Platform EngineeringJuly 13, 2026· 12 min read

Avoiding Vendor Lock-In Across OpenAI, Anthropic, and Bedrock

Enterprises that wire their applications directly to OpenAI, Anthropic, or Bedrock are making a bet on one vendor's pricing, roadmap, and availability. Here is how the lock-in happens — and the architectural pattern that eliminates it.

Kosmoy Team

Engineering & Product


Three years ago, picking one AI provider and integrating it deeply felt like a reasonable engineering decision. The models were meaningfully different in capability, the tooling was immature, and the cost of switching — rewriting API calls, re-testing every integration, retraining users on different response styles — seemed to outweigh the speculative benefit of flexibility.

That calculus has changed.

The frontier model market has converged. OpenAI, Anthropic, and Amazon Bedrock all offer large multimodal models capable of handling most enterprise workloads. Smaller open-weight models have closed the gap on constrained, well-defined tasks. The cost spread between providers on equivalent workloads has widened to the point where routing decisions have measurable P&L impact. And model deprecations — GPT-3.5 Turbo removed, Claude 2 sunset, Bedrock model versions cycling — have made clear that "we'll deal with provider changes when they happen" is not a strategy. It is deferred technical debt with an unpredictable due date.

Enterprises that wired their applications directly to a single provider's API have discovered what every enterprise discovers eventually when it builds directly on a vendor's proprietary interface: the vendor's decisions become your operational constraints. Price increases are absorbed immediately. Model deprecations trigger emergency engineering cycles. Capability gaps require workarounds because switching is expensive. Procurement negotiations lack leverage because the cost of walking away is prohibitive.

The architectural pattern that avoids this is not complicated. But implementing it requires understanding exactly how vendor lock-in happens in the LLM context — because it operates differently from classic software vendor lock-in.


How LLM Vendor Lock-In Actually Happens

Classic software vendor lock-in is mostly about data formats, proprietary file types, and migration costs. LLM vendor lock-in has a different profile. It accumulates through four mechanisms, usually simultaneously.

1. Hardcoded API endpoints and authentication

The most obvious form: the provider's base URL, authentication headers, and client SDK are embedded directly in application code. Every team that builds an LLM integration makes this choice individually. The result, eighteen months into serious AI adoption, is that the provider's endpoint appears in dozens of codebases owned by different teams — some maintained, some not, some documented, some not.

Switching providers at this point is not one migration. It is N migrations, coordinated across N teams, with N different test suites, on N different timelines.

2. Provider-specific request and response schemas

Despite OpenAI's API surface becoming a de facto standard that most providers support in some form, meaningful differences remain. Function calling schemas differ between providers. Tool use syntax varies. System prompt handling behaves differently across Claude, GPT-4, and Bedrock-hosted models. Response metadata — token counts, finish reasons, latency breakdowns — is structured differently.

Teams that build production logic against provider-specific response fields — parsing token counts, handling specific finish reason codes, relying on particular streaming behaviors — have embedded provider assumptions throughout their application logic. Switching providers requires finding and changing every assumption.

3. Proprietary features and abstractions

Each major provider has capabilities that are not available elsewhere, and that enterprises are encouraged to build on: OpenAI's Assistants API with persistent thread management, Anthropic's extended thinking mode, Bedrock's Knowledge Bases and native agent runtime. These are genuinely useful capabilities — but building production workflows on top of them creates dependencies that are expensive to replace.

The pattern is consistent across enterprise software history: the proprietary feature that solves a problem elegantly in year one becomes the migration obstacle in year three when the procurement relationship turns or the capability landscape shifts.

4. Model-specific prompt engineering

This is the most underestimated form of lock-in. Claude responds differently to system prompts than GPT-4. Gemini handles multi-turn context differently than both. A prompt library — few-shot examples, system instructions, chain-of-thought templates — optimized for one model does not transfer cleanly to another. In production, where prompt engineering is embedded in application logic and tied to tested output quality, migrating to a different model is not just an API change. It is a re-optimization problem that requires evaluation infrastructure and regression testing.


The Specific Lock-In Mechanics of OpenAI, Anthropic, and Bedrock

Each of the three dominant enterprise AI providers creates lock-in through a slightly different mechanism. Understanding the specifics clarifies what mitigation looks like.

OpenAI

OpenAI's lock-in is primarily architectural: the Assistants API, with its managed thread storage, built-in retrieval, and persistent run state, is a genuinely convenient abstraction for building conversational AI products. The convenience is real. So is the dependency. Thread state, file storage, and vector store contents live on OpenAI's infrastructure. Migrating a production assistant to a different provider requires exporting that state, rebuilding the retrieval layer, and reimplementing the run management logic that the Assistants API currently handles.

Beyond the Assistants API, OpenAI's deprecation cadence has been aggressive. GPT-3.5 Turbo variants have been deprecated and removed on relatively short notice. Organizations running production workloads on specific GPT model versions have been forced into emergency upgrades with limited testing windows. The implicit promise — that a specific model version would remain available as long as you needed it — has not always held.

Anthropic

Anthropic's lock-in is more subtle and, for many enterprises, more insidious: it is cognitive. Claude's response style, its handling of instructions, its refusal behavior, and its reasoning verbosity are meaningfully different from OpenAI's models. Teams that have worked extensively with Claude develop workflows, evaluation criteria, and user expectations calibrated to Claude's behavior. Switching to a different model does not just require API changes — it requires re-evaluating every production workflow against the new model's behavior and potentially re-engineering prompts that relied on Claude-specific characteristics.

Claude 2's sunset also demonstrated that Anthropic's model availability timeline is not indefinite. Organizations that built integrations on Claude 2 without an abstraction layer faced the same emergency migration cycle that OpenAI's deprecations created.

Amazon Bedrock

Bedrock's lock-in mechanism is the deepest, because it is infrastructural. Bedrock is not just a model API — it is an ecosystem. Knowledge Bases, Bedrock Agents, Bedrock Flows, Guardrails, and the model evaluation suite are all AWS-native services that integrate tightly with each other and with the broader AWS infrastructure fabric. An enterprise that builds its AI workflows on Bedrock Agents, stores its retrieval corpus in Bedrock Knowledge Bases, and enforces policies through Bedrock Guardrails has made a comprehensive bet on AWS's AI roadmap.

This is not inherently wrong — for organizations that are already deeply committed to AWS and have governance reasons to consolidate their AI spend there. But it means that the cost of introducing a non-Bedrock model or moving a workload off AWS is not just an API migration. It is a platform migration.

Bedrock also inherits the cloud provider lock-in dynamic: data egress costs, IAM integration, VPC connectivity assumptions, and CloudWatch observability are all woven through a production Bedrock deployment. Untangling them is non-trivial.


The Cost of Being Locked In

Lock-in does not impose costs uniformly. The costs manifest at specific moments, usually inconveniently.

Price increase absorption. When a provider raises prices — as OpenAI has done multiple times for API access — organizations with no routing flexibility absorb the increase immediately across their entire AI workload. Organizations with a gateway and multi-provider routing can shift price-sensitive workloads to lower-cost alternatives within hours.

Model deprecation cycles. When a model version is deprecated, the migration is not optional. It must happen by the deprecation date. If the application is wired directly to the deprecated endpoint, every team running workloads on it must coordinate migration simultaneously — often under time pressure that prevents adequate testing.

Capability gaps. When a new model from a different provider significantly outperforms the incumbent on a specific task — a new coding model, a new long-context model, a new reasoning model — locked-in organizations cannot take advantage without triggering a migration. The capability gain is visible; the switching cost prevents capturing it.

Procurement leverage. Enterprise AI contracts with major providers are increasingly significant budget line items. Organizations with genuine multi-provider routing capability can credibly threaten to shift workloads during renewal negotiations. Organizations that cannot switch have no leverage. The provider knows it.

Regulatory requirements. As AI regulation matures, data residency and sovereignty requirements may require routing specific categories of data to specific infrastructure configurations. An organization locked into a single provider cannot adapt to evolving requirements without a major re-architecture.


The Architecture That Eliminates Lock-In: The AI Gateway

The solution to LLM vendor lock-in is the same solution that resolved API vendor lock-in in the service-oriented architecture era: an abstraction layer that decouples the consuming applications from the providers they consume.

In the LLM context, this abstraction layer is the AI Gateway.

An AI Gateway sits between every application and every model provider. Applications call the gateway using a single, stable API — typically OpenAI-compatible, so existing code requires no changes. The gateway routes each request to the appropriate downstream provider based on configurable rules. When a provider changes its pricing, deprecates a model, or is temporarily unavailable, the routing configuration changes at the gateway. The applications are unaffected.

This architecture resolves each of the four lock-in mechanisms:

Hardcoded endpoints become gateway configuration. Applications have one endpoint: the gateway. The provider's endpoint is a routing target in the gateway's configuration. Changing providers means changing a routing rule, not touching application code.

Provider-specific schemas are abstracted. The gateway handles translation between the OpenAI-compatible request format that applications send and the provider-specific format that each downstream model expects. Response normalization works in reverse: provider-specific response structures are mapped to a consistent schema before being returned to the application. Applications never see provider differences.

Proprietary feature dependencies are isolated. Workloads that genuinely require provider-specific features — OpenAI thread management, Bedrock Knowledge Bases — can continue to use them, routed explicitly through the gateway. The gateway does not force a lowest-common-denominator API surface. It provides a unified routing layer while preserving access to the full capability surface of each provider.

Prompt optimization is model-aware. A well-implemented gateway can maintain model-specific prompt templates that are applied at routing time. Applications send a canonical prompt; the gateway applies provider-specific formatting before forwarding. Model-level prompt optimization is centralized and versioned, not embedded in application code.


What Intelligent Routing Enables

Beyond eliminating lock-in, a well-configured AI gateway makes routing an active optimization surface rather than a static integration choice.

Cost routing. Route price-sensitive, high-volume, lower-complexity tasks to cost-optimized models. Reserve frontier models for genuinely complex tasks. A routing rule that sends 70% of summarization traffic to a cheaper model while preserving quality can reduce AI spend significantly without visible quality regression.

Capability routing. Route coding tasks to the model that benchmarks best on code generation. Route long-document analysis to the model with the largest reliable context window. Route latency-sensitive real-time applications to the fastest model. Each request goes to the best tool for the job.

Availability routing. When a provider has an outage or elevated latency, traffic can be automatically rerouted to an alternative. For production-critical AI workloads, provider redundancy through gateway routing is the AI equivalent of multi-region deployment.

Compliance routing. Route requests containing personal data to EU-resident model endpoints. Route requests subject to specific regulatory frameworks to approved model configurations. Data residency and sovereignty requirements become routing rules, not architectural constraints.


Avoiding Lock-In Without Sacrificing Depth

A common objection to multi-provider architectures is that they force a lowest-common-denominator approach: by trying to stay compatible with everything, you get the best of nothing.

This objection misunderstands the architecture. A gateway with intelligent routing does not prevent any workload from using provider-specific capabilities. It provides a unified interface for workloads that do not require provider-specific capabilities, and explicit routing to provider-specific endpoints for workloads that do. The governance and observability layer applies to all traffic regardless.

The right framing is not "generalist vs. specialist." It is "informed choice vs. accidental dependency." An organization that runs Claude exclusively because they evaluated the alternatives and Claude is genuinely best for their workloads has made a deliberate decision. An organization that runs Claude exclusively because switching costs are prohibitive is locked in. The architecture — AI Gateway with multi-provider routing — makes the choice deliberate. It does not prevent depth; it prevents accidental dependency.


How Kosmoy Implements Provider-Agnostic AI Routing

The Kosmoy AI Gateway provides a unified, OpenAI-compatible API surface that routes traffic across OpenAI, Anthropic, Amazon Bedrock, Google Gemini, Azure OpenAI, and self-hosted open-weight models — from a single configuration layer, without application changes.

OpenAI-compatible surface. Existing applications calling OpenAI endpoints can point at Kosmoy instead, with no code changes required. The gateway handles translation to whatever downstream provider the routing rules specify.

Model-level routing rules. Traffic can be routed by cost budget, model capability tier, data classification, team, latency target, or provider availability. Rules are configured at the gateway and applied in real time. Changing a routing rule takes seconds and affects all traffic immediately.

Automatic failover. If a provider returns errors or elevated latency, Kosmoy can automatically reroute traffic to an alternative within the same latency budget.

Unified cost attribution. Token consumption and cost are tracked per provider, per model, per team, and per use case — regardless of which provider served the request. Total AI spend visibility does not require per-provider billing reconciliation.

Unified policy enforcement and audit log. Guardrails, PII screening, content policies, and compliance rules apply uniformly to all traffic, regardless of the downstream provider. Every interaction is logged in a single, structured audit trail — provider changes do not reset or fragment the compliance record.

Self-hosted deployment. Kosmoy runs in your own Kubernetes on Azure, AWS, GCP, or on-prem. The routing layer stays inside your infrastructure perimeter regardless of which cloud hosts the model you are routing to.

The gateway is part of the broader Kosmoy platform, which also provides AI Inventory for centralized model and agent registration, Mission Control for fleet-wide observability, and Action Capsules for autonomous agent sandboxing.


Frequently Asked Questions

What is LLM vendor lock-in? LLM vendor lock-in is the condition in which an organization's AI infrastructure is so tightly coupled to a single model provider that switching providers — or adding new ones — requires significant engineering effort across multiple systems. It accumulates through hardcoded API endpoints, provider-specific request and response schemas, proprietary feature dependencies, and model-specific prompt optimization embedded in application logic.

How does an AI Gateway prevent vendor lock-in? An AI Gateway sits between applications and model providers. Applications call the gateway using a single, stable API. The gateway routes requests to the appropriate downstream provider. When a provider changes — due to pricing, deprecation, capability, or compliance requirements — only the routing configuration changes. Applications are unaffected. Provider-specific schemas are translated by the gateway, and the audit and governance layer remains consistent regardless of which provider serves the request.

Is OpenAI lock-in different from Bedrock lock-in? Yes. OpenAI lock-in is primarily in the Assistants API abstractions — persistent thread state, managed retrieval, and run management that live on OpenAI's infrastructure. Bedrock lock-in is deeper and more infrastructural — the full ecosystem of Bedrock Agents, Knowledge Bases, Guardrails, and IAM/VPC integration creates a comprehensive AWS dependency. Anthropic's lock-in is more cognitive — Claude's distinct behavior, instruction handling, and refusal patterns mean that prompt libraries and evaluation criteria are calibrated to Claude specifically and do not transfer cleanly to other models.

Does using an AI Gateway mean we have to give up provider-specific features? No. A well-implemented AI Gateway routes traffic to provider-specific endpoints for workloads that require provider-specific features, while providing a unified interface for workloads that do not. The gateway does not force a lowest-common-denominator API surface. It makes provider-specific feature usage explicit and intentional rather than accidental and difficult to reverse.

What is the difference between intelligent LLM routing and simple load balancing? Load balancing distributes traffic uniformly across identical or equivalent targets. Intelligent LLM routing sends each request to the most appropriate model based on its characteristics — cost, complexity, latency requirement, data classification, capability requirement. The routing logic is semantic, not structural, and it can be updated in real time as provider pricing, model capabilities, or organizational requirements change.

How do model deprecations affect organizations with an AI Gateway? When a model version is deprecated, organizations with an AI Gateway change a routing rule to redirect traffic to the replacement model. If the gateway handles prompt adaptation, the application code is unaffected entirely. Without a gateway, the same event requires coordinated changes across every application that called the deprecated model — often under time pressure and without adequate testing windows.

Can an AI Gateway route to self-hosted or private models? Yes. The Kosmoy AI Gateway supports routing to any model endpoint, including self-hosted open-weight models deployed in your own infrastructure. This is a requirement for regulated industries where certain data categories cannot be sent to commercial providers, and for organizations that want to use open-weight models for cost optimization without giving up the governance layer that a gateway provides.

What should we look for in an AI Gateway to avoid lock-in? An OpenAI-compatible API surface (so existing integrations require no changes), support for the providers and model families you need, intelligent routing with configurable rules, unified cost attribution across providers, consistent policy enforcement and audit logging regardless of the downstream provider, and self-hosted deployment options. The gateway itself should not create the lock-in it exists to prevent — which means avoiding proprietary gateway SDKs or formats that are not portable.

llm-gatewayai-gatewayvendor-lock-inopenaianthropicbedrockmulti-llmenterprise-ai

See how Kosmoy works

Discover how enterprises govern, secure, and optimize AI at scale.

Or email sales@kosmoy.com.