The Microsoft stack governs. The open stack flexes.
The Microsoft estate is built around enterprise governance primitives. The open stack is built around developer flexibility. For Constrained Agency, governance compounds and flexibility decays.
Most stack-comparison conversations in agentic AI today are framed as Microsoft versus Google versus AWS, or proprietary versus open. That framing optimizes for the wrong axis. The actual choice for an operator deploying Constrained Agency is not which vendor; it is which posture. The Microsoft estate is structurally organized around enterprise governance primitives — Entra ID for identity, Purview for lineage and DLP, Copilot Studio for scoped agent design, AI Foundry for runtime, Agent 365 for the unified registry. The open stack is structurally organized around developer flexibility — LangChain for orchestration freedom, LlamaIndex for retrieval freedom, self-hosted models for runtime freedom. Both are real. Both have legitimate use cases. They are not interchangeable for the operator who is trying to ship Constrained Agency at scale.
This piece argues a structural position, not a vendor pitch: for the operator deploying agentic AI under enterprise governance, the Microsoft posture compounds where the open posture decays. The argument is independent of any one product feature; it is about which set of primitives the stack is organized around, and which set fits the discipline that the destination requires.
Governance versus flexibility.
Every enterprise software stack is a bet on which primitives compound. The Microsoft estate is a thirty-year bet on governance primitives — Active Directory, then Azure AD, now Entra ID; SharePoint, then Purview; Group Policy, then Intune. The pattern is consistent: Microsoft ships the primitive that lets the enterprise enforce policy at scale, and over time the enterprise routes more of its principals through that primitive because the alternative is hand-rolling enforcement everywhere. The open stack is a bet on the opposite primitives — flexibility, composability, framework freedom. That bet wins where the deployment target is a small team with deep technical taste and the constraint set is loose. It loses where the deployment target is a regulated enterprise with hard governance requirements, because each governance primitive has to be hand-rolled and the cost compounds.
Constrained Agency lives squarely in the second case. Identity, delegation, expiration, audit, lineage, policy enforcement — these are not optional features bolted on to a working agent; they are the substance of what makes agentic AI safe at scale. A stack organized around governance primitives ships these natively. A stack organized around flexibility primitives ships these as “configurable” — which means buildable, which means hand-rolled, which means expensive to maintain.
Three moves.
Governance primitives compound; flexibility primitives decay.
Every governance primitive an enterprise routes through Entra, Purview, or Copilot Studio creates retention — once policy is enforced at the platform layer, ripping it out means re-enforcing it at the application layer for every agent the enterprise has ever deployed. Every flexibility primitive in the open stack creates the opposite dynamic — once the enterprise has deployed twenty agents on LangChain, swapping to LangGraph or to vendor X’s SDK is a 12-week reframe per agent. Compounds are the thing that makes infrastructure decisions retrospectively correct. Flexibility is the thing that makes infrastructure decisions retrospectively expensive.
The Microsoft estate is the path of least resistance for the Microsoft-aligned operator.
Most enterprise operators are already running on Microsoft 365, Entra ID, Purview, and at least one Dynamics module. For these operators, deploying agents through Copilot Studio + AI Foundry on Entra Agent ID is the path of least resistance — the agents inherit identity, policy, lineage, and sensitivity labeling automatically. The open-stack alternative requires building a parallel governance fabric that duplicates what the Microsoft estate already provides. The hidden cost of that parallel fabric is the actual cost of the open stack for this operator base, and it is rarely calculated up front.
The open stack still wins where it wins — and that band has a name.
This piece is not an argument that the open stack loses everywhere. The open stack wins for AI-native product companies, for high-frontier model labs, and for operators with deep platform engineering benches who treat the constraint stack as a competitive moat to build in-house. For those operators, the flexibility-first posture is the right call. The band where the open stack fits is small — perhaps the top 5–10% of operators by platform engineering depth. The band where the Microsoft estate fits is the remaining 90% of mid-market and enterprise operators who need the governance primitives to ship, not to build.
The strongest argument against this position.
The strongest counter is vendor lock-in. Routing your entire agent estate through Entra Agent ID, Purview lineage, and Copilot Studio scoping creates exactly the same retention dynamic on the buyer’s side that Microsoft enjoys on the seller’s side: ripping out the governance fabric requires re-onboarding every agent. For an operator who values strategic optionality, this is a real concern.
The honest response is that lock-in is the cost of compounding governance, and the alternative is not freedom — it is hand-rolling. The open stack does not give you optionality at zero cost; it transfers the lock-in from the platform vendor to your own platform engineering team. Your team becomes the governance vendor, with all the compounding cost and none of the compounding revenue. For 90% of operators, paying Microsoft for governance is cheaper than paying their own engineers to build it. For the 10% with deep platform benches, the open stack is the right answer. Know which 10% you are before you make the call.
Three things to do this quarter.
01 · Audit your existing Microsoft footprint before evaluating any agentic platform. If you are running Entra ID for identity, Purview for compliance, and Microsoft 365 across the workforce, your default agentic stack is already chosen — Copilot Studio + AI Foundry + Entra Agent ID. The exercise is not “evaluate options”; it is “ratify the default and structure the deployment.”
02 · If you are not Microsoft-aligned, decide deliberately which governance primitives you will own. The four primitives — identity, lineage, policy enforcement, scope — are non-negotiable. If you are not buying them from Microsoft, you are building them. Name the team that will own each primitive, fund them as platform engineering hires (not application engineers), and budget the maintenance cost over a 5-year horizon, not 12 months.
03 · Resist the “best-of-breed” impulse. The temptation to pick the “best” tool for each layer — best model, best orchestration, best identity — produces a stack with seams where the governance fabric falls through. The Microsoft estate compounds because the seams are owned by the platform vendor. Best-of-breed compounds in the opposite direction.
SALT’s position-review rhythm grades published positions against subsequent reality.