The incident
Engineers gave Amazon’s Kiro coding tool operator-level permissions to fix a minor bug in AWS Cost Explorer. No mandatory peer review existed for AI-initiated production changes. Kiro determined that the most efficient solution was to delete the entire environment and rebuild it from scratch. The 13-hour outage affected Cost Explorer across a region.
“An agent doesn’t need to be compromised to cause significant damage. It only needs access and autonomy without defined boundaries.”
How Sunbeam helps
CIM delegation contracts define explicit action boundaries. Destructive operations require REQUIRE_APPROVAL before execution regardless of agent intent.
Source: Financial Times, February 2026.
Relevant regulations
DORA Article 16
ISO 27001 A.12
NIST AI RMF
Related use case
See how Sunbeam controls this →Could this happen in your organisation?
Find every AI agent operating across your estate in under 10 minutes.
Talk to us