Oracle Platform — Architecture

Bid intelligence demonstrator · Blackstone& Labs AWS · current deployed state

Account Blackstoneand-labs · ••••••••••••

Region eu-west-2 (London)

Phase 0 · v1.11 · 2026-06-04

Live in Labs Scaffolded / placeholder Planned (Phase 1+) ✓ verified live · AWS 2026-06-04

1Apps · Agents Thin apps on the platform — each sold to the customer as a new agent

ITT Extractor Plan · P1

AgentCore Runtime

Writing Agent Plan · P1

Runtime + Memory · the "shiny"

P-win Plan · P2

Runtime + factor model

Loss-Review Plan · P3

Runtime + Step Functions

2Agent Runtime · AgentCore-hybrid Managed AgentCore primitives + Bedrock-Claude + Step Functions for batch

Bedrock · Claude Sonnet 4.6 Live

in-region eu-west-2 · workhorse

AgentCore Runtime Plan · P1

microVM · 8h sessions

AgentCore Memory Plan · P1

multi-turn editing state

AgentCore Gateway Plan · P1

MCP tool federation + auth

AgentCore Identity Plan · P1

credential vending · BL-035 risk

AgentCore Policy Plan · P1

Cedar · grounding discipline

AgentCore Observability Plan · P1

OTEL → CloudWatch

Step Functions (batch) Plan · P1

deterministic pipelines

3Domain Bid entities + REST API on RDS Postgres

Domain model Plan · P1

Opportunity·Contract·Bid·Requirement·Response·Feedback·WinTheme

RDS Postgres Plan · P1

t4g.micro · domain + vector store

Content Library Plan · P1

typed: case-study·capability·win-theme·method·bio

4Knowledge · Retrieval Ingest → embed → grounded retrieval. Hallucination blocked by architecture

Bedrock Titan Embeddings V2 Live

in-region eu-west-2

Ingest pipeline Plan · P1

S3 → Textract → chunk → embed

pgvector on RDS Plan · P1

source-grounded chunk store

Grounding-enforced retrieval tool Plan · P1

Lambda as MCP tool · BL-062

Bedrock Guardrails Plan · P1

contextual grounding score

⎯⎯ SYNTHETIC DATA ONLY in Labs — real customer corpus ingested post-migration ⎯⎯

5Governance IG classification, retention, encryption per data class

KMS CMK · general Live

annual rotation · deny non-TLS

KMS CMK · bid-content Live

per-data-class key

KMS CMK · secrets Live

Secrets Manager backing key

IG classification at ingest Plan · P1

OFFICIAL default

Audit log Plan · P1

DynamoDB + CloudWatch

6Foundation · Network & Identity Production-grade, parametrised for customer lift. Mostly LIVE today

VPC 10.20.0.0/16 Live

vpc-0•••••••••••••• · 2 AZ

Subnets · NAT · IGW Live

2 public + 2 private · 1 NAT

VPC endpoints Live

S3 gw · bedrock-runtime · secretsmgr

Flow logs → log-archive Live

S3 · locked default SG (0/0)

CloudTrail Live

management events → S3+KMS

TF state backend Live

S3 + DynamoDB locks + KMS

GitHub OIDC + CI roles Live

plan + apply roles · no static keys

Cognito (end-user SSO) Plan · P1

Google WS (Labs) / customer IdP (prod)

Terraform — 7-stack-per-env pattern · DEC-022 · SSM Parameter Store cross-stack contract

Applied · human

bootstrap

OIDC IdP · 2 CI roles + boundaries · 3 KMS root keys · 9 SSM params

23 res · ~£2/mo

Applied · CI-proven

foundation

VPC · NAT · endpoints · flow logs · log_archive · 8 SSM params

35 res · ~£57/mo

Applied · human

github

branch protection · labs Environment · secret scanning

5 res · £0 AWS

Placeholder

audit

CloudTrail data events · GuardDuty. Customer → dedicated account (DEC-023)

Step 0.10.11

Placeholder

platform

RDS-pgvector · AgentCore · Guardrails · Cognito

Phase 1

Placeholder

workloads

per-agent Lambda · Step Functions · IAM (BL-034 split >4)

Phase 1

Placeholder

eval

grader infra · isolated from workloads (Managed Agents pattern)

Step 0.14

CI/CD — GitHub Actions OIDC trust path · live

GitHub Actions workflow ──OIDC token──▸ IAM OIDC provider
token.actions.githubusercontent.com ──▸ ci-plan-labs / ci-apply-labs ──▸ scoped TF plan/apply
per-stack · on labs Environment

No long-lived keys. Trust binds role to repo blackstoneand/oracle-platform + branch + Environment via OIDC claims (:sub, :aud, :ref, :environment). Apply role carries a deny-ceiling boundary (self-modification, OIDC-provider, account-level, state-bucket tampering, role-chaining, secrets-path all denied). Same shape lifts to the customer env at Phase H via tfvars. Cross-stack values flow through SSM /oracle-platform/{env}/{stack}/{key} — not terraform_remote_state.

Designed for migration — Labs today → customer env next engagement

Blackstone& Labs

account •••••••••••• · this engagement

Production-grade demonstrator on synthetic data
bootstrap + foundation + github stacks live (~£62/mo)
Reference architecture & methodology IP retained by Blackstone&

▸▸

Migration kit
(Step 0.17)
= config + data swap,
not rebuild

Customer AWS

Customer-owned · post-engagement

Same 7-stack shape · only tfvars change
Real 3-year bid corpus ingested post-migration
Customer IdP SSO · IG sign-off · audit-as-account

Standing cost today — Labs, foundation live

~£2

bootstrap · 3 KMS root keys /mo

~£57

foundation · NAT £28 + endpoints £29 /mo

~£3

GitHub Team plan /mo

~£62

total standing /mo · Bedrock usage on top

Verified against live AWS

✓ Reconciled against account •••••••••••• · eu-west-2 aws cli · 2026-06-04 · IDs masked for sharing

Caller identityuser/Kieran-AdminBand · acct ••••••••••••match

VPC + CIDRvpc-0•••••••••••••• · 10.20.0.0/16 · availablematch

Subnets (2 AZ)4 subnets · 2 public-role + 2 private · eu-west-2a/bmatch*

NAT + IGWnat-0•••••••••••••• (available) · igw-0••••••••••••••match

VPC endpointsbedrock-runtime + secretsmanager (Interface) · s3 (Gateway) — all availablematch

VPC flow logsACTIVE → s3 blackstone-oracle-platform-log-archive-devmatch

KMS CMKsalias …-general-dev · …-bid-content-dev · …-secrets-dev (+ cloudtrail key)match

S3 bucketslog-archive-dev · blackstone-tfstate-eu-west-2match

DynamoDB locksterraform-locksmatch

CloudTrailblackstone-labs-audit · multi-region=truematch

GitHub OIDC IdPoidc-provider/token.actions.githubusercontent.commatch

CI rolesci-plan-labs · ci-apply-labsmatch

SSM cross-stack contract9 bootstrap params + 8 foundation params under /oracle-platform/labs/match

Bedrock models in-regionclaude-sonnet-4-6 · titan-embed-text-v2:0 (catalogued eu-west-2)match*

Stacks NOT yet appliedaudit · platform · workloads · eval — no resources found (as expected)match

*Subnets: the two "public-role" subnets carry an IGW route but have MapPublicIpOnLaunch=false — public by routing, not by auto-assigned IP (a hardening choice, not a discrepancy).
*Bedrock: both models are present in the eu-west-2 catalogue; invoke entitlement was proven at Phase A (SESSION-001) and was not re-invoked in this read-only check.

This is the target Phase 1 request path — the bid-writing flow Oracle is built to serve. The substrate marked live is deployed and AWS-verified today; the pipeline stages and agents that move data along it (grey) are not yet built — they land in Phase 1's platform/ + workloads/ stacks. Source: architecture.md Data Flows table.

Bid manager uploads ITT pack

browser→S3 bid-corpus-rawKMS-encrypted at rest

HTTPS signed-URL upload (PDF / Word / Excel). KMS CMK live; the bid-corpus-raw bucket itself lands at Step 0.13.

Upload event triggers ingest

S3 event→EventBridge→Step Functions

Per-pack ingest workflow. Planned — Phase 1 platform stack.

OCR scanned pages

ingest→Textract

Extracts text from scanned / image PDFs before chunking.

Embed text chunks

ingest→Bedrock Titan Embeddings V2

Embedding model live in-region; the ingest caller that invokes it is planned.

Store grounded chunks

ingest→RDS pgvector

Chunks + embeddings + source metadata. Source-grounded store.

Agent retrieves — grounding-enforced

Writing / ITT agent→retrieval tool (MCP via Gateway)→chunks + source attribution

The hallucination blocker: agents cannot cite what they did not retrieve (BL-062).

Session state

Writing agent→AgentCore Memory

Writer preferences + multi-turn editing state.

Generate draft

agent→Bedrock · Claude Sonnet 4.6 (InvokeModel)

Prompt + retrieved tool results → grounded section draft. Model live in-region.

Policy enforcement

agent→AgentCore Policy (Cedar)

e.g. "must call retrieve_chunks before generate_section" — grounding discipline as policy.

Trace + audit

AgentCore Observability→CloudWatch (OTEL)

Per-step trace of agent reasoning — the audit trail for OFFICIAL workloads.