Getting started: Trust3 AI inventory and Run Collector¶
This tutorial walks you through loading AI asset inventory into Trust3 AI Governance using the AI Assets Collector (Run Collector). With the stack running, the collector ingests on a schedule (every 15 minutes in the current release), and Trust3 can show agents, identities, and relationships across the platforms you connect—so governance, risk, and platform teams share one source of truth instead of spreadsheets.
Before you begin
- If you have not signed up yet, open Trust3 Cloud and create an account.
- Choose how to run the collector (both paths are in Run Collector):
- Quick test — select Docker. You need Docker and Docker Compose on the machine where the collector will run.
- Production — select Runtime on K8s. You need a Kubernetes cluster (for example AKS) and a Trust3 Runtime deployed in that cluster.
- Decide whether you will collect from Databricks, Microsoft Azure / Power Platform, or both, then complete the matching prerequisite guide before you configure the collector.
Overview¶
After you can sign in to Trust3 Cloud, you will:
- Understand what AI inventory means in Trust3
- Complete platform prerequisites (Databricks and/or Azure)
- Set up and run the AI Assets Collector — Docker for a quick test, or Runtime on K8s for production (Run Collector)
- Review inventory in the Trust3 portal (dashboard / agent views as enabled for your tenant)
Keep Run Collector open for the tab that matches your choice (Docker or Runtime on K8s), including checklists and configuration reference.
Step 1: What is Trust3 AI inventory?¶
AI inventory is the normalized catalog of AI-related assets the collector discovers in your platforms—agents, endpoints, Genie spaces, Copilot-related objects, and their links to identities (owners, invokers, service principals). Trust3 AI Governance uses that inventory for visibility, policy checks, and audit evidence.
The AI Assets Collector is a Docker-based collector you run on your side. It calls vendor APIs with credentials you supply, then ingests results into Trust3 using AI_GOVERNANCE_API_KEY (when your deployment requires it).
Step 2: Platform prerequisites¶
Configure access in the upstream platform before you put secrets in .env.
| If you collect from… | Follow this guide |
|---|---|
| Databricks | Databricks prerequisites — workspace URL, personal access token (PAT), environment naming |
| Azure / Power Platform | Azure prerequisites — Microsoft Entra app registration, secrets, Power Platform app user, least-privilege roles |
You can enable one or both collectors; leave unused variables blank or omit them in .env.
Step 3: Run Collector¶
Follow the steps in Run Collector.
Step 4: Review inventory in Trust3¶
Sign in to Trust3 Cloud and open the AI Governance areas your tenant provides (for example agent inventory, dashboard, or GIA, depending on product configuration). You should see new or updated assets that match the platforms you connected.
If inventory does not appear after a successful run, confirm settings with your Trust3 administrator, and re-run the collector after fixes.
Next steps¶
-
Run Collector (reference)
-
AI Assets Collector
-
Quick Start
-
Core concepts