Annie can execute read-only cloud CLI commands against your live infrastructure during investigations and chat sessions. This complements the knowledge graph: the graph maps relationships and topology, while live queries verify live state in real time.
Live queries are enabled per credential from the credential list in your cloud integration settings. For each connected AWS role, AWS IAM user, GCP service account, or Azure credential, a toggle controls whether Annie can run live queries with it.
1
Connect your cloud account
Connect via the existing integrations: AWS (IAM Assume Role or IAM User), GCP (Service Account), or Azure (Service Principal or Workload Identity Federation).
2
Open your cloud integration settings
Go to Integrations and select the cloud provider (AWS, GCP, or Azure).
3
Enable the toggle
On the credentials list page, toggle “Read-Only Agentic Live Queries” for each credential you want to enable. This grants Annie permission to run allowlisted CLI commands using that specific credential.
4
Annie is ready
Annie uses the enabled credentials for live query operations during investigations and chat sessions. No restart or configuration reload needed.
You can enable live queries on some credentials and not others. For example, enable it on your production AWS role for incident investigation but leave it off on staging credentials.
Every CLI command Annie can execute is explicitly allowlisted. If a command is not on the allowlist, it is rejected.
Strict allowlisting: Only explicitly reviewed and approved commands can run. Unknown commands are blocked by default.
Read-only operations only: The allowlist includes only describe, list, get, and show commands. No create, update, delete, or terminate operations are permitted.
Pagination limits: Commands returning large datasets enforce pagination via --max-items or --top to prevent runaway queries and excessive costs.
Restricted utility flags: Tools like curl and dig have a strict subset of allowed flags. For example, curl can only access HTTPS URLs and cannot send custom headers.
Annie cannot modify your infrastructure through CLI commands. All access is strictly read-only. If a command isn’t on the allowlist, it’s rejected with a clear error and Annie falls back to the knowledge graph.
Every command goes through multiple validation checks before execution:
Validation
What It Checks
Example
Binary
The tool must have a registered validator
rm, chmod, wget → rejected
Command
The specific subcommand must be allowlisted
aws ec2 terminate-instances → rejected
Flags
Every flag must be explicitly permitted
curl -H "Authorization: ..." → rejected
URLs
Must be HTTPS, no internal/metadata endpoints
curl http://169.254.169.254/ → rejected
Pagination
Large-output commands must include limits
aws ec2 describe-instances without --max-items → enforced
How credentials work
Annie uses the cloud credentials you’ve already configured in Anyshift, only those with “Read-Only Agentic Live Queries” enabled. The same credentials used for infrastructure graph ingestion are reused for live queries.
Credential selection: When Annie runs a CLI command, she selects the appropriate credential set for the target account. With multiple enabled accounts (e.g., prod-aws, staging-gcp, azure-prod), she picks the one relevant to the investigation.
Secure injection: Credentials are injected server-side into the command execution environment. They are never exposed to the AI model, never logged, and never included in responses.
Per-execution az login with client secret via stdin
Azure
Workload Identity Federation (OIDC)
Per-execution az login with JWT federated token
When does Annie use live queries?
Annie uses cloud CLI commands when she needs information beyond what the knowledge graph snapshot provides.
Live state verification: During an RCA, Annie found EC2 instance i-0abc123 in the graph but runs aws ec2 describe-instance-status to confirm it’s still running and healthy, catching stale snapshots or recent changes.
Resource enumeration: For “How many Lambda functions do we have in production?”, Annie runs aws lambda list-functions for an accurate real-time count. CLI is often more direct than a graph query for counts and listings.
Operational diagnostics: Seeing connection timeouts in logs, Annie uses dig and curl to verify DNS resolution and endpoint reachability, useful when logs reference external dependencies or network issues.
Configuration verification: Investigating a flagged security group change, Annie runs aws ec2 describe-security-groups to compare current rules against what the graph recorded.
Load balancer health: On 5xx alerts from an ALB, Annie checks aws elbv2 describe-target-health for unhealthy targets and correlates with ECS task status via aws ecs describe-tasks, then traces the issue using the graph’s dependency map.
Azure metrics & monitoring: For a high-CPU Azure VM, Annie runs az monitor metrics list for latest values and az monitor metrics alert list to check firing alert rules.
Azure supports both Service Principal (client secret) and Workload Identity Federation (OIDC) authentication. Both work with live queries. See the Azure integration guide for setup.
Utility tools
Alongside cloud CLIs, Annie has access to utility tools for diagnostics and data processing:
Tool
Purpose
Example Use Case
curl
HTTP endpoint checks (HTTPS only, no custom headers)
Check if an API endpoint is reachable and responding
dig
DNS lookups and diagnostics
Verify DNS resolution for a service endpoint during connectivity issues
jq
JSON processing and filtering
Parse and filter complex CLI output
yq
YAML processing
Parse Kubernetes manifests or configuration files
base64
Encode/decode data
Decode base64-encoded configuration values
date
Date/time operations
Convert timestamps between formats during log analysis
