Skip to main content

What DevOps Genie Does

DevOps Genie helps engineering teams understand, secure, and automate cloud infrastructure from one product. It combines read-only cloud scanning, compliance reporting, an AI Assistant, and an optional in-cluster agent for infrastructure automation.

Product model

PartCustomer value
Hosted DevOps Genie platformConnect cloud accounts, run scans, review findings, track compliance, manage users, and use the AI Assistant.
Cloud account connectionsGive DevOps Genie read-oriented access to AWS, GCP, or Azure so it can discover resources, detect misconfigurations, and calculate compliance posture.
DevOps Genie AgentOptional Kubernetes agent for workflows that need customer-environment execution, such as Terraform generation, Kubernetes manifests, CI/CD pipeline generation, and cost optimization.
Customer repositoriesInfrastructure and deployment changes are delivered through pull requests so your team stays in control.

What you can do without the agent

You can start with only a cloud account connection:

  • Discover cloud resources and risk posture.
  • Review security findings by severity.
  • Open Security > High Risk for triage.
  • Review compliance framework scores.
  • Use the AI Assistant for questions and read-only product data queries.

What the agent unlocks

Deploy the DevOps Genie Agent when you want workflows that run from your infrastructure boundary:

  • Generate Terraform for connected cloud resources.
  • Generate Kubernetes manifests and deployment pull requests.
  • Generate CI/CD pipeline configuration.
  • Analyze cost opportunities and propose changes.

The agent connects outbound to DevOps Genie. You do not need to expose inbound access to your cluster for the agent to work.

Human-in-the-loop automation

DevOps Genie is designed around reviewable changes:

  1. You describe the task in the AI Assistant.
  2. DevOps Genie checks the configured integrations and capability readiness.
  3. The agent performs the supported inspection or generation task.
  4. Changes are proposed through a pull request when repository access is configured.
  5. Your team reviews, approves, and merges through your normal process.

Data and access boundaries

DevOps Genie stores product data such as connected account metadata, scan history, findings, compliance state, and conversation history. Cloud credentials used for platform-side scanning are encrypted. Agent-side credentials and VCS tokens stay in your Kubernetes environment when you configure the agent to use your own Secrets or secret manager.

For details, see Trust, Data, and Access Model.