Aller au contenu
Toutes les entrées
par JG
devopsplatformai-agents

Ten minutes to a landing zone, then the paperwork won

Ten minutes to a landing zone, then the paperwork won: infrastructure fast, onboarding slow10mKYCquotaIAMbillingdeniedinfraonboardingreproducible infrastructure · irreproducible onboardingparked fornext sprint

The landing zone took ten minutes. Terraform, one `apply`, a clean GCP foundation — networking, projects, an IAM baseline, the lot. This is the part everyone warns you about, and it was boring, which is exactly what good infrastructure should be. Reproducible, versioned, gone in the length of a coffee.

Then the paperwork won. Enabling the Anthropic models on Vertex meant a KYC-and-marketing form — name, use case, the usual — and we had to fill it in three times, once per model. Three identical forms for three checkboxes. Grok asked once, for all of its models, and only the bare necessities. One of these onboarding flows respects your afternoon; the other does not.

The real wall came next. We wired our Claude Code auth to Vertex and ran a hello-world. It failed instantly — token quota exceeded on the very first call. No slow ramp, no throttle: not even a single-token request got through. A fresh project with a default quota of, effectively, zero.

Raising it is where it turned into farce. The fix is a quota-increase request — but as the organisation's root user you would be sending the approval to yourself, which the console will not let you do. The documented path is to create a service account first, and then have *it* file the request to *you*. Bootstrapping a second identity to ask yourself for permission, after hours, to run a hello-world.

We decided that was not worth the overtime. We parked it for a future sprint and went to the Biergarten. That is a real engineering decision, not a cop-out: the cost of forcing it through right then was higher than the value of a green hello-world that evening.

The lesson is the asymmetry. Infrastructure-as-code has made the technical part reproducible and fast — ten minutes, no drama. Provider onboarding, KYC, and IAM bootstrapping have not caught up; they are still manual, repetitive, and occasionally circular. Reproducible infrastructure is a solved problem. Reproducible *onboarding* is not. Until it is, knowing when to stop and hand it to a future sprint — and a cold one — is part of the job.