Building Trust in Autonomous Workflows

When AI agents act on behalf of advertisers managing millions in ad-spend, trust isn't optional—it's the product.

Our IAM systems at Amazon Ads handle identity and access for 1M+ advertisers. Every permission, every role binding, every audit trail exists because trust must be verifiable at scale. Now apply that to agents that make autonomous decisions in multi-step workflows.

The Session Service we're building addresses three critical dimensions: lifecycle management (how long can an agent act?), scoping (what can it access?), and revocation (how fast can we shut it down?).

From a product perspective, the challenge is designing for least-privilege without creating friction that kills adoption. At HealthKart, I learned that conversion optimization is about removing barriers while maintaining trust. The same principle applies to agent authorization: make the secure path the easy path.

Fine-grained authorization for LLM-driven actions requires a new mental model. Traditional RBAC was designed for humans clicking buttons. Agents operate at machine speed across service boundaries. Policy enforcement must be equally fast and equally expressive.

The companies that solve trust in autonomous workflows will unlock the next wave of enterprise AI adoption. The ones that don't will find their agents revoked, their customers churned, and their competitive moat eroded.

This is the product problem I wake up thinking about.