Exploring options, want your input before we decide
I want to bring you into a conversation that has reached a point where your input is critical before we proceed. Let me first give you the full picture of where we are, and then put the strategic questions to you.
Where We Are
We have been in active conversations with GCP about potentially migrating from AWS to GCP. GCP is supportive — $100k in credits is confirmed, with a realistic path to $300k–$500k over 24 months by stacking their startup, AI, and ISV programmes. This changes the economics meaningfully.
The migration question has also surfaced a bigger one: if we are moving infrastructure anyway, this is likely the natural moment to incorporate higher AI capability and scale into the architecture from the start — rather than migrating like-for-like and retrofitting intelligence later. The two questions are therefore connected: whether to migrate, and how ambitious to be about what we build when we do.
I am not asking you to design or build anything yet. I am asking whether these directions are technically sound and what we would be getting ourselves into.
The GCP Migration — Service Mapping
GCP has reviewed our current stack and provided a service-by-service assessment. The proposed mapping is:
- Aurora PostgreSQL → AlloyDB (pgvector supported — no change to vector search approach)
- Lambda → Cloud Run (better fit for long-running AI workloads, no cold start penalty on 30s+ reasoning chains)
- EventBridge → Pub/Sub + Eventarc
- DynamoDB → Firestore
- Cognito → Firebase Auth (flagged as highest-risk migration item)
- API Gateway → Cloud API Gateway
- AWS IoT Core → ClearBlade IoT Core — Google's official drop-in replacement, GCP Marketplace, maps directly to our existing JWT webhook auth pattern from the MQTT-Authorizer Lambda
Non-Negotiable: Globally Distributed Architecture
us-central1orus-east1— US enterprise customers (S7, US-based corporates)europe-west1oreurope-west4— EU customers + GDPR data residency enforcementafrica-south1(Johannesburg) — SA/African customers + POPIA compliance + sub-20ms SA latency
tenant_id on all queries) by adding region as an equally mandatory routing dimension, enforced at the API Gateway layer before any query executes.
The AI Opportunity — Built In, Not Bolted On
If we are rebuilding on GCP, the case for going AI-native from the start is strong. The GCP services we are migrating to — Cloud Run, Pub/Sub, AlloyDB with pgvector — are exactly the right substrate for an agentic architecture. Building it in now costs significantly less than retrofitting after the fact.
The concept is to evolve Pulse Next from a passive dashboard into an autonomous duty-of-care intelligence system, built on five specialist agents coordinated by a central orchestrator:
- Risk Intelligence Agent — ingests threat feeds, advisories, and news; maintains real-time risk scores per country per org; operates on a 72-hour forward simulation horizon
- Traveller Monitor Agent — tracks each active traveller against their org's risk thresholds; flags deviations, missed check-ins, travellers in deteriorating zones; queries regional AlloyDB only
- Comms Agent — drafts and sends alerts when thresholds breach; multi-channel (push, SMS, email); tone-matched to severity
- Incident Response Agent — activates playbook steps when an incident is declared; full immutable audit log; coordinates with Comms Agent
- Playbook Agent — interprets each tenant's natural-language duty-of-care policy at runtime; no hard-coded rules per tenant; pgvector semantic policy lookup
Orchestrated by a central Duty-of-Care Orchestrator with an approval queue: AI proposes, human approves high-stakes actions (mass alerts, incident declarations, SOS escalations). Agents act autonomously below a configurable confidence threshold.
LLM strategy: Gemini Flash for high-volume routine monitoring (cost-efficient). Claude Sonnet for critical reasoning paths where quality matters.
On the regional architecture for the agent layer, two options are in play:
One central Duty-of-Care Orchestrator (US) with regional Traveller Monitor Agents querying their local AlloyDB instances. Lower complexity, but the orchestrator becomes a cross-region dependency.
Complete agent stack per region, coordinated via Pub/Sub global event bus. Cleaner compliance story, more infrastructure to build and manage. Right for scale, heavier to start.
How Far Should We Go with AI?
The migration creates a natural forcing function. Once we are on GCP, the question is not whether to add intelligence — it's where on the spectrum to land for the initial build. Three positions:
AWS → GCP, same logic, different cloud. Safest. Least disruption. Least value. We arrive at GCP with the same product we left AWS with.
Migrate first, then layer in AI where the risk is low and the value is immediate — risk scoring, proactive briefings, natural language queries, smart alerts. No agentic orchestration yet. Pragmatic middle ground that delivers product differentiation without the full architectural commitment.
Orchestrator + five specialist agents + approval queue from the start. Highest long-term value. Highest build complexity. Requires the architecture above to be the migration target, not an afterthought. Building it in now is significantly cheaper than retrofitting.
Support Available to Us
Before asking what this costs, it's worth being clear on what support we have access to:
Realistic path to $300k–$500k over 24 months stacking: Google for Startups, Vertex AI Startup Credits, ISV Advantage, AI/ML Accelerator programmes. Our GCP partner contact (Urud Abdulkafi, xWF) is the route to unlocking these.
GCP can assign migration engineers for the AWS → GCP lift. This is part of the POC engagement model with Urud. Reduces the migration burden on our engineering team materially.
As a GCP Marketplace product, ClearBlade has documented migration paths specifically for AWS IoT Core customers. Direct vendor support is available. This de-risks the MQTT transition.
Dedicated support for AI workloads on Vertex. Includes access to Gemini Flash, Claude Sonnet (via Google Cloud), Vertex AI Embeddings, and Vector Search — all on the credit stack.
GTM Protection — This Cannot Delay Go-Live
Two parallel track models are in scope for Boris and Dohan's assessment:
V2 on AWS continues to serve all existing contracts unmodified. Pulse Next GCP is a clean parallel build — no shared infrastructure, no dependency. New contracts go live on GCP once it's ready. V2 is feature-frozen (not decommissioned) until migration is complete and validated. This protects GTM completely but requires the team to run two environments simultaneously.
Migrate V2 infrastructure to GCP first (no feature changes — same product, different cloud). Once stable, build the AI layer on top. Risk: migration complexity can bleed into GTM timelines if the infrastructure migration takes longer than expected. Lower parallel overhead, higher schedule risk.
Architecture Diagram — For Technical Review
Pulse Next — Agentic Architecture
GCP Multi-Region · Three Serving Regions · Five Specialist Agents · Human-in-the-Loop
JWT webhook auth
Live news · Weather
Booking APIs · Itinerary feeds
Approval actions
CCPA
GDPR · Data residency enforced
POPIA · Sub-20ms SA latency
tenant_id + region. EU tenant data never leaves europe-west1. Enforced at API Gateway before any query executes.
Risk score per country/org
72-hr forward simulation
Gemini Flash
Deviations, missed check-ins
Deteriorating zone alerts
Regional AlloyDB only
Push · SMS · Email
Tone-matched to severity
Delivery confirmation loop
Coordinates Comms Agent
Immutable audit log
Claude Sonnet
Per-tenant at runtime
No hard-coded rules
pgvector semantic lookup
Eventarc triggers Cloud Run
Replaces EventBridge
Semantic search on incidents
+ threat corpus
Replaces Aurora PostgreSQL
Traveller location cache
Replaces DynamoDB
Risk intelligence aggregation
US + EU multi-region datasets
⚠ Highest migration risk
Plan carefully
Approval queue · Broadcast
Incident command
"Where are my travellers in Turkey?"
Daily digest · Pre-travel risk summary
in plain language
Playbook Agent interprets at runtime
SOS · Check-in · AI Twin
Risk scoring · Classification
Cost-optimised path
Incident response decisions
Quality-optimised path
Policy semantic search
pgvector on AlloyDB
Migration path from pgvector
when volume justifies
Strategic Considerations — Where I Need Your Input
At this juncture, before any decision is made, I want your honest technical read:
- Does the overall GCP migration direction make sense, or are there landmines in the service mapping we have not accounted for?
- Three-region from day one — what does this realistically add to complexity and cost? Any specific gotchas with regional AlloyDB and our write-back patterns?
- ClearBlade for MQTT — any red flags given our existing JWT webhook auth logic? Does the mapping hold in practice?
- How far do we go with AI? Level 1 (like-for-like), Level 2 (AI-augmented), or Level 3 (fully agentic)? Is the answer different for the migration phase vs the product build phase? Your honest read on where the right risk/value trade-off sits right now.
- If we go Level 3 — is the agentic architecture technically feasible on this foundation, and what is the order-of-magnitude effort? Not a full estimate, just a directional read.
- Option A vs Option B on regional agent orchestration — what would you do and why?
- GTM protection — Track A or Track B? Is running V2 (AWS) in parallel alongside a clean Pulse Next GCP build viable without compromising either? What is the minimum realistic resource requirement to do that? If Track A is not viable, what's the alternative that still honours existing go-live commitments?
- What is the right build sequence — migration scaffolding first, then AI layer on top, or does the agentic architecture need to drive the migration decisions from the start?
Dohan, given your depth on the technical delivery side, your read on sequencing and feasibility carries particular weight here.
Happy to jump on a call together or get your thoughts in writing — whatever is faster for you.
Marlize