Run Modes
Run modes control whether your agent asks for approval before taking actions or acts on its own. The key distinction is between Azure infrastructure operations (which have system-enforced approval gates) and other actions.
Run modes control the approval workflow — should the agent ask before acting? Permissions control resource access — can the agent reach this resource? Both must be satisfied for the agent to act on Azure infrastructure.
Two modes
| Mode | What happens | Best for |
|---|---|---|
| Review | Agent proposes an action, you approve or deny | Production systems, critical infrastructure |
| Autonomous | Agent executes immediately, reports what it did | Non-prod environments, trusted recurring tasks |
Review mode
The default for new agents. Your agent investigates, identifies a fix, and asks for your approval before executing Azure infrastructure operations (Azure CLI commands, ARM operations, Kubernetes commands).
What you'll see for Azure infrastructure actions:
I found that app-service-prod is running slowly due to high memory usage.
Proposed action: Restart App Service 'app-service-prod'
This may cause brief downtime (30-60 seconds).
[Approve] [Deny]
Click Approve to execute, Deny to stop. Only SRE Agent Administrators can approve.
Review mode shows Approve/Deny buttons only for Azure infrastructure operations. Other actions — like sending emails, posting to Teams, or querying external data sources — proceed based on the agent's reasoning and your response plan instructions. To add governance controls for these actions, use Hooks to enforce safety checks before or after specific tool calls.
Autonomous mode
Your agent investigates and executes actions without waiting for approval. Use this when you trust the agent to handle the situation.
What you'll see:
I found app-service-staging was running slowly.
Done: I've restarted app-service-staging. Memory usage is now normal.
Where to configure
Run modes are set per response plan and per scheduled task.
| Automation type | Default mode | Options |
|---|---|---|
| Incident response plan | Autonomous | Review, Autonomous |
| Scheduled task | Autonomous | Review, Autonomous |
Set the Agent autonomy level when creating or editing a response plan or task.
Agent-level default
Settings → Basics shows the agent's global mode. This is set at agent creation (defaults to Review) and serves as the fallback when no per-response-plan or per-task mode has been set.
Recommendations
| Scenario | Recommended mode |
|---|---|
| Production incidents | Review |
| Staging/dev incidents | Autonomous |
| Daily health checks | Autonomous |
| Cost and usage reports | Autonomous |
| Security alerts | Review |
Start with Review. Observe what the agent recommends for 2-4 weeks. When you find patterns you're always approving, switch those specific triggers to Autonomous.
Related
| Resource | Why it matters |
|---|---|
| Tutorial: Set up a response plan → | Create response plans and set the autonomy level |
| Scheduled Tasks → | Create recurring automated tasks with mode selection |
| Hooks → | Add governance controls for non-Azure actions |
| Agent Permissions → | What the agent can access on Azure resources |
| User Roles → | Who can approve actions and manage the agent |