Pulumi today revealed it is now making available in preview a set of artificial intelligence (AI) agents to its namesake infrastructure-as-code (IaC) platform that are capable of diagnosing issues and autonomously completing tasks when permitted.
Company CEO Joe Duffy said Pulumi Neo adds a set of AI agents specifically trained to automate the management of IT infrastructure using data collected by Pulumi. In effect, Pulumi Neo adds a member to the DevOps team that understands dependencies, executes changes, monitors outcomes, and maintains compliance throughout the entire infrastructure lifecycle, he added.
Neo is designed to enable DevOps teams to launch short- or long-running tasks with approvals and interactive guidance provided in a way that adheres to the policies enforced by the Pulumi platform, said Duffy. It also provides a complete history of which tasks were automated to enable organizations to meet compliance requirements, he noted. In effect, Neo becomes a digital member of the platform engineering team, added Duffy.
Each DevOps team will need to decide for themselves to what degree to rely on AI agents to automate tasks. In the case of Neo, for example, DevOps teams can use it to simply generate optimization suggestions or alternatively autonomously perform tasks based on permissions that have been assigned.
Additionally, Neo will also analyze the underlying IT platforms being used to run certain classes of workloads, which may lead to it recommending, for example, that certain cloud-native application be migrated from Kubernetes to a simpler environment such as the Elastic Container Service (ECS) from Amazon Web Services (AWS).
Finally, Neo has also been included in the Model Context Protocol (MCP) server developed by Pulumi, which means AI coding tools can invoke it as well to create agentic AI workflows that conform to a set of best DevOps teams.
It’s not clear how rapidly DevOps teams are embracing AI agents to automate tasks, but as they do the overall level of toil encountered should continue to be reduced. Early adopters of Neo such as Werner Enterprises are, for example, reporting they reduced infrastructure provisioning time from three days to four hours while both maintaining SOC 2 compliance and enabling development teams to ship features 75 percent faster.
Hopefully, as AI agents become more pervasively employed the number of misconfigurations leading to cloud security incidents will decline. While application developers routinely use IaC tools to provision cloud platforms, they don’t always have the greatest appreciation for best DevSecOps practices, which can lead to ports through which data can be exfiltrated being left wide open.
Of course, it might be a while yet before DevOps engineers are completely comfortable with AI agents but given the volume of workloads that will need to be deployed in the AI era the need for those agents is already apparent. The issue, as always, is making sure that whatever winds up being automated can also be undone should, for whatever reason, the AI output being provided winds up being worse than the proverbial disease it was meant to cure.
