STUB. This is the plumbing layer, not the governance layer. The part that actually matters for keeping an AI from leaking data is entitlement-aware-rag — read that page. This page exists to name the slot.
Business objective
The systems of record an AI assistant reads from: where your knowledge actually lives — the SharePoints, Drives, and wikis the model retrieves from when answering. By itself, “content sources” is just your existing enterprise document estate. It becomes an AI concern the moment a RAG pipeline or assistant is pointed at it, because the AI inherits whatever access (and whatever permission sprawl) those repositories already carry.
When you need it
Day-1 if you are doing RAG — but only in the trivial sense that you already have these systems. You are not buying a “content source”; you are deciding which existing repositories an assistant is allowed to index, and confirming their permission models are clean before you connect them. The real Day-1 work is the entitlement layer on top, not the repositories themselves.
Security role
This layer is the sensitive data — not a control, but the asset the controls protect. Content sources sit in the green/yellow zone (internal systems of record). Connecting an assistant to them without an entitlement-aware retrieval layer is how internal documents end up exposed to an untrusted prompt; the preventive control lives in the retrieval layer, not here.
Vendors
These are infrastructure/systems of record, not a competitive survey shortlist:
- sharepoint — SharePoint / OneDrive; the dominant enterprise document store and the default corpus for Microsoft-centric RAG.
- confluence — Atlassian wiki; common engineering and internal-knowledge source.
- google-drive — Google Workspace document store; the Google-shop equivalent of SharePoint/OneDrive.
(Plus everything else with an API: ticketing systems, CRMs, file shares, data warehouses.)
Consolidation / M&A dynamics
N/A — these are incumbent platform vendors (Microsoft, Atlassian, Google), not a churning startup category.
Adjacent categories
- entitlement-aware-rag — the governance layer that decides which of these documents a given user’s query is allowed to see. The part that matters.
- vector-retrieval — the index built on top of these sources.
- data-access-governance — the audit of who can open which file before an AI ever indexes it; the cleanup you do here pays off directly in RAG safety.
- dspm — knows where the sensitive data inside these sources actually lives.
Survey
Folded into the enterprise-ai-assistant / entitlement-aware-rag survey questions. No standalone survey question — respondents do not “evaluate and select” SharePoint vs Google Drive as an AI decision; they already own one.
Open taxonomy questions
- Whether this slot deserves a page at all, or should be a section inside entitlement-aware-rag. Kept separate to mirror the seed doc’s layer-cake row, but it carries no buying decision of its own.