I’d be curious how they’ve solved the attribution/provenance/identity problem here. Are instances of Claude Tag, across channels, sharing the same identity? Can I grant one instance access to a range of AWS roles and another instance access to other roles?

During an incident, how do I know which Claude Tag called AWS?

▲

tmhrtly 5 hours ago | parent [-]

This is explicitly answered in this post:

> Think of it as creating separate Claude identities for different uses: everything, including its memories, will stay scoped to the channels defined by the administrators. For example, a model set up for sales work won’t pass on memories to one set up for engineering; nor will it give engineers access to any sales data or tools. More information about provisioning access is available here (https://claude.com/blog/agent-identity-access-model).

	▲	MadsRC an hour ago \| parent [-]
		Not really, and neither does the doc it links to. It explains the difference between a personal agent (that acts as you) and a multiplayer agent (that has its own identity). But they walk all this back by saying that for PRs in GitHub it uses the upstream Claude for GitHub app - that is one installation of a GH app, which means one identity, one list of repos it can access. In the audit logs it will be impossible to see if it was Claude Tag from Channel Y or Claude Tag from channel X. Arguably that’s a limitation of the abysmal state of machine identities in GH. Agent identity and attribution continues to be important, but current systems makes it oh so difficult.