From data-warehouse add-on to purpose-built LLM governance.
Databricks AI Gateway is a serving-endpoint feature inside the Databricks Lakehouse. It works well if your entire stack is Databricks. DVARA is a cloud-neutral, self-hostable governance layer with Policy-as-Code, MCP tool call coverage, and tenant isolation that a workspace-scoped feature cannot deliver.
| Feature | DVARA | Databricks AI Gateway |
|---|---|---|
| Multi-provider unified API | ✓ | ∼ |
| SSE streaming support | ✓ | ✓ |
| Structured outputs on Anthropic + Gemini | ✓ | — |
| Capability-aware route filtering | ✓ | — |
| Circuit breaker per provider | ✓ | — |
| Canary routing + A/B testing | ✓ | — |
| Weighted routing + failover | ✓ | — |
Databricks offers guardrails and workspace-level auth. DVARA adds policy-as-code, tenant isolation, and compliance evidence that the serving-endpoint model cannot support.
| Feature | DVARA | Databricks AI Gateway |
|---|---|---|
| Policy-as-Code engine (YAML DSL) | ✓ | — |
| Policy dry-run before activation | ✓ | — |
| Policy versioning + rollback | ✓ | — |
| Immutable HMAC-signed audit trail | ✓ | ∼ |
| PII detection and redaction | ✓ | — |
| SOC2 / HIPAA / GDPR evidence packages | ✓ | ∼ |
| Reversible tokenisation | ✓ | — |
Databricks has no MCP awareness. DVARA governs the entire agent workflow.
| Feature | DVARA | Databricks AI Gateway |
|---|---|---|
| MCP tool calls proxied and governed | ✓ | — |
| MCP argument-level policy rules | ✓ | — |
| MCP PII scan on arguments + responses | ✓ | — |
| Human approval gate (enforced at execution) | ✓ | — |
| Agent loop detection + auto-kill | ✓ | — |
| Session timeline (LLM + MCP unified) | ✓ | — |
Databricks couples credentials to the serving-endpoint lifecycle. DVARA treats credentials as an independent, tenant-scoped entity with first-class rotation.
| Feature | DVARA | Databricks AI Gateway |
|---|---|---|
| Tenant-scoped (BYOK) provider credentials | ✓ | — |
| Independent credential lifecycle (not endpoint-coupled) | ✓ | — |
| Multiple keys per provider per tenant | ✓ | — |
| Sub-second credential revocation | ✓ | — |
| In-product rotation UI | ✓ | ∼ |
| Feature | DVARA | Databricks AI Gateway |
|---|---|---|
| Real-time cost per request (USD) | ✓ | ∼ |
| Budget caps (soft + hard) per tenant | ✓ | — |
| Auto model downgrade on budget threshold | ✓ | — |
| Chargeback reports per tenant/team | ✓ | — |
| Feature | DVARA | Databricks AI Gateway |
|---|---|---|
| Self-hosted / on-prem deployment | ✓ | — |
| Air-gapped deployment | ✓ | — |
| Cloud-neutral (AWS / GCP / Azure / bare metal) | ✓ | ∼ |
| SSO via OIDC / SAML 2.0 | ✓ | ✓ |
| RBAC access control | ✓ | ✓ |
| Kubernetes Helm chart | ✓ | — |
Databricks AI Gateway is a sensible choice if your entire AI workload lives inside a single Databricks workspace. The moment you need multi-tenant isolation, cloud-neutral deployment, policy-as-code, MCP tool call governance, or a credential lifecycle independent of serving endpoints, it hits architectural ceilings. DVARA is purpose-built for the governance layer that Databricks leaves to the consumer.