Mutating actions are operations performed by generative AI that change the state of the users environment. For example, creating, editing, or deleting resources. While some mutating actions can be executed autonomously by generative AI, others require user authorization, especially when changes could be critical or having lasting consequences. The need for authorization depends on the type and potential impact of the change. For example, formatting text with a pre-authorized writing assistant might not require active user authorization, while deleting resources would.
Different kinds of actions require different levels of user authorization based on their potential impact and risk.
Simple authorization: For low-risk changes like adding tags.
Additional authorization: For actions with serious or irreversible consequences like deleting resources.
The human refers to the user interacting with the generative AI system. Keeping the human in the loop means users verify what the model is doing and approve its actions. Here's how users stay in the loop:
Initiate an action: The user asks AI to make an action on their behalf. AI confirms the action the user is requesting with a brief explanation of the action. The user then initiates the action with a button.
Execute an action: Select the authorization method that matches the risk level. Use simple authorization for low-risk changes. Require additional confirmation for serious or irreversible changes. Before execution, AI presents proposed changes and potential effects to the user. The user reviews the potential impact while the system clearly shows if changes are reversible or permanent. Show clear status indicators during the process and allow users to monitor progress.
Complete an action: Confirm changes were completed and provide detailed feedback on what changed. Record actions in audit trail when needed and show how to reverse changes if possible.
Before authorization, clearly communicate whether changes can be reversed, what happens if something goes wrong, and any long-term impacts of the change. Reversible actions like adding tags can proceed with simple authorization. Permanent actions like deleting resources require additional confirmation since they can’t be undone.
Clear communication maintains user trust throughout the authorization process. For successful changes, confirm completion, list all modifications made, outline any next steps, and show how to reverse changes when possible. When failures occur, explain what went wrong and why it happened, then provide specific steps to resolve the issue and offer alternative solutions.
Display status updates for each task during the authorization process. Use the steps as suggested in the progressive steps pattern.
When collecting authorization from a user, display the content in a dialog box .
Include a clear description of the proposed change, its potential consequences, a list of affected resources, and action buttons. Clearly explain what the AI will do and its potential positive and negative consequences. Use simple language that helps users make informed decisions.
Identify specific resources that will be affected. Include unique identifiers such as service names, ARNs, or instance IDs. Link directly to the resources when possible.
For actions with serious, irreversible, or cascading consequences, collect additional confirmation from the user.
Provide clear options for users to either proceed with the action or decline AI assistance and exit the flow. Button labels should match the intended action. For example, use Delete for deleting an S3 bucket.
When a user prompts generative AI to perform an action, the AI processes the prompt and responds with an acknowledgement and an explicit action button to initiate the action.
When AI needs user authorization to proceed with executing an action, you can select two levels of authorization based on the potential impact and risk to the user's environment.
Use when changes are low-risk and won't affect critical infrastructure. For example, when AI adds tags to resources.
I notice your EC2 instance i-1234abcd doesn't have proper cost allocation tags. Adding these tags would make it easier to track Atlas project costs. This can be easily reversed.
Would you like me to add the tags?
Once generative AI has completed an authorized action, confirm changes were completed and provide detailed feedback on what actions were completed.
When an authorized action fails, use the steps component to show which step has the error. Include details about the error using a popover or description text, and display specific steps needed to fix the error. For more prominent error notifications, use error alerts with action buttons. Refer to error state guidelines for more details.
Use sentence case, but continue to capitalize proper nouns and brand names correctly in context.
Use end punctuation, except in headers and buttons. Don’t use exclamation points.
Use present-tense verbs and active voice.
Don't use please, thank you, ellipsis (...), ampersand (&), e.g., i.e., or etc. in writing.
Avoid directional language.
For example: use previous not above, use following not below.
Use device-independent language.
For example: use choose or select not click.
Button labels should match the intended action. If the dialog box is to collect authorization for a “Delete S3 bucket” action, use Delete as the label.
List affected resources using their unique identifiers.
Format resource names in monospace font when showing exact IDs.
Use bullet points for multiple resources.
Update status indicator labels within each tree item to clearly show what happened. For example:
Original label: "User consent required".
After user declines: Change label to "User declined consent to delete objects".
Follow the guidelines on alternative text and Accessible Rich Internet Applications (ARIA) regions for each component.
Make sure to define ARIA labels aligned with the language context of your application.
Don't add unnecessary markup for roles and landmarks. Follow the guidelines for each component.
Provide keyboard functionality to all available content in a logical and predictable order. The flow of information should make sense.
