The gap between "talking about agents" and actually building them is massive right now.
Most people stop at the chatbot wrapper stage and call it an agent. Building something that actually responds to real incidents with real consequences is a completely different problem.
Curious how you handle the trust layer. When the agent recommends an action during an incident, what's the human override flow look like?
I wouldn't give any AI access to change things in production.
Most cloud providers already handle Identity and Access Management, which controls who can access and how they can access. In my team, nobody can access production with an admin role without peer approval (or a high-severity incident)
What I do is give my AI agent view-only credentials and write-permissions to tickets. The worst scenario is that my AI reads something from production, misinterprets it, and posts a wrong comment in a ticket... So it's pretty much harmless.
Current cloud providers also allow for automated triggers (even before AI). Things like auto-scaling your compute or DB once you receive more traffic. I think the future of AI will be similar to this: give AI the ability to take action on controlled things like scaling out, but don't give it permissions to anything. Still, I think it's very early to trust AI with any write permissions
The gap between "talking about agents" and actually building them is massive right now.
Most people stop at the chatbot wrapper stage and call it an agent. Building something that actually responds to real incidents with real consequences is a completely different problem.
Curious how you handle the trust layer. When the agent recommends an action during an incident, what's the human override flow look like?
I wouldn't give any AI access to change things in production.
Most cloud providers already handle Identity and Access Management, which controls who can access and how they can access. In my team, nobody can access production with an admin role without peer approval (or a high-severity incident)
What I do is give my AI agent view-only credentials and write-permissions to tickets. The worst scenario is that my AI reads something from production, misinterprets it, and posts a wrong comment in a ticket... So it's pretty much harmless.
Current cloud providers also allow for automated triggers (even before AI). Things like auto-scaling your compute or DB once you receive more traffic. I think the future of AI will be similar to this: give AI the ability to take action on controlled things like scaling out, but don't give it permissions to anything. Still, I think it's very early to trust AI with any write permissions