free checklist

The 12 Things Your Agentic Config Needs Before It Touches IaC

If you can't tick every box, the agent is going to break something a code reviewer can't catch.

> get the PDF

One page. Free. Enter your email and download instantly.

You're in. Your checklist is ready to download.

Download PDF ↓

12 gates. If one is missing, you're one yes away from an incident.

  • 01
    Plan-before-apply enforcedA hook, not a prompt. Prompts get ignored under context pressure.
  • 02
    prevent_destroy on every stateful resourceState storage, databases, DNS zones. The only thing that fails the plan instead of scheduling a silent destroy.
  • 03
    Secrets in a vault; no agent read pathThe agent reads the variable name. The runtime reads the value.
  • 04
    Variable substitution verified by linterThe highest-impact silent failure found in practice. Invisible to syntax-only review.
  • 05
    Idempotency asserted, not declaredchanged_when on every system-touching task. "Probably won't change on re-run" is expensive.
  • 06
    Undefined-variable fallbacks fail closedDefault Jinja renders undefined to empty string. Set it to error instead.
  • 07
    Variable prefixes match role ownershipTwo roles with the same unprefixed name silently overwrite each other.
  • 08
    File modes validated against the runtime0701 looks safe. It blocks the container from writing. Silent failure the deploy calls success.
  • 09
    Template format-sensitivity respectedSome parsers reject valid templates if a comment header lands in the wrong position.
  • 10
    Exit codes propagate through wrappersOne un-propagated exit code makes the entire CI gate fraudulent.
  • 11
    Hooks fail closed, not openA hook that exits 0 on error costs you the assumption the gate ran.
  • 12
    The agent proposes; it does not applyThis rule subsumes the other eleven. Enforce at the credential boundary.

Every gate on this list came out of a real incident. Full write-up: 3.5 Months Training One AI Assistant.