\n
                                                                                                                                                            • Faster implementation than building full RAG + orchestration from scratch.<\/li>\n
                                                                                                                                                            • Usage-based cost model fits variable demand.<\/li>\n
                                                                                                                                                            • Expected outcomes<\/strong><\/li>\n
                                                                                                                                                            • Faster support responses and fewer interruptions to engineering.<\/li>\n
                                                                                                                                                            • Ability to scale support without hiring proportionally.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                              \n\n\n\n
                                                                                                                                                              16. FAQ<\/h2>\n\n\n\n
                                                                                                                                                              1) Is \u201cGenerative AI Agents\u201d a separate service from OCI Generative AI?<\/strong>\nIt can be presented either as a standalone service or as a capability within OCI\u2019s broader Generative AI offerings. Verify the current product structure and console navigation in official docs for your region.<\/strong><\/p>\n\n\n\n
                                                                                                                                                              2) Do I need to train a model to use Generative AI Agents?<\/strong>\nTypically, no. Agent solutions usually rely on existing foundation models and focus on configuration plus grounding with your knowledge. If you need custom training, look at OCI Data Science and related services.<\/p>\n\n\n\n
                                                                                                                                                              3) How does grounding reduce hallucinations?<\/strong>\nGrounding (RAG) provides relevant source text as context to the model. It reduces the need for the model to \u201cguess,\u201d but it does not guarantee perfect accuracy. You still need evaluation and guardrails.<\/p>\n\n\n\n
                                                                                                                                                              4) Can I force the agent to answer only from my documents?<\/strong>\nYou can strongly instruct it to do so and configure knowledge grounding. Whether \u201cstrict\u201d grounding enforcement is available depends on the service capabilities\u2014verify in official docs<\/strong>\u2014and you must test thoroughly.<\/p>\n\n\n\n
                                                                                                                                                              5) Where should I store documents for an agent?<\/strong>\nA common OCI-native approach is Object Storage<\/strong> for documents plus optional databases for metadata and entitlements. Choose based on data type, update frequency, and governance needs.<\/p>\n\n\n\n
                                                                                                                                                              6) Can I use private networking (VCN-only) to access the service?<\/strong>\nSome OCI services support private endpoints; many AI services use regional public endpoints. Verify whether Generative AI Agents supports private endpoints<\/strong> in your region, and design accordingly.<\/p>\n\n\n\n
                                                                                                                                                              7) How do I authenticate from my application?<\/strong>\nPrefer OCI workload identity (instance principals\/resource principals) when running on OCI. Avoid embedding user API keys in code.<\/p>\n\n\n\n
                                                                                                                                                              8) What are the main cost drivers?<\/strong>\nTokens (input\/output), retrieval\/embedding\/indexing (if billed), Object Storage, and logging. High chat volume and long contexts increase costs quickly.<\/p>\n\n\n\n
                                                                                                                                                              9) Should I log prompts and responses?<\/strong>\nOnly if required. Logs can contain sensitive data. Prefer logging metadata (request IDs, latency, error codes) and apply redaction if you must log content.<\/p>\n\n\n\n
                                                                                                                                                              10) How do I prevent sensitive data from entering the model context?<\/strong>\nApply upstream controls: data classification, redaction, and entitlements. Never put secrets into knowledge documents. Consider adding DLP scanning in your ingestion pipeline.<\/p>\n\n\n\n
                                                                                                                                                              11) Can I integrate this with ticketing systems or workflows?<\/strong>\nYes, typically via your application layer (Functions\/OKE\/Compute) and integrations (Oracle Integration Cloud or custom). The agent service itself may not directly connect to every tool\u2014verify supported integrations<\/strong>.<\/p>\n\n\n\n
                                                                                                                                                              12) How do I evaluate quality before production?<\/strong>\nCreate a test set of questions with expected answers, run regression tests on every knowledge update and instruction change, and measure accuracy, refusals, and unsafe outputs.<\/p>\n\n\n\n
                                                                                                                                                              13) What happens if my document changes?<\/strong>\nYou generally need a re-ingestion\/sync\/index update so retrieval uses the latest content. Exact workflow depends on service features\u2014verify in docs<\/strong>.<\/p>\n\n\n\n
                                                                                                                                                              14) Is Generative AI Agents suitable for customer-facing chatbots?<\/strong>\nIt can be, but customer-facing use raises security, privacy, and brand risk. Use strict governance, safe defaults, human escalation, and consider human-in-the-loop for sensitive interactions.<\/p>\n\n\n\n
                                                                                                                                                              15) What\u2019s the best first project?<\/strong>\nStart with an internal, low-risk assistant: HR policy Q&A, engineering docs helper, or IT runbook assistant. Keep documents small and curated, then expand.<\/p>\n\n\n\n
                                                                                                                                                              \n\n\n\n
                                                                                                                                                              17. Top Online Resources to Learn Generative AI Agents<\/h2>\n\n\n\n
                                                                                                                                                              Use Oracle\u2019s official docs as your primary source of truth.<\/p>\n\n\n\n
                                                                                                                                                              \n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                                              Resource Type<\/th>\nName<\/th>\nWhy It Is Useful<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                              Official documentation<\/td>\nOCI Documentation (landing) \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/<\/td>\nStarting point to navigate to Generative AI Agents docs, IAM, limits, APIs<\/td>\n<\/tr>\n
                                                                                                                                                              Official documentation<\/td>\nOCI CLI install \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/SDKDocs\/cliinstall.htm<\/td>\nHelps you automate uploads and deployments<\/td>\n<\/tr>\n
                                                                                                                                                              Official pricing<\/td>\nOracle Cloud Pricing \u2013 https:\/\/www.oracle.com\/cloud\/pricing\/<\/td>\nOfficial pricing entry point<\/td>\n<\/tr>\n
                                                                                                                                                              Official cost tool<\/td>\nOCI Cost Estimator \u2013 https:\/\/www.oracle.com\/cloud\/costestimator.html<\/td>\nEstimate usage-based costs without guessing<\/td>\n<\/tr>\n
                                                                                                                                                              Free tier<\/td>\nOracle Cloud Free Tier \u2013 https:\/\/www.oracle.com\/cloud\/free\/<\/td>\nCheck if any credits\/free usage apply<\/td>\n<\/tr>\n
                                                                                                                                                              Architecture references<\/td>\nOracle Architecture Center \u2013 https:\/\/www.oracle.com\/cloud\/architecture-center\/<\/td>\nReference architectures for OCI patterns (API Gateway, Functions, security)<\/td>\n<\/tr>\n
                                                                                                                                                              Observability docs<\/td>\nOCI Logging \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Logging\/home.htm<\/td>\nConfigure logs and retention<\/td>\n<\/tr>\n
                                                                                                                                                              Governance docs<\/td>\nOCI Audit \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Audit\/home.htm<\/td>\nTrack administrative actions and changes<\/td>\n<\/tr>\n
                                                                                                                                                              Security docs<\/td>\nOCI IAM \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Identity\/home.htm<\/td>\nPolicies, compartments, groups, authentication patterns<\/td>\n<\/tr>\n
                                                                                                                                                              Storage docs<\/td>\nOCI Object Storage \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Object\/home.htm<\/td>\nDocument storage patterns and lifecycle management<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                              Note<\/strong>: The exact Generative AI Agents documentation URL path can change; use the OCI documentation landing page search for \u201cGenerative AI Agents\u201d.<\/p>\n\n\n\n
                                                                                                                                                              \n\n\n\n
                                                                                                                                                              18. Training and Certification Providers<\/h2>\n\n\n\n
                                                                                                                                                              The following training providers are listed as requested. Availability, course depth, and delivery modes can change\u2014check each website for current offerings.<\/p>\n\n\n\n
                                                                                                                                                              \n\n\n\n\n\n\n\n\n
                                                                                                                                                              Institute<\/th>\nSuitable Audience<\/th>\nLikely Learning Focus<\/th>\nMode<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                              DevOpsSchool.com<\/td>\nEngineers, DevOps, platform teams<\/td>\nDevOps\/cloud fundamentals, CI\/CD, operations patterns (check OCI-specific coverage)<\/td>\nCheck website<\/td>\nhttps:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                                              ScmGalaxy.com<\/td>\nBeginners to intermediate<\/td>\nDevOps tooling and SCM practices<\/td>\nCheck website<\/td>\nhttps:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n
                                                                                                                                                              CLoudOpsNow.in<\/td>\nCloud\/ops practitioners<\/td>\nCloud operations and operational readiness<\/td>\nCheck website<\/td>\nhttps:\/\/cloudopsnow.in\/<\/td>\n<\/tr>\n
                                                                                                                                                              SreSchool.com<\/td>\nSREs, ops teams<\/td>\nReliability engineering, SLOs, incident management<\/td>\nCheck website<\/td>\nhttps:\/\/sreschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                                              AiOpsSchool.com<\/td>\nOps + AI practitioners<\/td>\nAIOps concepts, monitoring automation, AI in operations<\/td>\nCheck website<\/td>\nhttps:\/\/aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                              \n\n\n\n
                                                                                                                                                              19. Top Trainers<\/h2>\n\n\n\n
                                                                                                                                                              These sites are provided as training resources\/platforms as requested. Verify course relevance to Oracle Cloud Generative AI Agents<\/strong> directly on each site.<\/p>\n\n\n\n
                                                                                                                                                              \n\n\n\n\n\n\n\n
                                                                                                                                                              Platform\/Site<\/th>\nLikely Specialization<\/th>\nSuitable Audience<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                              RajeshKumar.xyz<\/td>\nDevOps\/cloud training content<\/td>\nBeginners to experienced engineers<\/td>\nhttps:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n
                                                                                                                                                              devopstrainer.in<\/td>\nDevOps coaching\/training<\/td>\nDevOps engineers, sysadmins<\/td>\nhttps:\/\/devopstrainer.in\/<\/td>\n<\/tr>\n
                                                                                                                                                              devopsfreelancer.com<\/td>\nFreelance\/consulting-style enablement<\/td>\nSmall teams needing hands-on help<\/td>\nhttps:\/\/devopsfreelancer.com\/<\/td>\n<\/tr>\n
                                                                                                                                                              devopssupport.in<\/td>\nSupport\/training services<\/td>\nOps teams, production support engineers<\/td>\nhttps:\/\/devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                              \n\n\n\n
                                                                                                                                                              20. Top Consulting Companies<\/h2>\n\n\n\n
                                                                                                                                                              These companies are listed as requested. Validate capabilities, references, and OCI\/AI expertise directly with each provider.<\/p>\n\n\n\n
                                                                                                                                                              \n\n\n\n\n\n\n
                                                                                                                                                              Company<\/th>\nLikely Service Area<\/th>\nWhere They May Help<\/th>\nConsulting Use Case Examples<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                              cotocus.com<\/td>\nCloud\/DevOps\/engineering services<\/td>\nCloud adoption, platform engineering, automation<\/td>\nOCI landing zone, CI\/CD pipelines, operational monitoring<\/td>\nhttps:\/\/cotocus.com\/<\/td>\n<\/tr>\n
                                                                                                                                                              DevOpsSchool.com<\/td>\nTraining + consulting<\/td>\nEnablement, DevOps transformations<\/td>\nBuilding delivery pipelines, cloud governance practices<\/td>\nhttps:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                                              DEVOPSCONSULTING.IN<\/td>\nDevOps consulting services<\/td>\nAssessments, implementation support<\/td>\nProduction readiness, SRE practices, automation<\/td>\nhttps:\/\/devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                              \n\n\n\n
                                                                                                                                                              21. Career and Learning Roadmap<\/h2>\n\n\n\n
                                                                                                                                                              What to learn before this service<\/h3>\n\n\n\n
                                                                                                                                                                \n
                                                                                                                                                              • OCI fundamentals: compartments, VCN basics, IAM policies, tagging<\/li>\n
                                                                                                                                                              • Object Storage basics: buckets, encryption, lifecycle policies<\/li>\n
                                                                                                                                                              • API basics: REST, authentication, rate limiting<\/li>\n
                                                                                                                                                              • LLM fundamentals: tokens, context windows, temperature\/top-p concepts (high-level)<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                What to learn after this service<\/h3>\n\n\n\n
                                                                                                                                                                  \n
                                                                                                                                                                • Production RAG engineering: document preprocessing, chunking strategies, evaluation<\/li>\n
                                                                                                                                                                • Observability: dashboards, alerts, incident response for AI services<\/li>\n
                                                                                                                                                                • Security for AI: prompt injection threats, data leakage prevention, redaction<\/li>\n
                                                                                                                                                                • MLOps adjacent skills: model selection, A\/B testing, drift-like monitoring for agent behavior<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                  Job roles that use it<\/h3>\n\n\n\n
                                                                                                                                                                    \n
                                                                                                                                                                  • Cloud engineer \/ platform engineer (OCI)<\/li>\n
                                                                                                                                                                  • Solutions architect<\/li>\n
                                                                                                                                                                  • DevOps\/SRE building internal tooling<\/li>\n
                                                                                                                                                                  • AI\/ML engineer (applied LLM + retrieval)<\/li>\n
                                                                                                                                                                  • Security engineer (governance and controls for AI deployments)<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                    Certification path (if available)<\/h3>\n\n\n\n
                                                                                                                                                                    Oracle certifications change over time. Look for:\n– OCI Architect certifications (associate\/professional)\n– OCI security and operations certifications\n– Any Oracle AI\/ML learning paths that mention Generative AI<\/p>\n\n\n\n
                                                                                                                                                                    Verify current Oracle University offerings<\/strong>:\n– https:\/\/education.oracle.com\/<\/p>\n\n\n\n
                                                                                                                                                                    Project ideas for practice<\/h3>\n\n\n\n
                                                                                                                                                                      \n
                                                                                                                                                                    1. HR policy assistant with strict refusal behavior for unknown topics  <\/li>\n
                                                                                                                                                                    2. IT runbook assistant with \u201cask clarifying questions first\u201d prompt policy  <\/li>\n
                                                                                                                                                                    3. Release notes summarizer + Q&A assistant for engineering  <\/li>\n
                                                                                                                                                                    4. Compliance checklist assistant that outputs structured checklists (with citations if supported)  <\/li>\n
                                                                                                                                                                    5. Multi-environment deployment: dev\/test\/prod compartments with budgets and alarms  <\/li>\n<\/ol>\n\n\n\n
                                                                                                                                                                      \n\n\n\n
                                                                                                                                                                      22. Glossary<\/h2>\n\n\n\n
                                                                                                                                                                        \n
                                                                                                                                                                      • Agent<\/strong>: An application pattern where an LLM-driven system follows instructions and may retrieve knowledge and\/or take actions to complete tasks.<\/li>\n
                                                                                                                                                                      • Generative AI Agents<\/strong>: Oracle Cloud service for configuring and operating agent experiences (verify exact scope in your region).<\/li>\n
                                                                                                                                                                      • LLM (Large Language Model)<\/strong>: A model that generates and reasons over natural language.<\/li>\n
                                                                                                                                                                      • Tokens<\/strong>: Units of text used for LLM input and output billing and limits.<\/li>\n
                                                                                                                                                                      • RAG (Retrieval-Augmented Generation)<\/strong>: Retrieving relevant documents and injecting them into the prompt context to ground responses.<\/li>\n
                                                                                                                                                                      • Grounding<\/strong>: Constraining responses using retrieved authoritative content.<\/li>\n
                                                                                                                                                                      • Compartment (OCI)<\/strong>: A logical container for organizing resources and applying IAM policies.<\/li>\n
                                                                                                                                                                      • IAM (Identity and Access Management)<\/strong>: Policies and identities controlling access to OCI resources.<\/li>\n
                                                                                                                                                                      • Instance principals \/ resource principals<\/strong>: OCI-native workload identities for authenticating without embedding keys.<\/li>\n
                                                                                                                                                                      • OCI Object Storage<\/strong>: Durable storage for unstructured objects (documents, PDFs, text files).<\/li>\n
                                                                                                                                                                      • OCI Audit<\/strong>: Service that records API calls and administrative events for governance.<\/li>\n
                                                                                                                                                                      • OCI Logging<\/strong>: Centralized log ingestion, storage, and search capabilities.<\/li>\n
                                                                                                                                                                      • API Gateway<\/strong>: Managed gateway for APIs that adds auth, rate limiting, routing, and logging.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                        \n\n\n\n
                                                                                                                                                                        23. Summary<\/h2>\n\n\n\n
                                                                                                                                                                        Generative AI Agents (Oracle Cloud)<\/strong> is a managed service in the Analytics and AI<\/strong> category designed to help teams build and operate agent-style generative AI assistants with enterprise governance. It fits best when you want OCI-native controls (IAM, compartments, audit\/logging) and you need assistants grounded in your organization\u2019s documents.<\/p>\n\n\n\n
                                                                                                                                                                        Key takeaways:\n– Architect for grounding (RAG), strict instructions, and robust evaluation to reduce hallucinations.\n– Costs are primarily usage-based (often token-driven) plus storage, retrieval\/indexing (if applicable), and operational services\u2014use Oracle\u2019s official pricing pages and cost estimator rather than guessing.\n– Secure production deployments typically put API Gateway + a backend<\/strong> in front of the service, use workload identity, and minimize sensitive logging.\n– Start small with a focused internal assistant, then scale with environment separation, monitoring, and governance.<\/p>\n\n\n\n
                                                                                                                                                                        Next learning step: use the OCI docs landing page to find the latest Generative AI Agents<\/strong> documentation for your region, then expand this lab into a production pattern with API Gateway, budgets\/alerts, and a controlled document ingestion pipeline.<\/p>\n","protected":false},"excerpt":{"rendered":"
                                                                                                                                                                        Analytics and AI<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[66,62],"tags":[],"class_list":["post-839","post","type-post","status-publish","format-standard","hentry","category-analytics-and-ai","category-oracle-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/839","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=839"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/839\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=839"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=839"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=839"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}