Enterprise teams are cautiously experimenting with AI agents to automate infrastructure code, but they're building in multiple layers of human control before letting these systems run unsupervised in production environments. Organizations in regulated industries like banking, fintech, and medical devices are discovering that while AI agents can accelerate repetitive coding tasks and catch bugs, they still hallucinate infrastructure details and require expert human review before deployment.

What Are Companies Actually Using AI Agents For in Infrastructure?

Several major organizations shared their real-world experiences with AI-assisted infrastructure as code (IaC) at industry conferences in May 2026. TD Bank presented a network automation project using Ansible Automation Platform with Microsoft's Copilot assistance that generated 12,850 lines of code to rebuild networks across 1,300 Canadian branch locations in 90 minutes each. The project saved 1,360 work hours, but Copilot accounted for only about 15 percent of the overall work, focused on low-risk, repetitive tasks like test generation.

EY's Global Tax Platform incorporated IBM Bob, an AI coding agent, for.NET code modernization, application development, and infrastructure code using HashiCorp Terraform. Christopher Aiken, principal of tax technology services at EY, explained the organization's approach to balancing automation with control.

"We do let Bob have a reasonable level of autonomy in making code changes. But of course, all that code goes through our pull request review process, where humans are always in the loop. So we're not putting any code into production that Bob has produced that hasn't gone through human review," Aiken said.

Christopher Aiken, Principal, Tax Technology Services at EY

A medical device company's DevOps team used Claude Code agents on OpenTofu infrastructure code over three months and found genuine productivity gains, but also discovered critical limitations. The AI agents fabricated infrastructure variables that didn't exist, variables that would have passed standard automated tests. They also struggled to distinguish between application and infrastructure code.

Where Are the Real Risks When AI Writes Infrastructure Code?

The dangers of unsupervised AI-generated infrastructure code extend beyond simple bugs. In highly regulated industries, compliance violations can be costly. Heinan Cabouly, DevOps team lead at the medical device company, noted that catching one AWS code bug probably prevented a painful production incident and a compliance finding. However, he emphasized a critical insight about the future of AI in infrastructure work.

"The question isn't whether AI will replace DevOps engineers. It's whether you understand your systems well enough to know when it's wrong. It will be wrong. And it won't tell you," Cabouly wrote.

Heinan Cabouly, DevOps Team Lead and Architect, Medical Device Company

This reality has shaped how organizations are implementing guardrails and oversight mechanisms. EY uses cloud provider guardrails within AWS to prevent infrastructure cost overruns and other quality issues. TD Bank's Drew Yates, vice president of infrastructure, network and data center, made clear the bank's cautious stance on future autonomy: "It's not open season. I'm not going to get it to do runtime playbooks. Having an AI agent to help make a determination about which path something should go, and then use the automation that we've already done, I think that makes a lot of sense".

How to Implement AI Agents for Infrastructure Code Safely

• Establish Coding Standards First: TD Bank spent significant time building a framework ensuring all code followed the same style before introducing Copilot. This allowed the AI agent to learn exactly how the organization wanted tests written, making it more reliable for repetitive tasks.
• Require Human Review for All Production Deployments: Every organization interviewed maintains mandatory human review through pull request processes before any AI-generated code reaches production, regardless of the AI agent's confidence level.
• Set Infrastructure Guardrails in Cloud Platforms: Use built-in controls from AWS, Azure, or other cloud providers to enforce cost limits, compliance policies, and resource constraints that the AI agent must follow.
• Train Teams to Validate Agent Reasoning: Engineers must understand their systems deeply enough to catch when AI agents are wrong, including fabricated variables and incorrect assumptions about infrastructure behavior.
• Start with Low-Risk, Repetitive Work: Begin AI agent adoption with test generation, module scaffolding, and validation rules rather than core system logic or runtime automation.

What's Changing in Data Integration With Agentic AI?

Beyond infrastructure code, IBM is extending agentic AI principles to data integration through IBM watsonx.data integration, now available in technology preview. This represents a broader shift in how enterprises approach AI-assisted work. In traditional data workflows, business users submit requests that wait one to four weeks for fulfillment. More than 90 percent of incoming data work lands on engineering teams, and nearly half of that time goes toward maintaining existing pipelines rather than building new ones.

Agentic data integration changes this dynamic fundamentally. A business user describes what they need in natural language, such as "Summarize monthly operating expenses by department," and the agent interprets that intent, identifies data sources, builds the pipeline, validates it against governance policies, and delivers a production-ready dataset in under three minutes instead of days or weeks.

This shift frees data engineers from reactive request handling to focus on designing scalable platforms, improving data quality, and building foundations that AI initiatives depend on. For business users like financial analysts and sales operations leaders, the change means insights arrive before decision windows close, not weeks after. IBM watsonx.data integration connects to more than 300 enterprise systems while maintaining built-in governance, lineage tracking, and human-in-the-loop controls that keep outputs trustworthy.

The common thread across both infrastructure code and data integration is clear: enterprises are embracing AI agents as productivity multipliers, but only within carefully constructed boundaries. The technology shows genuine promise for accelerating repetitive work and freeing skilled professionals for higher-value tasks. However, organizations across banking, healthcare, fintech, and consulting are united in one conviction: autonomous AI in production remains a future state, not today's reality. Until AI agents can reliably explain their reasoning and avoid fabricating critical details, human expertise remains the essential final checkpoint.