Provider / Model Trust Matrix

Ten deployment routes. Ten trust dimensions. Every populated cell sourced to primary documentation, with gaps shown rather than hidden.

"When the room asks 'which of these routes can we actually defend to our CISO, our DPO, and our legal team?' — this matrix gives you the answer for each one. Not as a claim. As a sourced comparison."

This matrix maps ten AI deployment routes — models from Anthropic, OpenAI, Google, and Mistral, accessed via AWS Bedrock, Azure AI Foundry, GCP Vertex AI, and direct provider APIs — across ten trust dimensions drawn from primary vendor documentation. It does not make assertions. It surfaces what the vendors themselves have committed to, in their own words. Every gap is marked. Every conditional cell is flagged. The Foundry row is amber because the evidence warrants it.

HOW THE JOURNEY UNFOLDS

FILTER BY YOUR CONSTRAINT

Start with what matters to your organisation: EU or US residency, training opt-out, ZDR availability, HIPAA coverage. Apply the filter. The matrix narrows to the routes that meet it.

OPEN THE CELLS

Click any cell. The source panel opens — the vendor's verbatim commitment, the primary document title, the URL. You are reading their words, not ours. If a vendor has not publicly documented a commitment, the cell shows a gap — not a blank, not an assumption.

COMPARE ANY TWO ROUTES

Select any two rows and the grid collapses to a focused side-by-side view, with every cell that differs between the two routes highlighted. Useful when the conversation has narrowed and the room needs to see exactly where two options diverge.

EXPORT AND FORWARD

Filter to your shortlist. Export the view as CSV. Every row carries its source URL. Forward it to your CISO, DPO, or legal counsel with the evidence already attached.

This matrix is a technical and architectural evidence tool, not legal advice. It is populated from the current Artefact 01 evidence base; cells marked as gaps or conditional need route-specific review before customer-specific reliance.

Evidence governance

Artefacts 01 and 02 render from approved canonical files. The evidence backend checks source movement and quote position, records human decisions, and promotes only approved repairs back into the public bundle.

Canonical promoted: 5/30/2026 · Public pages remain file-based, not live database-rendered.

Canonical version: v0.2
Canonical sources: 67
Human decisions: 87
Promoted repairs: 2

Route filters

10 of 10 routes match your criteria

Data safety

Is my data safe?

Training, provider access, processor boundaries

Data location

Where is it stored?

Region, residency, routing

Inference venue

Where does inference happen?

Where the model call is served

Verifiability

Can I verify it?

Audit, logging, evidence trail

Matrix signal

Foundry-Claude is deliberately amber. Claude in Microsoft Foundry is not treated as a normal Azure-hosted route. The matrix keeps that processor asymmetry visible in the default view.

The matrix

Ten routes. Ten dimensions. One evidence surface.

Rows fade when they do not match your constraints. They stay visible because the rejected alternatives are often as useful as the shortlist.

Deployment route	Inference venuesecurity	Data use for trainingprivacy	Region · residency · routingprivacy	Logging and retentionsecurity	ZDR / retention controlsprivacy	Private networking · control planesecurity	Provider access · sub-processor chaincontractual	Auditabilitysecurity	Legal · DPA posturecontractual	Caveats and review flagscontractual
Claude → AWS BedrockAmazon Web Services · AWS Bedrock
Claude → GCP Vertex AIGoogle Cloud · Google Vertex AI
Claude → Azure AI FoundryMicrosoft / Anthropic · Microsoft FoundryData processor: Anthropic, not Microsoft
Claude → Anthropic APIAnthropic · Anthropic API
OpenAI → Azure OpenAI ServiceMicrosoft Azure · Azure OpenAI Service
OpenAI → Direct APIOpenAI · OpenAI API
Google → GCP Vertex AIGoogle Cloud · Google Vertex AI
Google → AI Studio (direct)Google · AI Studio (direct)
Mistral → La PlateformeMistral AI · La Plateforme
Mistral → AWS BedrockAmazon Web Services · AWS Bedrock

Methodology

Canonical first, automation second.

This public matrix is rendered from canonical v0.2, promoted on 5/30/2026. Monitoring and review happen behind the scenes; public claims change only through a controlled canonical promotion.

Controlled source of truth

The public page renders from an approved canonical evidence file. Backend review state supports operations, while public content remains stable until a promoted version is released.

Evidence monitoring

The evidence checker fetches official source URLs, prefers English variants, compares stored quotes with current page text, and records redirects, access failures, and quote movement for review.

Human approval

A reviewer decides whether a finding is a false positive, a source repair, a wording change, legal review, or blocked reliance. Those decisions form the audit trail.

Promotion path

Reviewed decisions produce a versioned canonical draft. Approved repairs are promoted into the next public bundle only after diff review.

Related artefacts

Provider / Model Trust Matrix

Ten routes. Ten dimensions. One evidence surface.

Canonical first, automation second.

Take the matrix into the next review layer.

Citation-Ready Battle Card

EU AI Act Note

Inference Decision Tree