Part 3: Wiring It Into AWS DevOps Agent — AgentSpace, register-service, and the IAM Trust Policy That Ate My Afternoon
Part 1 framed why an org-aware DevOps agent has to bridge state and intent. Part 2 built the MCP server that holds the intent half. This post is the integration story — the CDK that takes that Lambda from "callable with curl" to "AWS DevOps Agent calls it automatically when an alarm fires." Most of what's interesting in Part 3 is the IAM. AWS DevOps Agent is new enough that the trust-policy ergonomics aren't documented well, and a few of the moves you have to make are non-obvious. I'll show the
Comment
Sign in to join the discussion.
Loading comments…