AWS built a deploy mode for AI agents. Build the gates first.
CloudFormation's new express mode is made for agents: up to 4x faster, rollback off by default. What that says about where IaC is going in 2026.
On June 30, AWS shipped a deployment mode for CloudFormation and CDK that runs up to 4x faster (their internal benchmarks) and turns off rollback by default. The speed comes from returning as soon as resource configuration is applied, instead of waiting out stabilization. The announcement names its audience directly: “developers and AI agents building infrastructure.”
Vendors don’t build deploy modes for users who don’t exist. Agents are now a first-class audience for infrastructure tooling, and express mode tells you exactly how AWS expects them to work: deploy fast, fail fast, retry. The rest of this piece is about what that shift means if you run infrastructure for a living, because the tooling is arriving faster than the trust, and the gap between them is where the incidents live.
Agents arrived before the trust did
The 2026 edition of Firefly’s State of IaC survey carries the three numbers that describe this year. 44% of respondents run AI for infrastructure automation in production or pilots. Only 34% would trust an AI agent to make autonomous production changes. And 42% name missing guardrails as their number-one blocker. Vendor survey, undisclosed sample, so weight it accordingly; the shape still rings true. The capability shipped before the controls did, and practitioners know it.
I’m in that 44% at the day job. Claude Code runs against a live platform daily, driving changes across Terraform, ArgoCD, and AWS. What makes that survivable is the scaffolding around the model: an automated create-only gate that runs before any apply, an adversarial production-safety review, and a human approving every production-affecting change, with nothing reaching prod until it proves out in dev. The 34% who withhold autonomy are correct to, until they’ve built the equivalent gates. A model that writes excellent Terraform and a model that should be allowed to apply it are two different maturity questions, and only one of them is about the model.
Safety is relocating to the front of the deploy
Express mode trades away CloudFormation’s oldest safety behavior, and the interesting part is where AWS is putting safety instead. The same day, CloudFormation turned on pre-deployment validation for create and update operations by default, surfaced in CDK with construct-level tracing. An AWS Security Blog post from May walks through gating Terraform plans with OPA in CI/CD. AWS Labs shipped IAM Policy Autopilot in November 2025, an MCP server that drafts baseline IAM policies from application code inside AI coding assistants. The direction is coherent: validate earlier and deploy faster, with safety relocated from rollback to gates in front of the deploy.
That’s the correct architecture for agents, and it matches what running them teaches you. Rollback is safety designed for a human who deploys occasionally and needs the system to clean up a mistake. An agent iterating in a tight loop is better served by a wall it hits before anything applies. The gate also scales in a way review meetings don’t: it costs the same whether the proposer is an engineer or a model proposing forty times a day.
My advice on express mode specifically: use it in development, where the iteration speed is the point, and leave production on default mode, which is what AWS’s own documentation recommends. Rollback-off in production converts a bad deploy from an incident into a compounding one.
Discipline is the product now
AI collapsed the skill gap for producing infrastructure code. A solo founder can generate Terraform that reads like a platform team wrote it, and an agent will happily apply it. Meanwhile Firefly’s 2025 survey put IaC adoption at 89% of respondents and complete codification at 6%, with fewer than a third continuously monitoring drift. What still separates production-grade from plausible is everything that 6% measures: state discipline, drift detection, policy gates in the deploy path, and a human who reviews what changed. Those were always the expensive part of infrastructure as code. As of this year they’re the differentiating part, because the code itself stopped being scarce.
I’ll flag what the record doesn’t yet show: as of mid-2026 there’s early reporting on exposed vibe-coded apps, and nothing I’d cite as rigorous. The mechanism doesn’t need a citation anyway. Ungated write access to production never required AI to end badly; AI just increases the number of hands holding it.
The middle ground is settling as guardrails baked into the platform, so the discipline arrives ambiently instead of by hiring. Validation on by default is discipline nobody had to opt into. AWS’s CDK roadmap has listed native policy-as-code rule packs as an exploration since its February 2025 update, unrevised in the seventeen months since, so the working answer in CDK land is still cdk-nag, which gates this site’s own deploys in CI.
The toolchain kept moving underneath
Two 2026 developments matter for tool choices, and the rest of that debate hasn’t changed since I last wrote it up. HashiCorp archived CDK for Terraform on December 10, 2025, saying it “did not find product-market fit at scale”; teams writing CDKTF are now running on community time, on the Open Constructs Foundation’s CDK Terrain fork. And CDK itself is visibly part of AWS’s agent-era investment — express mode and construct-level validation tracing both landed in its toolchain this June, whatever the roadmap’s long silence suggests.
If you’re picking tools in 2026, pick boring ones and spend the saved attention where the surveys say almost nobody does: codify the estate you actually have, turn on drift detection, put a policy gate in the pipeline, and only then hand an agent credentials. Agents are about to multiply the rate of change your infrastructure absorbs. Teams that finished the codification job get to point that speed at a gated pipeline. Everyone else is choosing between declining the speed and absorbing the risk.
Questions this raises
- Should we turn on CloudFormation express mode?
- In development, yes; that iteration loop is what it's for, and the speedup is real (AWS claims up to 4x from internal benchmarks; the one independent test I've seen showed a small stack going from roughly a minute to ten seconds). In production, no. Express mode disables rollback by default, and AWS's own documentation recommends default mode for production. Rollback-off in prod converts a bad deploy from an incident into a compounding one.
- Should we let AI agents apply infrastructure changes?
- In development, yes. In production, only behind gates: policy checks that run before apply and scoped credentials, with a human approving anything production-affecting. That's how I run agentic tooling against a live platform daily. Firefly's 2026 survey found only 34% of practitioners would trust an agent with autonomous production changes, and I think the skeptics are correct until the gates exist. An ungated agent is an ordinary ungoverned deploy pipeline with more throughput.
- Is AWS CDK still worth adopting in 2026?
- For AWS-only teams that live in TypeScript or Python, yes. Don't confuse the death of CDK for Terraform (archived December 2025, community-forked as CDK Terrain) with the health of CDK itself: AWS shipped express mode and construct-level validation tracing for CDK in June 2026, which is real investment. If you're multi-cloud, or your organization already standardized on Terraform, use that instead.
Consulting
Dealing with this on your own infrastructure?
I take contract and consulting engagements on exactly this kind of work.