Ahh. To clarify, changes like granting users access would be done by our agent modifying IaC, so you would still have to manually apply the changes. Every potentially destructive change being an IaC change helps allow the humans to always stay in the loop. This admittedly makes the agents a little more annoying to work with, but safer.

▲

Kwpolska 2 days ago | parent [-]

So you’re modifying Terraform? How is your tool better than just using an AI-enabled IDE and asking it to apply the change?

How is the auto-revoke handled? Will it require human intervention to merge a PR/apply the Terraform configuration, or will it do it automatically?

▲

nickpapciak 2 days ago | parent [-]

Lots of people have asked us this! We try to do more than just being an AI-enabled IDE by giving the agent access to your infrastructure and observability tools. So you can query over your AWS, get information about metrics over the past few days, etc etc. We also plan to integrate with more DevOps tools as our customers ask for them. We also try to be less like an IDE, and more like an autonomous agent. We've noticed that DevOps engineers actually like being engineers, and enjoy some infrastructure tasks, while there are others that they would rather automate away. Not sure if you have experienced this sentiment?

Also, auto-revoke right now can be handled by creating a role in Terraform that can be assumed and expires after a certain time. But we’re exploring deeper integrations with identity providers like Okta to handle this better.

	▲	OliverGuy 2 days ago \| parent [-]
		I can put some AWS Creds in my terminal and Claude Code is perfectly happy writing AWS CLI commands (or whole python scripts if necessary) to work out what it needs to about my infrastructure.