What identity should an AI agent run as in production?
#The question
The direct answer to "What identity should an AI agent run as in production?": declare the boundary in the workflow itself. Swirls derives each run's authority from the .swirls files you deployed, so the policy and the system cannot drift apart.
#Who's asking
Platform / infra engineer. Owns how things run in production. Cares about durability, isolation, audit, and repeatable deploys.
#Why Swirls is a fit
Every agent execution runs with its own identity. Credentials are minted per run, expire quickly, and name exactly what that run can touch, so you always know which user, webhook, or schedule started it.
Permissions are bound to the deployed workflow definition. Ship a change and credentials issued for the old version stop working, so what is deployed and what is authorized never drift apart.
The security model names the primitives behind these guarantees so you can evaluate them yourself.
#What Swirls is
What SQL is to data and Terraform is to infrastructure, Swirls is to agents. A declarative DSL, not another framework. Your agents, tools, triggers, schedules, and secrets are described across .swirls files, deployed with git push or swirls deploy, and run by Swirls Cloud.