Skip to content

Review & Reflect

Now that you've built the capstone pipeline, take a step back to review what your agent did, compare its approach against best practices, and reflect on the strengths and limitations you observed throughout the workshop.

Overview

This is a discussion and reflection exercise — no new resources to deploy. You'll review the pipeline your agent built, identify what it did well versus where it needed guidance, and consolidate your key takeaways for using AI coding agents with AWS infrastructure.

What You'll Learn

  • How to critically evaluate agent-generated infrastructure
  • Common patterns where agents excel vs where they need human guidance
  • Key principles for effective agent-assisted AWS development

Instructions

Explore

Review the resources your agent created in the capstone exercise. Ask your agent to explain its design decisions, then compare against what you would have done manually.

Desired outcome: A clear understanding of your agent's strengths, where it needed correction, and a mental framework for when to trust agent output vs when to review carefully.

Info

Hint 1: Ask your agent to describe the architecture it built and explain why it made specific choices (IAM scoping, error handling approach, DLQ configuration).

Info

Hint 2: Look at the IAM role your agent created — is it least-privilege? Does it scope permissions to specific resource ARNs, or did it use wildcards?

Step-by-Step Walkthrough
  1. Ask your agent to review its own work:

Describe the architecture of the image processing pipeline you just built. What AWS resources did you create, how are they connected, and what design decisions did you make?

  1. Evaluate the IAM configuration:

Show me the IAM policy for the Lambda execution role. Is it following least-privilege principles? Are permissions scoped to specific resources or using wildcards?

  1. Check error handling completeness:

What happens if Rekognition is throttled? What if the DynamoDB write fails? Are there any failure modes that aren't handled by the current implementation?

  1. Compare approaches — reflect on these questions:

What the agent typically does well: - Wiring up event notifications with correct configuration - Creating Lambda functions with proper handler signatures - Setting up basic IAM roles with required service permissions - Generating boilerplate code quickly (handler structure, boto3 client calls) - Following basic naming conventions

Where agents typically need human guidance: - Scoping IAM to specific resource ARNs instead of wildcards - Configuring appropriate timeouts and memory for Lambda - Setting up comprehensive monitoring (alarms, dashboards, log metric filters) - Handling edge cases (concurrent executions, partial failures, retry behavior) - Cost optimization (right-sizing, reserved capacity decisions)

  1. Consolidate your takeaways by asking:

Based on everything we did today — documentation search, skills-based deployment, API tools, guardrails, troubleshooting, and this capstone — what are your top 3 recommendations for developers using AI coding agents with AWS?

Key Takeaways

After completing the workshop, keep these principles in mind:

When to let the agent lead

  • Boilerplate and wiring — event notifications, handler scaffolding, basic IAM roles
  • Discovery and exploration — searching documentation, checking service limits, listing resources
  • Iterative debugging — reading logs, inspecting configurations, suggesting fixes

When to guide the agent

  • Security boundaries — always review IAM policies for least-privilege and resource scoping
  • Architecture decisions — retry strategies, idempotency, failure modes
  • Cost implications — the agent doesn't see your bill; validate sizing and capacity choices
  • Production readiness — monitoring, alerting, and operational runbooks

The agent feedback loop

  1. Prompt clearly — high-level goals with explicit constraints (region, naming, existing resources)
  2. Review critically — check IAM, error handling, and resource configuration before testing
  3. Iterate quickly — use the agent to fix issues it introduced rather than starting over
  4. Encode guardrails — use rules files (Module 4) to prevent recurring issues automatically

Agent-Specific Tips

Ask Claude Code to self-critique its work:

Review the infrastructure you created in this workshop. If you were doing a code review, what would you flag for improvement?

Claude Code is particularly strong at explaining its reasoning when asked. Use this to understand trade-offs it considered silently.

Kiro's spec-driven approach is particularly powerful for capstone-style projects. In production, you would:

  1. Create a spec capturing the pipeline requirements
  2. Let Kiro generate the design and task breakdown
  3. Execute tasks incrementally with validation at each step

This structured approach catches issues earlier than a single-prompt deployment.

Cursor's strength is rapid iteration within files. For infrastructure review:

Open the Lambda function code and suggest improvements for error handling, logging, and performance.

Cursor excels at refining code once the initial architecture is in place.

Codex works well for generating alternative implementations. Try:

Show me an alternative approach to this pipeline using EventBridge instead of S3 notifications. What are the trade-offs?

This helps you understand architectural options the agent considered but didn't choose.