InfiniteSolutions

Delivery Systems

Access, Audit, and Cost

Source: content/manual/03-ai-agents/chapters/06-access-audit-and-cost.md

Purpose and scope

Scope access to the minimum and track actions and spend.

Outcomes

Bot accounts with minimal scopes.
Centralized logs of actions and prompts.
Predictable token and infra spend.

Signals of trouble

Shared API keys and broad access.
Missing action logs in incidents.
Budget surprises from pilots.

Remediation steps

Issue bot identities; rotate secrets automatically.
Forward action logs to SIEM; alert on anomalies.
Track spend per workflow; enforce budgets.

Checklists and assets

playbooks/build-your-own-dev-agent/checklist.md access and audit.

References

Identity policies; cost dashboards.