“The AI Operator” - A headless, autonomous agent capable of diagnosing, troubleshooting, and fixing infrastructure issues without human intervention.

Status: Completed (Jan 22, 2026)

Tech Stack: AWS Fargate, Model Context Protocol (MCP), Python, Terraform, AWS Secrets Manager

📋 Project Overview

The Autonomous AWS SysAdmin Agent is a cutting-edge “Agentic” system designed to reside within your secure AWS VPC. Unlike traditional chatbots that require a human to type commands, this agent operates autonomously utilizing the Model Context Protocol (MCP) to interact with infrastructure tools.

It serves as a “Level 1” SysAdmin, capable of:

• Diagnosing server health issues (CPU/Memory spikes, Disk fullness).
• Analyzing complex log files (App logs, System logs) to find root causes.
• Remediating problems by executing safe commands via SSH.
• Reporting actions taken to human operators.

🎯 Business Value

• Operational Efficiency: Reduces “Mean Time To Recovery” (MTTR) by 90% by automating diagnosis.
• Cost Reduction: Eliminates the need for 24/7 L1 support shifts for routine monitoring.
• Security First: “Air-gapped” design ensures the LLM never sees raw credentials (managed via Secrets Manager).
• Scalability: Stateless Fargate deployment allows the agent to scale with the infrastructure.

🏗️ Architecture Overview

The architecture prioritizes security and autonomy. The agent runs inside a secure network perimeter and uses standardized protocols to reason about the system.

graph TD
    subgraph PI ["Public Internet"]
        User["Human Operator"] -->|"Overview/Audit"| Dashboard["Agent Dashboard"]
    end

    subgraph VPC ["AWS VPC (Secure Perimeter)"]
        subgraph CP ["Control Plane (Fargate)"]
            Agent["🤖 SysAdmin Agent Core"]
            Context["MCP Host / Context Manager"]
        end

        subgraph Sec ["Security Layer"]
            Secrets["AWS Secrets Manager"]
            IAM["IAM Roles (Least Privilege)"]
        end

        subgraph Infra ["Managed Infrastructure"]
            EC2_1["Server A (Web)"]
            EC2_2["Server B (App)"]
            EC2_3["Server C (DB)"]
        end
    end

    Agent -->|"1. Reason & Plan"| Context
    Agent -->|"2. Fetch Creds (Safe)"| Secrets
    Agent -->|"3. SSH / Execute Tools"| EC2_1
    Agent -->|"3. SSH / Execute Tools"| EC2_2

    style Agent fill:#f9f,stroke:#333,stroke-width:2px
    style Secrets fill:#fab,stroke:#333,stroke-width:2px

Key Components