RIG-RAG: A GraphRAG Inspired Approach to Agentic Cloud Infrastructure

Modern cloud environments contain thousands of interdependent resources that frequently change, making them complex to monitor with traditional tools. This paper introduces Relational Inference GraphRAG (RIG-RAG), a pair of LLM-assisted inference pipelines that transform raw cloud configuration data into a security-enriched typed knowledge graph to support natural-language reasoning about deployed infrastructure. RIG-RAG enables organizations to execute natural language security queries against their cloud environments and to support the continuous validation of critical questions such as "What resources are publicly accessible?" or "Which identities can read from databases?". Our implementation, SkyShark IQ, processes queries in two modes: interactive mode for ad hoc user interaction, and oversight mode for periodically executed curated inquiries that monitor infrastructure drift. By extracting cloud resource configurations into a typed graph structure with inferred security relationships, SkyShark IQ allows security teams to reason over complex infrastructure through an intuitive conversational interface. Based on the current state of the deployed infrastructure, the system provides role-appropriate security insights, providing technical details to analysts, explaining implementation impacts to product owners, and presenting contextual risk summaries to business leaders. We deployed and evaluated our system in a production AWS environment that supports 300,000 users, demonstrating its ability to simplify complex infrastructure analysis, surface hidden security relationships, and provide verifiable, role-appropriate explanations that improve situational awareness and cross-team communication in operational security workflows.