Cloud Agents
On-demand and scheduled AI agents for Kubernetes analysis, cost optimization, security auditing, and remediation.
Cloud Agents are AI-powered workflows you launch on-demand or on a schedule from Nirmata Control Hub. Each agent runs as a short-lived job, executes a specific analysis or remediation task against a target cluster or resource, and produces a detailed report — with no persistent infrastructure required.
Unlike Service Agents, which run continuously inside your cluster, Cloud Agents are ephemeral: they spin up, do their work, and terminate. You get the results without any long-running footprint.
Use Cases
| Task | Example Agents |
|---|---|
| Cost optimization | Identify over-provisioned workloads, right-size resources, flag unused namespaces |
| Security auditing | Scan RBAC configuration, detect privilege escalation paths, audit image provenance |
| Compliance | Generate compliance reports mapped to CIS, NIST, or SOC 2 controls |
| Policy recommendations | Analyze cluster state and recommend Kyverno policies to apply |
| Workload troubleshooting | Diagnose failing pods, OOMKills, and misconfigured resource limits |
| Remediation | Apply approved fixes to policy violations across namespaces |
How They Work
- Select an agent from the Agent Catalog — each entry describes what the agent does, what inputs it needs, and what cluster permissions it requires.
- Provide inputs — choose a target cluster, namespace, or other parameters specific to the agent.
- Launch or schedule — run immediately, or configure a recurring schedule (hourly, daily, weekly, or custom cron).
- Review results — each completed run produces a structured report you can view, share, or download. Live logs are available for runs in progress.
Agent Types
| Type | Description |
|---|---|
| Workflow | Multi-step agents where steps execute sequentially or in parallel. Progress is visible step-by-step in real time. |
| Task | Single-operation agents that execute one focused function and return a report on completion. |
Trigger Sources
Runs can be initiated in multiple ways — not just manually:
| Source | Description |
|---|---|
| Manual | Launched directly from the Agent Catalog |
| Schedule | Triggered automatically by a configured recurring schedule |
| Copilot | Launched by the Nirmata Control Hub Copilot in response to a request |
| Webhook | Triggered by an external event (e.g., a GitHub PR or Jira issue) |
| Event | Triggered as a follow-on from another agent run |
Using Cloud Agents
Cloud Agents are managed from Agent Hub in Nirmata Control Hub.