> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cloudgeni.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Commitment

> How Cloudgeni keeps agentic infrastructure work reviewable, bounded, auditable, and under customer control.

Cloudgeni gives agents infrastructure context without giving them deployment control.

## The Short Version

* **Agents do not deploy.** No direct apply, deploy, or production cloud mutation.
* **Cloud access is read-first.** Inventory, findings, resource context, and validation inputs.
* **Changes land as PRs.** Your team reviews, merges, and deploys.
* **Runs are scoped.** Selected repositories, integrations, tools, and organization data only.

## Architecture Overview

Four paths matter:

* **Customer environment:** users, Git providers, cloud accounts, and CI/CD stay under customer
  control.
* **Cloudgeni control plane:** the web app, CLI, API, queues, workers, storage, audit logs, and
  telemetry coordinate work.
* **Read-first cloud path:** Cloudgeni reads control-plane metadata, findings, resource
  relationships, and validation context.
* **Pull-request write path:** code changes are delivered through branches and pull requests, then
  deployed by customer CI/CD.

<Steps>
  <Step title="A task starts">
    A user prompt, schedule, webhook, scan result, drift item, or import request creates work.
  </Step>

  <Step title="Cloudgeni authorizes scope">
    The API resolves organization, workspace, repository, integration, and actor before dispatch.
  </Step>

  <Step title="A worker runs the agent">
    The agent receives selected context, task-specific tools, and an ephemeral run context.
  </Step>

  <Step title="Evidence is recorded">
    Session messages, tool output, scan state, credential usage, audit events, and telemetry are
    persisted for review.
  </Step>

  <Step title="The customer reviews the result">
    Infrastructure changes land as pull requests or other reviewable session output.
  </Step>
</Steps>

## Commitments

<AccordionGroup>
  <Accordion title="Human-controlled delivery">
    Cloudgeni produces reviewable output, not production deployment.
  </Accordion>

  <Accordion title="Least privilege">
    Cloud access is read-first by default. Azure Cost Management Reader is used only for actual
    billing summaries, not workload data. Git access is scoped to connected providers and selected
    repositories.
  </Accordion>

  <Accordion title="Bounded execution">
    Agent runs use task-specific tools, selected context, and execution limits.
  </Accordion>

  <Accordion title="Tenant scoping">
    Organization context is enforced through API, worker, storage, and audit paths.
  </Accordion>

  <Accordion title="Validation and traceability">
    Supported workflows run plan-style or static checks before output is finalized. Sessions, scans,
    credential usage, and security events are logged.
  </Accordion>
</AccordionGroup>

## Data And Credentials

Cloudgeni is a control-plane and IaC-plane product.

Cloudgeni needs infrastructure metadata, selected repository content, findings, prompts, generated
changes, and audit events.

Cloudgeni does not need application databases, runtime traffic, end-user app data, or production
secrets embedded in customer systems.

Deployment-grade credentials should stay in customer CI/CD. Cloudgeni can generate and validate the
proposed IaC; the final plan/apply or deploy step remains customer-controlled.

## Related Public References

<CardGroup cols={2}>
  <Card title="Infrastructure Agents Guide" icon="book" href="https://github.com/Cloudgeni-ai/infrastructure-agents-guide">
    Our open guide to designing, building, and operating infrastructure agents safely.
  </Card>

  <Card title="OpenGeni" icon="code-branch" href="https://github.com/Cloudgeni-ai/opengeni">
    A self-hostable managed agent service for long-running infrastructure work.
  </Card>

  <Card title="Connect Cloud Accounts" icon="cloud" href="/getting-started/connect-cloud-accounts">
    Provider setup paths and read-first cloud access guidance.
  </Card>

  <Card title="AI DevOps" icon="robot" href="/features/ai-devops">
    How interactive agent sessions work in the product.
  </Card>
</CardGroup>
