DEV Community

Suliman Abdulrazzaq
Suliman Abdulrazzaq

Posted on

I built an AI agent that understands your AWS infrastructure

#aws #devops #cloud #ai

Most teams managing AWS today don't rely on the CLI directly anymore.

Instead, infrastructure is usually managed using Infrastructure as Code (IaC) tools like Terraform, Pulumi, or CloudFormation.

IaC is great for defining infrastructure because it provides:

  • reproducibility
  • version control
  • predictable deployments

But even with IaC, engineers still face operational tasks like:

  • investigating infrastructure issues
  • understanding relationships between resources
  • making quick changes during incidents
  • handling repetitive operational tasks

These tasks often require jumping between the AWS console, documentation, logs, and infrastructure definitions.

That made me wonder:

What if an AI agent could understand your AWS infrastructure and help with those operational workflows?

So I built Zesky AI.

You can see it here:
https://zeskyai.com

Not a replacement for IaC

Tools like Terraform or Pulumi remain the best way to define infrastructure.

Zesky AI is not meant to replace IaC or the AWS console.

Instead, the goal is to assist with operational workflows around infrastructure.

Think of it more like an AI DevOps assistant that helps engineers understand and safely interact with their cloud environments.

How it works

Instead of navigating multiple dashboards or writing commands, you describe what you want in plain English.

Example:

"Open port 443 for my web server"

The system will:

  1. scan your AWS resources
  2. identify the relevant instance and security group
  3. check existing rules
  4. propose the correct change
  5. wait for your approval before executing

The key idea is that the system analyzes the infrastructure first before suggesting any action.

Why the resource-first approach matters

Many AI tools generate commands without understanding the real infrastructure.

But cloud environments are complex, and running the wrong command can break production systems.

That’s why the agent first analyzes resources such as:

  • EC2 instances
  • security groups
  • networking rules
  • VPC relationships

Only after understanding the environment does it suggest an action.

Example scenarios

Some situations where this might be useful:

  • investigating which security groups expose public ports
  • quickly allowing HTTPS access during deployment
  • understanding infrastructure relationships
  • performing repetitive operational tasks

Instead of navigating several AWS pages, the agent analyzes the environment and proposes the correct action.

You still review and approve everything before it runs.

Looking for feedback

Right now I'm mostly trying to understand one thing:

Would something like this actually be useful for AWS engineers?

If you work with AWS, DevOps, or cloud infrastructure, I’d really appreciate your feedback.

What kinds of infrastructure tasks do you find the most repetitive or time-consuming?

Top comments (0)