Google Cloud Next ‘26 wrapped four days ago and the hyperscaler agent runtime decision looks completely different than it did last week. Vertex AI is gone — rebranded to the Gemini Enterprise Agent Platform, with Agentspace folded in, a no-code Workspace Studio bolted on, and Anthropic’s Claude sitting inside the Model Garden alongside 200 other models. Microsoft’s Agent 365 hit GA on May 1 at $15/user/month with one-click Teams deployment. AWS Bedrock AgentCore has been GA since October and just keeps shipping primitives.
If you’re a platform engineer or AI architect picking the runtime that will host your agent fleet for the next three years, this is the procurement decision of the year. Not the LLM you call (you’ll switch those quarterly), not the framework you write in (LangGraph, CrewAI, ADK all run on all three). The runtime — where agents execute, who holds the identity, where the audit log lives, what your bill looks like at 10M tool calls a month.
Here’s how the three actually shake out.
What Google did at Next ‘26
The Vertex AI rebrand isn’t cosmetic. Google merged the model-serving layer (old Vertex AI), the agent-building layer (Agentspace), and the productivity layer (Workspace) under one product line called Gemini Enterprise Agent Platform. They also ratified A2A protocol v1.0 — agent-to-agent communication is now in production at 150 organizations including Deloitte, Wells Fargo, and a slate of EU public-sector tenants — and put managed MCP servers behind Apigee, which means your agent can call any internal API as a tool without you running an MCP host.
The thing nobody is saying out loud: Workspace Studio is the first credible no-code agent builder from a hyperscaler. You wire Drive, Gmail, Docs, Calendar, and BigQuery together with a visual canvas, hand it a Gemini 3.5 model, and ship to your domain. For Workspace-heavy orgs this is a bigger deal than the Vertex rebrand. It collapses a six-week ADK build into an afternoon for the 70% of agents that are honestly just “read this calendar, find the gap, send an email.”
Where it falls down: lock-in is real. The 200-model Garden including Claude is a genuine concession, but the agent fabric — A2A wire format, Apigee MCP catalog, Workspace Studio canvas — is Google-shaped. Migrating off in 18 months means rewriting orchestration. And if your stack isn’t already on Workspace and BigQuery, you’re paying for productivity integrations you’ll never use.
Bedrock AgentCore is still the open one
AgentCore’s pricing is the most honest of the three: $0.0895 per vCPU-hour, billed only for actual CPU consumed. That phrase matters. Most agent runtimes bill you for allocation — you reserve a container, you pay while it sits idle waiting on the LLM to respond. AgentCore meters real CPU. An agent that spends 8 seconds thinking and 2 seconds running tools costs you the 2 seconds. At fleet scale this saves roughly half versus an allocation-based model, which is what the pricing footnote is dancing around.
The other AgentCore wedge is the Gateway primitive. Lambda functions, REST APIs, MCP servers, and ECS tasks all sit behind one signed endpoint with IAM-mapped permissions. You stop wiring per-tool auth into every agent and let the Gateway handle it. If you’ve ever maintained a fleet of agents where each one carried its own service account secrets, you know why this is the feature that sells the platform to security teams.
Native framework hosting is the third leg. LangGraph, CrewAI, Strands, and Google’s own ADK run as first-class citizens on AgentCore — no shim, no adapter layer. You can run an agent written in Google ADK on AWS Bedrock and it just works. This is the closest any hyperscaler comes to genuine framework neutrality, and it’s why AgentCore is the obvious pick for orgs that don’t want to bet on a single agent SDK winner.
The honest weakness: AgentCore is a runtime, not a productivity surface. There’s no Workspace Studio, no Teams one-click, no Outlook calendar integration. AWS’s stance is “integrate anything via Gateway” which is correct in principle and slow in practice. Your agents will be powerful but invisible to end users until you wire them into Slack, Teams, or a custom UI yourself.
Azure AI Foundry plus Agent 365 is the M365 trump card
If your company runs on Microsoft 365 — and a lot of them do — Azure AI Foundry plus the new Agent 365 layer is the highest-leverage option, full stop. One-click deployment to Teams. Agents that read calendars, join meetings as participants, post in channels, and draft emails in Outlook without you writing a single integration. Entra Agent IDs give every agent a first-class identity in Active Directory, which means Conditional Access, Purview DLP, Defender threat scoring, and the existing audit pipeline all apply automatically.
The pricing is awkward. Agent 365 is $15/user/month — that’s per human user the agents serve, not per agent. For a 10,000-employee F500, that’s $1.8M/year before any token spend. Foundry itself bills tokens-and-credits at PAYG rates that are competitive with Bedrock for OpenAI models and worse for non-Microsoft models. The math gets ugly fast if you’re running Anthropic or Mistral on Foundry — you’re paying Microsoft for the privilege of routing to a competitor’s model.
What’s underrated: Agent 365’s cross-cloud registry sync to Bedrock and Gemini Enterprise. Microsoft is the only vendor letting you register an agent once and have it appear in all three control planes. For orgs that already span clouds, this is the only governance answer that doesn’t require a third-party tool like Galileo or Onyx. It’s a strategic move — Microsoft can’t win the inference layer outright, so they’re betting on owning the identity and audit layer above it.
Per-agent pricing math at fleet scale
Let me work through the actual numbers, because the marketing pages are useless on this. Assume a fleet of 50 agents averaging 20K monthly tool calls each — 1M total. Each tool call burns ~3 seconds of CPU and ~5K input + 1K output tokens on a mid-tier model.
Bedrock AgentCore. 1M calls × 3 sec = 833 vCPU-hours × $0.0895 = roughly $75 in runtime. Token spend on Claude 3.7 Sonnet via Bedrock is around $3K for inputs, $1K for outputs at this volume — call it $4K. Gateway calls are bundled. Total: ~$4,075/month for a 1M-call fleet. At 10M calls you’re at ~$40K. At 100M you’re at ~$400K.
Gemini Enterprise. Per-agent licensing on the Agent Platform tier is $30/agent/month for 50 agents = $1,500 baseline. Gemini 3.5 token spend at the same volume is roughly $3K combined. Workspace Studio is bundled if you have Workspace. Total: ~$4,500/month at 1M, scales linearly on tokens since the per-agent license is flat. At 100M calls you’re at ~$304K — slightly cheaper than Bedrock at the very high end if you have a small fleet driving heavy traffic.
Azure AI Foundry + Agent 365. $15/user × 10K users = $150K/month before you do anything. Token spend on GPT-5 at this volume is roughly $3.5K. Total: ~$153.5K/month at 1M tool calls.
The Agent 365 number looks insane on a per-call basis until you remember what you’re buying — you’re not paying for tool calls, you’re paying for every M365 seat to have access to agents inside Outlook and Teams. If only 2,000 of those 10K users actually use the agents weekly, your effective cost per active user is $75/month. That’s roughly the price of a mid-tier SaaS seat. For an M365-mature org, it’s defensible. For a 200-person startup, it’s wildly out of proportion.
Framework portability is mostly real
LangGraph runs on all three. CrewAI runs on all three. AutoGen runs on Azure natively, on Bedrock via the open-source runtime, and on Gemini Enterprise via the ADK adapter. Google’s ADK v1.0 is stable across Python, TypeScript, Java, and Go and runs natively on Bedrock and Foundry as well as Google Cloud. Strands runs on AWS first, with community ports elsewhere.
What this means in practice: the agent code you write today is not the lock-in. The lock-in is the orchestration glue — how A2A messages flow, how MCP tools are catalogued, how identity propagates between agents. If you switch runtimes 18 months in, you’ll keep your agent logic and rewrite roughly 30-40% of the wiring. Painful but not catastrophic.
The exception is Workspace Studio and Agent 365’s no-code canvases. Anything you build in those is non-portable, period. Treat them as the Lightning App Builder of agent platforms — fast to ship, expensive to migrate.
The cross-cloud reality nobody admits
Most large enterprises won’t pick one. They’ll run Agent 365 because their employees live in Outlook, Bedrock because their data is in S3 and they don’t want egress fees, and a small Gemini Enterprise footprint for the BigQuery analytics agents. The Forrester survey from late April put it at 67% of F500s already running production agents on two or more hyperscalers.
A2A v1.0 makes this less ugly than it sounds. An Agent 365 agent can call a Bedrock agent over A2A with cryptographically signed identity, and the Microsoft cross-cloud registry keeps both visible in Purview. MCP everywhere means your tool catalog is portable even when the runtime isn’t.
Where it gets messy: observability. Langfuse and Braintrust have multi-cloud collectors. LangSmith is Anthropic-friendly but doesn’t ingest Foundry traces cleanly. AgentCore’s native CloudWatch integration is excellent but stays inside AWS. Plan to run a vendor-neutral observability layer on top of whatever runtimes you pick — this is the layer that gets you out of the lock-in trap.
Where each one actually wins
Pick Gemini Enterprise if your company runs on Workspace and BigQuery, you want a no-code path for the 70% of agents that don’t need custom code, and you’re comfortable with Google holding the orchestration layer. Best for marketing/sales/ops orgs and EU public-sector deployments where data residency and the EU AI Act high-risk classification are already documented.
Pick Bedrock AgentCore if you want the most flexible runtime, you’re already on AWS, your data is in S3, and you’re betting on framework neutrality. Best for engineering-led orgs and anyone running multi-model strategies through Portkey or LiteLLM. The CPU-actual billing is genuinely cheaper at fleet scale and the Gateway primitive solves the secrets-management nightmare.
Pick Azure AI Foundry plus Agent 365 if your employees live in Outlook and Teams, you’re an M365 E5 shop, and you need agents that show up in calendars and channels without an integration project. The $15/user math only works for orgs with a critical mass of M365 users — under 1,000 employees it’s overkill. Agent 365’s cross-cloud registry is the killer feature for governance teams that need a single audit pane.
For regulated industries — FSI, healthcare, public sector — Bedrock AgentCore has the strongest VPC-only deployment story and the cleanest “data not used for training” contractual language. Foundry is close behind and wins on FedRAMP High coverage. Gemini Enterprise has the youngest compliance posture of the three but is moving fast on EU AI Act conformity.
What I’d actually do
If I were building from scratch today, I’d put the runtime on Bedrock AgentCore, the productivity surface on Agent 365 for Outlook/Teams reach, and skip Gemini Enterprise unless I had a real Workspace footprint. The cross-cloud Microsoft registry handles governance, AgentCore’s CPU-actual billing keeps the spend honest, and Agent 365’s Teams integration covers the user-facing surface that Bedrock can’t reach.
That’s a two-runtime answer in a market that wants you to pick one. Which is fine — pretending you’re going to standardize on a single hyperscaler in 2026 is the procurement equivalent of believing in a single CRM.
Try this: take the smallest production agent you have running today, deploy it once on each platform, and run a week of real traffic through each. The pricing pages won’t tell you what your actual bill looks like. The traces will.