Agentic SRE Advanced By Samson Tanimawo, PhD Published Jun 26, 2026 5 min read

Two-Person Approval for High-Risk Agent Actions

Some actions should never be unilateral. The approval flow, the queue, the timeout policy, and the change-management story you can show your auditor.

Which actions require two-person approval

Irreversible actions: drop table, terminate instance, delete object, force push. Anything that cannot be undone within the same run.

High blast-radius actions: anything affecting more than one resource, anything affecting a critical path service, anything affecting customer data.

Cost-impact actions: anything that could change the bill by more than $X (the threshold is policy, usually $1000-$10000).

Agent proposes the action with structured output: what, why, blast radius, reversibility.

Proposal lands in an approval queue. Two distinct identities (humans or other agents) must approve before execution.

Approval is logged with reason. Rejection is logged with reason. Both are auditable.

A simple table: proposal_id, action, status (pending/approved/rejected/expired), approvers, timestamps. The queue is read by the approval UI.

Pending proposals expire after a timeout (typically 30 minutes for triage, longer for non-urgent).

Expired proposals are not auto-retried. They are reported to the team for review; expirations might mean understaffing or the proposal was wrong.

Every proposal, approval, rejection, and expiry is logged with timestamps, identities, and reasons.

The audit trail is immutable. The approval system writes to an append-only log. Modifications would themselves be audited.

The auditor can reconstruct any past action's approval chain in seconds. This is the test of a good audit story.

Same-person approval (one identity approving in two roles): trivial to detect; the system rejects.

Rubber-stamp approval: an approver who clicks yes on every proposal. Track per-approver approval rates; high rates without rejections are a flag.

Approval of bundles: "approve all 5 of these proposals at once." Each proposal is approved individually so the audit trail is meaningful.