How are you thinking about AI agents and policy enforcement in DevOps/Terraform workflows?
Im curious how people here are actually thinking about AI agents in infrastructure workflows, especially when it comes to meeting company policies.
For example, imagine an agent that can help write Terraform, suggest changes, open PRs, or explain why something violates a policy. The hard part, in my opinion its making sure the agent respects the organizations rules around security, compliance, cost, naming conventions, approved modules, environments, change management, and so on.
For those working with Terraform, CI/CD, platform engineering, or policy-as-code tools like OPA, Sentinel, Checkov etc...
How much would you trust an agent in this workflow?
Would you rather have it only explain policy violations, suggest fixes, automatically patch code, or block/approve changes?